|
falles01 wrote: Also the only reason I had to change everything to public was because I am using inheritance. I ahve decided against that now.
The two do not follow. Protected gives you things that are private, but visible in derived classes.
falles01 wrote: but I am concatenating C# with SQL so don't you use quotes so it knows what is C# code?
What I mean is, your final SQL will look like this:
where id ='323'
or something
The id should not be in quotes if it's a number, unless Access is different in that regard. I'm talking about the ' in your generated string, not the quotes around the static strings.
falles01 wrote: It has seemed that for my insert statements it only works when I use.Tostring which to me is strange.
You may have to use ToString to get a string when yuo're building the SQL, which is a string. Howver, if you concatenate a string and an int, the int should go tostring by itself.,
falles01 wrote: I am not on contracted work, I am a permanent worker who has been given the opportunity to learn C#.
I just read back on your older thread, so I get your situation now. Did you try getting the SQL out of the debugger and pasting it into Access ? Also, what does your data access code look like ?
Ideally, you'd have all your data access via stored procs, and seperated into a dll. For now, I'd recommend you create a class whose sole job is to manage any database calls, and put any data access in there. Make it static, and just call the methods to run the SQL, so in this instance, the method would take two params ( the name and the id ). you can then add methods to 'sanitise' your input against SQL injection attacks, but even if yuo don't, it makes sense to centralise your SQL, not least so you can reuse it if need be.
Christian Graus - Microsoft MVP - C++
"I am working on a project that will convert a FORTRAN code to corresponding C++ code.I am not aware of FORTRAN syntax" ( spotted in the C++/CLI forum )
|
|
|
|
|
falles01 wrote: but I am concatenating C# with SQL so don't you use quotes so it knows what is C# code?
No. The SQL String you built using this code is:
UPDATE employees SET Fullname = 'someTextBoxValue' Where EmployeeID = 'someIdValue'
Because of the single quotes around the IDValue, you've told SQL to treat it as a string. So, is this value a string in your table or are you telling SQL to find a string value in a numeric column?
You really need to translate this code into an SQL parameterized query. That way, you don't make the mistake of quoting numbers or haveing a user enter a quote in a textbox, then having that screw up your concatentated string, thereby making an invalid SQL statement.
|
|
|
|
|
Well, apart from the SQL Injection vulnerabilities... try using SQL Parameters:
conn = new SqlConnection("Server=yourServer; DataBase=yourDatabase; /*stick the rest of your connection info in here*/);
SqlCommand cmd = new SqlCommand("SET Fullname = @Fullanme WHERE EmployeeID = @EmployeeID;", conn);
SqlParameter param1 = new SqlParameter();
param1.ParameterName = "@Fullname";
param.Value = textBox1.Text;
cmd.Paramaters.Add(param1);
SqlParameter param2 = new SqlParameter();
param2.ParameterName = "@employeeID";
param2.Value = employeeComboBox.Value;
cmd.Paramaters.Add(param2);
conn.Open();
conn.Execute.....
"It was the day before today.... I remember it like it was yesterday."
-Moleman
|
|
|
|
|
|
*grin* I've told her that three times now. I suspect she's completely overwhelmed by being given a task that she was not hired for, so I'm recommending she create a data layer that she can easily work through to fix the injection stuff later, if she chooses not to do it now.
Christian Graus - Microsoft MVP - C++
"I am working on a project that will convert a FORTRAN code to corresponding C++ code.I am not aware of FORTRAN syntax" ( spotted in the C++/CLI forum )
|
|
|
|
|
Okay okay..I will read up on injection attacks. I just wanted to get this working first as I only have a few days to cmplete this before they may possibly ask me to go back to my previous job.
I am hoping they will give me an extension because I would obviously want to make it as safe as possible. at the moment I am only using dummy data in the database.
Thanks;P
|
|
|
|
|
If you need to impress by a deadline, I'd say get features in there, and add comments about your intention to move to a better data layer, so that you're covered if someone looks at it later, but you focus on progress that will impress and get you your extension.
This is no way to write software, but that's not your fault, obviously.
