Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How can I make a recursive query?

Posted on 2008-06-11
3
Medium Priority
?
305 Views
Last Modified: 2013-11-26
Hello everybody,

I finally could populate a combobox in VB.NET with data grabbed from a remote MySQL DB. The problem is that that data, only fills the combobox but doesn't store the query results in an array or anything. What I need to do now, is to validate the selected user with the DB, while making the password MD5 hashed. This MD5 encrypt is easy, but I don't know why I can't make the second query to fetch the password for the selected user in the combobox (making a last name, first name comparation).

Here's my code:
Private Sub comUsername_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles comUsername.TextChanged
        If comUsername.Text <> "" Then
            txtPassword.Enabled = True
            Dim user_full_name As String
 
            user_full_name = comUsername.Text
 
            SQL2 = "SELECT user_id FROM users WHERE 'user_last_name, user_name' = @user_full_name"
            myCommand.Connection = conn
            myCommand.CommandText = SQL2
 
            myAdapter.SelectCommand = myCommand
            myAdapter.Fill(myData)
 
            oReader = myCommand.ExecuteReader
 
            selected_user_id = oReader("user_id")
 
            MsgBox(selected_user_id)
 
            oReader.Close()
 
        Else
            txtPassword.Text = ""
            txtPassword.Enabled = False
        End If
    End Sub

Open in new window

0
Comment
Question by:Cesar Aracena
  • 2
3 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 1000 total points
ID: 21771342
>            SQL2 = "SELECT user_id FROM users WHERE 'user_last_name, user_name' = @user_full_name"

you might look for the CONCAT function:
            SQL2 = "SELECT user_id FROM users WHERE CONCAT(user_last_name, ' ' , user_name) = @user_full_name"

assuming lastname and username as separated by a space.
0
 
LVL 6

Author Comment

by:Cesar Aracena
ID: 21771398
Thanks! It was that. it also had a comma (plus space). Another thing that I found is how to propperly place the variable in the SELECT statement:

SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text & "'"

Thanks agian!
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 21771446
>Another thing that I found is how to propperly place the variable in the SELECT statement:
using that method is NOT properly done.
use either the MySqlParameter, or at least handle the single quote "issue":

SQL2 = "SELECT * FROM users WHERE concat(user_last_name,', ',user_name) = '" & comUsername.Text.Replace("'", "''") & "'"

using the MySqlParameter:
http://dotnetnuke.adefwebserver.com/MySQL/MySql5sample/tabid/289/Default.aspx
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question