Cesar Aracena
asked on
How can I make a recursive query?
Hello everybody,
I finally could populate a combobox in VB.NET with data grabbed from a remote MySQL DB. The problem is that that data, only fills the combobox but doesn't store the query results in an array or anything. What I need to do now, is to validate the selected user with the DB, while making the password MD5 hashed. This MD5 encrypt is easy, but I don't know why I can't make the second query to fetch the password for the selected user in the combobox (making a last name, first name comparation).
Here's my code:
I finally could populate a combobox in VB.NET with data grabbed from a remote MySQL DB. The problem is that that data, only fills the combobox but doesn't store the query results in an array or anything. What I need to do now, is to validate the selected user with the DB, while making the password MD5 hashed. This MD5 encrypt is easy, but I don't know why I can't make the second query to fetch the password for the selected user in the combobox (making a last name, first name comparation).
Here's my code:
Private Sub comUsername_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles comUsername.TextChanged
If comUsername.Text <> "" Then
txtPassword.Enabled = True
Dim user_full_name As String
user_full_name = comUsername.Text
SQL2 = "SELECT user_id FROM users WHERE 'user_last_name, user_name' = @user_full_name"
myCommand.Connection = conn
myCommand.CommandText = SQL2
myAdapter.SelectCommand = myCommand
myAdapter.Fill(myData)
oReader = myCommand.ExecuteReader
selected_user_id = oReader("user_id")
MsgBox(selected_user_id)
oReader.Close()
Else
txtPassword.Text = ""
txtPassword.Enabled = False
End If
End Sub
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
>Another thing that I found is how to propperly place the variable in the SELECT statement:
using that method is NOT properly done.
use either the MySqlParameter, or at least handle the single quote "issue":
SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text.Replace(" '", "''") & "'"
using the MySqlParameter:
http://dotnetnuke.adefwebserver.com/MySQL/MySql5sample/tabid/289/Default.aspx
using that method is NOT properly done.
use either the MySqlParameter, or at least handle the single quote "issue":
SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text.Replace("
using the MySqlParameter:
http://dotnetnuke.adefwebserver.com/MySQL/MySql5sample/tabid/289/Default.aspx
ASKER
SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text & "'"
Thanks agian!