Click here to Skip to main content
15,121,414 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I am trying make an application which when installed in other system, has to collect details and send to my SQL server.

In SQL Server, I have made all columns as varchar(70).
I thought the problem was with datatypes, so I decided to remove OSInstallDate and  
LastBootUpTime in the below code and check. But still other data are not being inserted.
There is no problem with sql connection as I have checked it already.

If there's any other way of collecting all these data and sending to my database, I would be interested.


What I have tried:

C#
SelectQuery Sq1 = new SelectQuery("Win32_OperatingSystem");
                ManagementObjectSearcher objOSDetails1 = new ManagementObjectSearcher(Sq1);
                foreach (ManagementObject mo1 in objOSDetails1.Get())
                {
                    OperatingSystem = mo1["caption"].ToString();
                    ServicePack = mo1["csdversion"].ToString();
                    OSVersion = mo1["version"].ToString();
                    OSArchitecture = mo1["OSArchitecture"].ToString();
                   OSSno = mo1["serialnumber"].ToString();
                   OSInstallDate = mo1["InstallDate"].ToString();
                    OSDescription = mo1["Description"].ToString();
                    LastBootUpTime = mo1["LastBootUpTime"].ToString();
                    SPMajorVersion = mo1["ServicePackMajorVersion"].ToString();
                    RegUser = mo1["RegisteredUser"].ToString();
                    OSStatus = mo1["status"].ToString();
                }
                cmd1 = new SqlCommand("INSERT INTO [dbo].[OSInfo]([LastUpdatedOn],[IPAddress],[OperatingSystem],[ServicePack],[OSVersion],[OSArchitecture],[OSSno],[OSInstallDate],[Description],[LastBootUpTime],[SPMajorVersion],[RegUser],[OSStatus]) VALUES (getdate(),'" + IPA + "','" + OperatingSystem + "','" + ServicePack + "','" + OSVersion + "','" + OSArchitecture + "','" + OSSno + "','" + OSInstallDate + "','" + OSDescription + "','" + LastBootUpTime + "','" + SPMajorVersion + "','" + RegUser + "','" + OSStatus + "')", con);
                
                int numrows1 = cmd1.ExecuteNonQuery();
Posted
Updated 1-May-18 20:30pm

You are executing the command outside of foreach loop so only the last record will be saved in the database. If you want to save all the records, you might want to put the command execution inside the loop.
   
Comments
Member 13714562 2-May-18 1:27am
   
I tried that one too. But it's not being inserted.
lw@zi 2-May-18 1:30am
   
Are you getting any exceptions? If yes, update the question with that detail. If not, trace the exact query executed on the database using SQL profiler and see if there are any issues there
Member 13714562 2-May-18 1:38am
   
No exceptions. I will now try using SQL profiler and see.
Rajat-Indiandotnet 2-May-18 9:43am
   
What came in Profiler?
Member 13714562 3-May-18 5:48am
   
Actually, there was no need of using Profiler at all. I had made a silly mistake of giving wrong datatype for one of the column in my table. Now it's working fine.
C#
cmd1 = new SqlCommand("INSERT INTO [dbo].[OSInfo]([LastUpdatedOn],[IPAddress],[OperatingSystem],[ServicePack],[OSVersion],[OSArchitecture],[OSSno],[OSInstallDate],[Description],[LastBootUpTime],[SPMajorVersion],[RegUser],[OSStatus]) VALUES (getdate(),'" + IPA + "','" + OperatingSystem + "','" + ServicePack + "','" + OSVersion + "','" + OSArchitecture + "','" + OSSno + "','" + OSInstallDate + "','" + OSDescription + "','" + LastBootUpTime + "','" + SPMajorVersion + "','" + RegUser + "','" + OSStatus + "')", con);

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
   
Comments
Member 13714562 2-May-18 1:40am
   
Ya, I know this not a good way of coding. But I first thought of solving the main problem of inserting data and looking into this matter later.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900