Click here to Skip to main content
16,019,263 members
Home / Discussions / ASP.NET
   

ASP.NET

 
GeneralRe: How do I get my link to point to server and play a .WAV audio? Pin
samflex23-May-19 9:29
samflex23-May-19 9:29 
Questionbookmark Pin
Member 1441910022-May-19 4:00
Member 1441910022-May-19 4:00 
AnswerRe: bookmark Pin
User 418025428-May-19 10:37
User 418025428-May-19 10:37 
QuestionEmail Based OTP Verification for new user registration Pin
VIRENDRA TEMBHARE20-May-19 20:19
VIRENDRA TEMBHARE20-May-19 20:19 
AnswerRe: Email Based OTP Verification for new user registration Pin
Richard MacCutchan20-May-19 21:02
mveRichard MacCutchan20-May-19 21:02 
AnswerRe: Email Based OTP Verification for new user registration Pin
Richard Deeming21-May-19 0:37
mveRichard Deeming21-May-19 0:37 
QuestionCannot insert the value NULL into column 'Status_Id', table 'ITInventory.dbo.Workstations'; column does not allow nulls. INSERT fails. Pin
SuperJWP20-May-19 7:32
SuperJWP20-May-19 7:32 
AnswerRe: Cannot insert the value NULL into column 'Status_Id', table 'ITInventory.dbo.Workstations'; column does not allow nulls. INSERT fails. Pin
Richard Deeming20-May-19 8:43
mveRichard Deeming20-May-19 8:43 
Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

C#
using (SqlConnection con = new SqlConnection(@"Data Source=sh-jasonk\dev;Initial Catalog=ITInventory;Integrated Security=True"))
using (SqlCommand cmd = new SqlCommand(@"INSERT INTO [dbo].[Workstations]
(
    [Emp_Name],
    [Emp_Surname],
    [Department],
    [Company],
    [Hostname],
    [Wkst_Status],
    [Make],
    [Model],
    [SerialNumber],
    [ProductNumber],
    [Purch_Date],
    [WExpiry_Date],
    [Memory],
    [Processor],
    [HDD],
    [OS]
)
VALUES
(
    @Emp_Name,
    @Emp_Surname,
    @Department,
    @Company,
    @Hostname,
    @Wkst_Status,
    @Make,
    @Model,
    @SerialNumber,
    @ProductNumber,
    @Purch_Date,
    @WExpiry_Date,
    @Memory,
    @Processor,
    @HDD,
    @OS
)", con))
{
    cmd.Parameters.AddWithValue("@Emp_Name", txtName.Text);
    cmd.Parameters.AddWithValue("@Emp_Surname", txtSurname.Text);
    cmd.Parameters.AddWithValue("@Department", comboBox1.Text);
    cmd.Parameters.AddWithValue("@Company", comboBox2.Text);
    cmd.Parameters.AddWithValue("@Hostname", txtHostName.Text);
    cmd.Parameters.AddWithValue("@Wkst_Status", comboBox3.SelectedIndex);
    cmd.Parameters.AddWithValue("@Make", txtMake.Text);
    cmd.Parameters.AddWithValue("@Model", txtModel.Text);
    cmd.Parameters.AddWithValue("@SerialNumber", txtSN.Text);
    cmd.Parameters.AddWithValue("@ProductNumber", txtPN.Text);
    cmd.Parameters.AddWithValue("@Purch_Date", dateTimePicker1.Value);
    cmd.Parameters.AddWithValue("@WExpiry_Date", dateTimePicker1.Value);
    cmd.Parameters.AddWithValue("@Memory", txtMem.Text);
    cmd.Parameters.AddWithValue("@Processor", txtProc.Text);
    cmd.Parameters.AddWithValue("@HDD", txtHDD.Text);
    cmd.Parameters.AddWithValue("@OS", txtOS.Text);

    con.Open();
    cmd.ExecuteNonQuery();
}

Now it should be obvious what the problem is: you're not specifying a value for the required Status_Id column.

NB: Rather than hard-coding your connection string, look at storing it in the application configuration file instead:
Connection Strings and Configuration Files | Microsoft Docs[^]



"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer

QuestionAjax ToolKit File Upload CAN NOT upload AutoCAD files Pin
Member 1253746817-May-19 11:33
Member 1253746817-May-19 11:33 
AnswerRe: Ajax ToolKit File Upload CAN NOT upload AutoCAD files Pin
Richard Deeming21-May-19 0:39
mveRichard Deeming21-May-19 0:39 
Questionkeep web form drop down list from chagning Pin
dcof16-May-19 10:09
dcof16-May-19 10:09 
AnswerRe: keep web form drop down list from chagning Pin
User 418025428-May-19 10:41
User 418025428-May-19 10:41 
QuestionRedirecting a user (vb.net) Pin
Member 876166712-May-19 23:22
Member 876166712-May-19 23:22 
AnswerRe: Redirecting a user (vb.net) Pin
Richard Deeming13-May-19 8:02
mveRichard Deeming13-May-19 8:02 
GeneralRe: Redirecting a user (vb.net) Pin
Member 87616679-Jun-19 23:56
Member 87616679-Jun-19 23:56 
QuestionEncountering error 401 1 2148074254 while accessing the webservice in NLB environment Pin
vinod koti7-May-19 3:22
vinod koti7-May-19 3:22 
QuestionData Reader only producing one row of records. Any ideas why? Pin
samflex3-May-19 3:14
samflex3-May-19 3:14 
AnswerRe: Data Reader only producing one row of records. Any ideas why? Pin
Richard Deeming3-May-19 3:29
mveRichard Deeming3-May-19 3:29 
GeneralRe: Data Reader only producing one row of records. Any ideas why? Pin
samflex3-May-19 3:51
samflex3-May-19 3:51 
GeneralRe: Data Reader only producing one row of records. Any ideas why? Pin
Richard Deeming3-May-19 5:27
mveRichard Deeming3-May-19 5:27 
GeneralRe: Data Reader only producing one row of records. Any ideas why? Pin
samflex3-May-19 7:06
samflex3-May-19 7:06 
AnswerRe: Data Reader only producing one row of records. Any ideas why? Pin
jkirkerx3-May-19 9:18
professionaljkirkerx3-May-19 9:18 
GeneralRe: Data Reader only producing one row of records. Any ideas why? Pin
samflex3-May-19 9:51
samflex3-May-19 9:51 
GeneralRe: Data Reader only producing one row of records. Any ideas why? Pin
jkirkerx3-May-19 10:16
professionaljkirkerx3-May-19 10:16 
GeneralRe: Data Reader only producing one row of records. Any ideas why? Pin
jkirkerx3-May-19 10:34
professionaljkirkerx3-May-19 10:34 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.