Solved

How can I make a recursive query?

Posted on 2008-06-11
3
300 Views
Last Modified: 2013-11-26
Hello everybody,

I finally could populate a combobox in VB.NET with data grabbed from a remote MySQL DB. The problem is that that data, only fills the combobox but doesn't store the query results in an array or anything. What I need to do now, is to validate the selected user with the DB, while making the password MD5 hashed. This MD5 encrypt is easy, but I don't know why I can't make the second query to fetch the password for the selected user in the combobox (making a last name, first name comparation).

Here's my code:
Private Sub comUsername_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles comUsername.TextChanged
        If comUsername.Text <> "" Then
            txtPassword.Enabled = True
            Dim user_full_name As String
 
            user_full_name = comUsername.Text
 
            SQL2 = "SELECT user_id FROM users WHERE 'user_last_name, user_name' = @user_full_name"
            myCommand.Connection = conn
            myCommand.CommandText = SQL2
 
            myAdapter.SelectCommand = myCommand
            myAdapter.Fill(myData)
 
            oReader = myCommand.ExecuteReader
 
            selected_user_id = oReader("user_id")
 
            MsgBox(selected_user_id)
 
            oReader.Close()
 
        Else
            txtPassword.Text = ""
            txtPassword.Enabled = False
        End If
    End Sub

Open in new window

0
Comment
Question by:Cesar Aracena
  • 2
3 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 250 total points
ID: 21771342
>            SQL2 = "SELECT user_id FROM users WHERE 'user_last_name, user_name' = @user_full_name"

you might look for the CONCAT function:
            SQL2 = "SELECT user_id FROM users WHERE CONCAT(user_last_name, ' ' , user_name) = @user_full_name"

assuming lastname and username as separated by a space.
0
 
LVL 6

Author Comment

by:Cesar Aracena
ID: 21771398
Thanks! It was that. it also had a comma (plus space). Another thing that I found is how to propperly place the variable in the SELECT statement:

SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text & "'"

Thanks agian!
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 21771446
>Another thing that I found is how to propperly place the variable in the SELECT statement:
using that method is NOT properly done.
use either the MySqlParameter, or at least handle the single quote "issue":

SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text.Replace("'", "''") & "'"

using the MySqlParameter:
http://dotnetnuke.adefwebserver.com/MySQL/MySql5sample/tabid/289/Default.aspx
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
The ECB site provides FX rates for major currencies since its inception in 1999 in the form of an XML feed. The files have the following format (reducted for brevity) (CODE) There are three files available HERE (http://www.ecb.europa.eu/stats/exch…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question