Christian Graus - Microsoft MVP - C++
"I am working on a project that will convert a FORTRAN code to corresponding C++ code.I am not aware of FORTRAN syntax" ( spotted in the C++/CLI forum )
|
|
|
|
|
My sql update query now works correctly. I asked for more help around me and worked out some things for myself.
I found that if I put the code for the save button at the bottom of the page it works exactly the same way.
Strange.
|
|
|
|
|
This query is really good in one way. It can clean the database in just one shot.
P.S.: I actually indicated about the vulnerability of SQL Injection that this query is bearing on it.
|
|
|
|
|
Thanks for adding that, there was a danger that she missed the three people who told her already...
Christian Graus - Microsoft MVP - C++
"I am working on a project that will convert a FORTRAN code to corresponding C++ code.I am not aware of FORTRAN syntax" ( spotted in the C++/CLI forum )
|
|
|
|
|
from where i can get
office add-on for Visual Studio.Net 2003 ?
|
|
|
|
|
|
Hi,
How can I modify the text displayed in a webbrowser control, e.g. highlight it, or make it bold? I know I can access it using the documenttext property but how can i modify it?
Also, what are the licence terms for webbrowser control 2.0? I mean if i build an application using it, can i redistribute it or would I have to inform MS?
Thanks,
Ahmad
|
|
|
|
|
Look into the Document property of the WebBrowser control which returns a HTMLDocument[^].
All the controls provided by the .NET framework are free for you to use. You could code from your favorite text editor and use the command line c-sharp compiler and never have to buy a license to anything other than the operating system your using to compile on.
|
|
|
|
|
Hi all
I have a sub that writes to a textbox in the code. I want to change it so it just returns as a string so i can use it over again for other stuff in the program
the current code is this
private void Readlog(string path)<br />
{<br />
StreamReader SR;<br />
string S;<br />
SR = File.OpenText(path);<br />
S = SR.ReadLine();<br />
while (S != null)<br />
{<br />
if (S != null)<br />
{<br />
S = S + "\r\n";<br />
}<br />
textBox1.AppendText(S);<br />
S = SR.ReadLine();<br />
}<br />
SR.Close();<br />
}
what i want to do is change it to something like
private string Readlog(string path)<br />
{<br />
string temp;<br />
StreamReader SR;<br />
string S ;<br />
SR = File.OpenText(path);<br />
S = SR.ReadLine();<br />
temp =s<br />
while (S != null)<br />
{<br />
if (S != null)<br />
{<br />
S = S + "\r\n";<br />
}<br />
temp = temp +S;<br />
S = SR.ReadLine();<br />
}<br />
SR.Close();<br />
return temp;<br />
}
The problem is that it always returns a null or just one line of text and i know its probably somthing right in front of me but I can't seem to figure out what it is
the idea is that i can use it in something like textbox1.text = readlog(c:\test)
or
<br />
Foreach something in something<br />
{<br />
writelog(merge.txt,readlog(something.filename);<br />
}<br />
<br />
Thanks for pointing me in the right direction
|
|
|
|
|
C# is case sensative on variable names, so your use of s and S were a problem. Also having an IF statement to check for null inside your while statement that is calready checking for null makes no sense. But I guess you want to make sure that it's not null.
Here's my cleanup of your code. I also ignored empty strings, but if you want to keep those, then change the while comparison to be while(temp != null)
private string Readlog(string path)
{
string returnValue = string.Empty;
using (StreamReader sr = File.OpenText(path))
{
string temp = sr.ReadLine();
while (!string.IsNullOrEmpty(temp))
{
returnValue += temp + "\r\n";
temp = sr.ReadLine();
}
sr.Close();
}
return returnValue;
}
-- modified at 17:44 Thursday 23rd August, 2007
|
|
|
|
|
BLAH!!!!
I cannot believe I totally missed the string concat inside a loop. Someone please pass me a gun now.
FIXED version
private string Readlog(string path)
{
StringBuilder sb = new StringBuilder();
using (StreamReader sr = File.OpenText(path))
{
string temp = sr.ReadLine();
while (!string.IsNullOrEmpty(temp))
{
sb.AppendLine(temp);
temp = sr.ReadLine();
}
sr.Close();
}
return sb.ToString();
}
|
|
|
|
|
Thanks for all your help
I really appreciate the string.isnullorempty(temp) In are application it doesn't matter because we are joining together .csv files
but if you were to use it for say a text file or something if there was a empty space it would stop at the dump out of the loop.
again I really appreciate it thanks
|
|
|
|
|
Actually, it doesn't dump out of the loop if there's a space, it just doesn't append it to the output string. The while loop will continue to process until EOF is reached on the file. If you wanted it to stop the loop if an emptry string were to occur, you would need to add a break; statement in there.
