1

I want to add(delete) selected items in listbox from Form1 into sql server.I have three Forms.Wenn I click add button in Form1, Form2 opens and a textbox and save button appear to add the data.It calls from textbox in Form1.The code doesn't give error but nothing happens in database. I can't see the problem.The code is below.

FORM1:

SqlConnection baglan = new SqlConnection(@"Server=10.34.16.219; Database=envanter; User ID=envanter; Password=Er112233;");
SqlCommand cmd = new SqlCommand();

public void button1_Click(object sender, EventArgs e)  //from db
{
    try
    {
        baglan.Open();
        cmd.Connection = baglan;
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = @"SELECT @textBox1 FROM Ana";
        cmd.Parameters.AddWithValue("@textBox1", textBox1.Text);
        cmd.ExecuteNonQuery();
        baglan.Close();
    }
    catch (SqlException exc)
    {
        MessageBox.Show(exc.Message.ToString(), "Error Message");
    }

    Form2 f2 = new Form2();
    f2.Show();
    this.Visible = false;                                                                  
}

FORM2:

SqlConnection baglan = new SqlConnection(@"Server=10.34.16.219;                   Database=envanter; User ID=envanter; Password=Er112233;");
SqlCommand cmd = new SqlCommand();

private void button1_Click(object sender, EventArgs e) //add
{
   try
   {
       baglan.Open();
       cmd.Connection = baglan;
       cmd.CommandType = CommandType.Text;
       cmd.CommandText = @"INSERT INTO Ana(f1.textBox1.Text) VALUES(@p1)";
       cmd.Parameters.AddWithValue("@p1", textBox1.Text);
       MessageBox.Show("Inserted");
       baglan.Close();    
   }
   catch (Exception)
   {
       baglan.Close();
       MessageBox.Show("Kayıt yapılmış!");
   }
   finally
   {
       Form2_Load(sender, e);
   }       

   Form1 f1 = new Form1();
   f1.Show();
   this.Hide();
}
Improve this question
1
  • 1
    Once you've set up your INSERT statement as cmd, you also need to execute that statement! Run cmd.ExecuteNonQuery(); after adding the parameter value (but before showing the MessageBox) to actually run that SQL ! Commented Feb 18, 2014 at 15:30

2 Answers 2

Reset to default
2

You can't parameterize your columns. You can parameterize only your values.

That's why you can't write;

cmd.CommandText = @"SELECT @textBox1 FROM Ana";
cmd.Parameters.AddWithValue("@textBox1", textBox1.Text);

Actually you can, this is a valid syntax for C#, but it is not a valid SQL. If you really parameterize your columns, take a look dynamic SQL.

And you didn't execute your SqlCommand in your Form2.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

There is no call to ExecuteNonQuery in Form2. However, as @SonerGönül also stated in his answer, running the command will lead to other errors as you cannot directly include the textbox in the string. You'd have to change the query to:

cmd.CommandText = @"INSERT INTO Ana(" + f1.textBox1.Text + ") VALUES(@p1)";

Please note that you have to be absolutely sure that the TextBox does not contain dangerous SQL contents as this might lead to SQL injection attacks. You should rethink whether you need to identify the column dynamically.

Improve this answer

2 Comments

Although I have identified F2 in F1.This gives the error: "Cannot use local variable 'f1' before it is declared.The declaration of the local variable hides the field." public partial class Form1 : Form { public Form2 f2; public Form3 f3; public Form1() { InitializeComponent(); f2 = new Form2(); f3 = new Form3(); f2.f1 = this; f3.f1 = this; } public partial class Form2 : Form { public Form1 f1; }
@user3318923: At the end of your button1_Click method in Form2, you declare a local variable f1 in this line: Form1 f1 = new Form1();. This hides the already present variable f1 on class level. I suspect that you can remove the line Form1 f1 = new Form1(); safely because you've already got f1 on class level.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.