Skip to content Skip to sidebar Skip to footer
Home / C# / Sql Server

Getting Value From A Database Using Textbox

Post a Comment
string que = 'SELECT Name FROM StudentInfo where StudentNo=textBox1.Text '; Every time I run this it always says that 'The multi-part identifier 'textBox1.Text' could not be bo

Solution 1:

You need to make the query include the value from the textbox. SQL Server doesn't know anything about your textbox - you've just provided the text textBox1.Text as if it refers to something that SQL Server knows about. However, you shouldn't include the value from your textbox in the SQL itself...

Instead, you should parameterize your SQL, and set the parameter from your textbox as a value to be sent alongside the SQL when you execute the query:

// Assuming an open connection...int studentNo = int.Parse(textBox1.Text);
string sql = "SELECT Name FROM StudentInfo where StudentNo=@student_no";
using (var command = new SqlCommand(conn, sql))
{
    command.Parameters.Add("@student_no", SqlDbType.Int).Value = studentNo;
    // Execute the command as normal
}

This assumes that the type of StudentNo in your database is Int, of course - adjust accordingly (along with what you do with textBox1.Text - I'm currently parsing it as an int).

You should always parameterize your SQL rather than trying include the value within the SQL itself, for three important reasons:

  • It protects against SQL Injection Attacks
  • It avoids unnecessary conversions, and gives you more control over the conversions you do need
  • It typically makes it easier to read the SQL (as there isn't string concatenation code etc involved) so you can find issues with that more simply

Solution 2:

You should be parameterizing your query:

string que = "SELECT Name FROM StudentInfo WHERE StudentNo = @StudentNo"using (SqlConnection connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["connection"].ConnectionString))
{
    using (SqlCommand command = new SqlCommand(sql, connection))
    {
        command.Parameters.Add("@StudentNo", SqlDbType.VarChar, 50).Value = textBox1.Text;

        //If StudentNo is Int//command.Parameters.Add("@StudentNo", SqlDbType.Int).Value = (int) textBox1.Text;

        connection.Open();

        string veri = Convert.ToString(command.ExecuteScalar());
        return veri;
    }
}

Solution 3:

Use this :

stringstrQuery="SELECT Name FROM StudentInfo where StudentNo= @studentno";

SqlCommandcmd=newSqlCommand(strQuery);

cmd.Parameters.AddWithValue("@studentno", textBox1.Text.Trim());

Solution 4:

I really dont understand your question but the query should be 

string que = "SELECT Name FROM StudentInfo where StudentNo= '" + textBox1.Text + "';";

If the StudentNo is Varchar in the DB. or else

string que = "SELECT Name FROM StudentInfo where StudentNo=" + textBox1.Text + ";";

Where as you should go for parameterized query like this 

using (SqlCommandcommand=newSqlCommand(
    "SELECT Name FROM StudentInfo where StudentNo=@No", connection))
    {
        command.Parameters.Add(newSqlParameter("No", textBox1.Text));
        SqlDataReaderreader= command.ExecuteReader(); 
    }

Post a Comment for "Getting Value From A Database Using Textbox"