-- modified at 19:02 Thursday 23rd August, 2007
BTW, I am zerosity, just had to change the username for the forums as I never did that when I registered way back in time.
|
|
|
|
|
Hi all!
First I would like to say, if it wasn't for the codeproject at all, I would't know C#. My question is the following, i've been trying to figure it out forever!
I have an application, which launches a thread, there is a keyboard hook present in the thread, when the thread receives a keypress, and it matches the criteria, the thread launches another thread and aborts. The problem with this is that the memory that the thread used is not cleaned, is there a way to dispose a thread or something, completely free up all memory it used? because the problem is that after a few keycombinations, there is a huge memory load that is totally worthless, i read somewhere about appdomains, but couldn't get them to work.
Can somebody help?
Kind Regards,
Nick Verlinden
Nick Verlinden
c#-Lover
|
|
|
|
|
verlinden.nick@telenet.be wrote: The problem with this is that the memory that the thread used is not cleaned
First of all, are you sure about this? What are you using to measure memory usage? If it's just the Task Manager, chances are you're not looking at the right data. Use a memory profiler, such as the free CLR Profiler or the commercial ANTS profiler.
Now, if you're certain memory keeps building, that means something is keeping your thread alive. Something with a reference to that thread, perhaps? The only way to tell is look at the live objects -- again you'll need a profiler for this -- and see what's still alive that doesn't need to be.
Another possibility is, the .NET garbage collector simply hasn't run and cleaned up the memory used by the thread. You can force a garbage collection just to test this theory: call GC.Collect() to force one.
A final note: it's preferred to use the .NET thread pool instead of creating threads yourself. This way, existing threads are reused instead of being created over an over again. You can use the thread pool using the System.Threading.ThreadPool class.
|
|
|
|
|
Just to add some more information.
I'm not sure what you're doing with these threads, but if it's executing unmanaged code while you abort the thread, the thread will not abort until the unmanaged code has completed. A ThreadAbortException will be raised during any attempt during an abort.
|
|
|
|
|
Yes, unmanaged code is running, hook to keyboard, but normally, the hooks should be ended before aborting. I tried several programming methods, but this is the only one working for me. I'm talking about a thread launching another thread and killing itself. This is because the threads are on different desktops.
Thanks for the reply,
Kind Regards,
Nick Verlinden
|
|
|
|
|
Dag Nick,
I have several comments/questions:
1.
It seldom is a good idea to abort a thread; you typically don't know what state it is
in, what resources it may be holding, etc, so you may cause deadlocks and memory
leaks. The preferred way is to have the thread cooperate on its own termination by
regularly checking some flag, or something like that.
2.
I don't see the logic in creating a new thread and aborting another one at the same
time. It you find a way around this, I expect your code will be simpler and not have
the (presumed) memory problem at all.
3.
I am not sure I understand your "when the thread receives a keypress": GUI events
get handled by the GUI thread, normally that is the main or initial thread.
So how can another thread get hold of those KeyPress events ?
In summary, you may have to rework the threading situation; if more help is
wanted I would suggest you provide a more detailed description (+ some code) of your
set-up.
Luc Pattyn [Forum Guidelines] [My Articles]
this weeks tips:
- make Visual display line numbers: Tools/Options/TextEditor/...
- show exceptions with ToString() to see all information
- before you ask a question here, search CodeProject, then Google
|
|
|
|
|
Hi Luc,
Thanks for the reply. To answer a few of your questions, i tried several programming techniques, but this is the only way I can get it done, after a month of trial and error. The means why i program it that way, meaning the thread launching another thread and aborting itself, is becasue the threads run on different desktops. I also need global keyboard hooks, but they should be unhooked before the thread receives an abort.
Kind regards,
Nick verlinden
|
|
|
|
|