2

Here's my code which gives error, the query returns value for the particular item.

Also in the database side the query return rows even I have put condition that if reader has rows then only assign it to a variable but still it throws an error eg. 

dqty = sqlreader("qty")

Code:

Private Function checkquantity(ByVal code As String, ByVal quan As Integer) As Boolean
    sqlcommand.CommandText = "select sum(qty) as qty from pos_stock_balance where item_code='" & code & "'"
    sqlcommand.Connection = AppsCon
    sqlreader = sqlcommand.ExecuteReader
    If sqlreader.HasRows Then

        dqty = sqlreader("qty")
        sqlreader.Close()

    Else
        sqlreader.Close()
    End If
    If quan > dqty Then
        Return False
    Else
        Return True

    End If
End Function
Improve this question

2 Answers 2

Reset to default
7

It is because you are directly accessing the data without reading it, Try this,

If sqlreader.HasRows Then
      If sqlreader.read()
        dqty = sqlreader("qty")
        sqlreader.Close()
       End If
Else
       sqlreader.Close()
End If

Reference

Cleaned version of your code,

Private Function checkquantity _
(ByVal code As String, ByVal quan As Integer) As Boolean

    try

    sqlcommand.CommandText = "select" _
    & "sum(qty) as qty from pos_stock_balance where item_code='" & code & "'"

    sqlcommand.Connection = AppsCon
    sqlreader = sqlcommand.ExecuteReader

    If sqlreader.read() Then
         dqty = sqlreader("qty")
    End If

    If quan > dqty Then
        Return False
    Else
        Return True
    End If

    Finally
       sqlreader.Close()
    End try

End Function

Although i cleaned your code, Your code is still vulnerable to sql injection. Try to use parameterised queries to avoid that

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

@Ric Catch is optional.
Fair enough, thought you may want to do something should en exception get raised. Nevermind.
@Rajaprabhu Aravindasamy :could you tell me in detail difference between sqlreader.hasrows and sqlreader.read
@vimalvasudevan I hope this link will clarify you doubt. forums.asp.net/t/1175522.aspx
Thank you, this is what I needed to insert the record.
2

If you are simply returning a scalar value use:

dqty = CType(sqlcommand.ExecuteScalar(), Integer)
...
If quan > dqty Then
    Return False
Else
    Return True    
End If

This returns an object which can be casted to the necessary type allowing your comparisons at the end of the code to continue as normal without the need for a SqlDataReader at all. But beware that as your sql is not wrapped in an ISNULL(), the value returned could be null in which case you may wish to check for this. As a further note, use parameterized queries!

Improve this answer

1 Comment

i saw your answer now.i had already voted for that answer and after that yours i got update now..well both answers satifsy my question and well yours allows me to remove unnecessary declarations and code..well its a matter of choice...i cant mark both as answers right ric.. well thanks for the support answer dear....

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.