2

Im new to c# here. I have a comboBox codes that enable user to choose month and dates. When user click cmdSend button, the program will retrieve the month & date form comboBox and call dbConnect.Select class function to do the select mysql statement. 

private void cmdSend_Click(object sender, System.EventArgs e)
    {
        List<string>[] list;
        list = dbConnect.Select(month_list.Text, year_list.Text);

        printer_info.Rows.Clear();
        for (int i = 0; i < list[0].Count; i++)
        {
            int number = printer_info.Rows.Add();
            printer_info.Rows[number].Cells[0].Value = list[0][i];
            printer_info.Rows[number].Cells[1].Value = list[1][i];
            printer_info.Rows[number].Cells[2].Value = list[2][i];
            printer_info.Rows[number].Cells[3].Value = list[3][i];
        }
    }

the retrieve database class: 

public List<string>[] Select(string month,string year)
    {
        string query = "SELECT * FROM page_counter where month ='" + month + "' AND year ='" + year + "' ;";

        //Create a list to store the result
        List<string>[] list = new List<string>[4];
        list[0] = new List<string>();
        list[1] = new List<string>();
        list[2] = new List<string>();
        list[3] = new List<string>();

        //Open connection
        if (this.OpenConnection() == true)
        {
            //Create Command
            MySqlCommand cmd = new MySqlCommand(query, connection);
            //Create a data reader and Execute the command
            MySqlDataReader dataReader = cmd.ExecuteReader();

            //Read the data and store them in the list
            while (dataReader.Read())
            {
                list[0].Add(dataReader["id"].ToString() + "");
                list[1].Add(dataReader["month"].ToString() + "");
                list[2].Add(dataReader["year"].ToString() + "");
                list[3].Add(dataReader["page_count"].ToString() + "");
            }

            //close Data Reader
            dataReader.Close();

            //close Connection
            this.CloseConnection();

            //return list to be displayed
            return list;
        }
        else
        {
            return list;
        }
    }

However this code does not work, can someone advise me please?

EDITED: 

string query = "SELECT * FROM page_counter where month = @month  AND year = @year;";
//Open connection
if (this.OpenConnection() == true)
{
//Create Command
 MySqlCommand cmd = new MySqlCommand(query, connection);
 cmd.Parameters.AddWithValue("@month",month);
 cmd.Parameters.AddWithValue("@year",year );

//Create a data reader and Execute the command
    MySqlDataReader dataReader = cmd.ExecuteReader();

//Read the data and store them in the list
    while (dataReader.Read())
    {
        list[0].Add(dataReader["id"].ToString() + "");
        list[1].Add(dataReader["month"].ToString() + "");
        list[2].Add(dataReader["year"].ToString() + "");
        list[3].Add(dataReader["page_count"].ToString() + "");
    }  

    //close Data Reader
    dataReader.Close();

I have edited the code as suggested,However I have an error on the AddWithValue, it say : does not contain a definition for AddWithValue and no extension method AddWithValue, I have added the Data.MySqlClient reference but still remain the same. Please advise.

Improve this question
2
  • is it asp.net or winform?? Commented Feb 27, 2014 at 3:50
  • @SaghirA.Khatri It is winform c#. Commented Feb 27, 2014 at 5:20

1 Answer 1

Reset to default
1

Problem 1 : You need to use SelectedItem property of the combobox to get the selected item from it.

Solution 1:

Replace This:

list = dbConnect.Select(month_list.Text, year_list.Text);

With This:

list = dbConnect.Select(month_list.SelectedItem.ToString(),        
                         year_list.SelectedItem.ToString());

Problem 2:

i beilve that your Month and Year columns in your Database are INT columns.if they are INT columns you dont need to enclose the month and year parameter values within single quotes.

Solution 2:

Try This:

string query = "SELECT * FROM page_counter where month =  
                   " + month + " AND year =" + year + " ;";

Suggestion : Your query is open to sql injection attacks i'd suggest to use Parameterised queries to avoid them.

Try This with Parameterised queries:

string query = "SELECT * FROM page_counter where month = @month  AND year = @year;";
//Open connection
if (this.OpenConnection() == true)
{
  //Create Command
  MySqlCommand cmd = new MySqlCommand(query, connection);
  cmd.Parameters.AddWithValue("@month",month);
  cmd.Parameters.AddWithValue("@year",year );

       //Remaining same

        //Create a data reader and Execute the command
        MySqlDataReader dataReader = cmd.ExecuteReader();

        //Read the data and store them in the list
        while (dataReader.Read())
        {
            list[0].Add(dataReader["id"].ToString() + "");
            list[1].Add(dataReader["month"].ToString() + "");
            list[2].Add(dataReader["year"].ToString() + "");
            list[3].Add(dataReader["page_count"].ToString() + "");
        }

        //close Data Reader
        dataReader.Close();
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Why I have an error on AddWithValue? and should I remain the MysqlDataReader line?
@Ren; yes you have to keep the remaning same, check my edited answer.
How about the AddWithValue error?any idea why i receive the error?
@Ren: i don't have an idea about which error you are talking about.could you please edit your question with error?
It say'MySql.Data.MySqlClient.MySqlParameterCollection' does not contain a definition for 'AddWithValue' and no extension method 'AddWithValue' accepting a first argument of type 'MySql.Data.MySqlClient.MySqlParameterCollection' could be found (are you missing a using directive or an assembly reference?)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.