Monday, 15 March 2010

c# - display some data from the database to datagridview -



c# - display some data from the database to datagridview -

command.commandtext = "select * books author='"+convert.tostring(combobox1.selecteditem)+"'"; reader = command.executereader();

ex. select "john" combobox. datagridview show info database author="john". example, there 4 books same author(john), how can display info datagridview?

something like

command.commandtext = "select * books author='"+convert.tostring(combobox1.selecteditem)+"'"; var reader = command.executereader(); var list = new list<string>(); while(reader.read()) { list.add(reader["author"].tostring()) } datagridview.datasource = list;

there many (many!) things wrong doing way - wil on way.

first of - seek avoid having gui "close" db code. secondly, mentionsed, code vulnerable sql injection.

my suggestion:

public list<string> getauthors(string aurthername) { using(var con = createconnection()//somehow ) { var command = con.createcommand(); string sql = "select * books author='@value'"; command.parameters.addwithvalue("@value", aurthername); command.commandtext = sql ; var list = new list<string>(); while(reader.read()) { list.add(reader["author"].tostring()) } homecoming list; } }

that way can phone call this:

datagridview.datasource = getauthors(combobox1.selecteditem);

c# ms-access

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)