I got a error in my project if there some please give the solution. I have post my coding with this and error.

Question

1.00/5 (1 vote)

See more:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;

public partial class attedance : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        Label2.Text = "Mark Attendance for " + DateTime.Now.ToShortDateString(); 
    }
    protected void Button2_Click(object sender, EventArgs e)
    {
        foreach (GridViewRow row in GridView1.Rows)
        {

            int rollno = Convert.ToInt32(row.Cells[0].Text);
            String nameofthestudent = row.Cells[1].Text;
            RadioButton rbtn1 = (row.Cells[2].FindControl("RadioButton1") as RadioButton);
            RadioButton rbtn2 = (row.Cells[2].FindControl("RadioButton2") as RadioButton);
            String status1;
            if (rbtn1.Checked)(error s here only the error is NULLREFERNCEEXCEPTION WAS UNHANDED USER CODE)
            {
                status1 = "Present";

            }
            else
            {
                status1 = "Absent";
            }
            String dateofclass1 = DateTime.Now.ToShortDateString();
            String batch = DropDownList1.SelectedItem.Text;
            String semester=DropDownList2 .SelectedItem .Text ;
            String subjectcode=DropDownList3 .SelectedItem .Text ;
            String subjectname=DropDownList4 .SelectedItem .Text ;
            savestudenttt(batch,semester,subjectcode,subjectname,dateofclass1);
        }
        Label3.Text = "Attendance Has Been Saved Successfully";
    }

    private void savestudenttt(string batch, string semester, string subjectcode, string subjectname, string dateofclass1)
    {
        throw new NotImplementedException();
    }
    private void savestudenttt(int rollno, string batch, string dateofclass1, string semester, string subjectcode,string  subjectname,string  nameofthestudent)
    {
        String query = "insert into Studentstudenttt(batch,semester,subjectcode,subjectname,rollno,nameofthestudent,) values(" + rollno + ",'" + nameofthestudent  + "','" + dateofclass1 + "','" + semester + "','" + subjectcode + "''" + subjectname + "','" + batch + "')";
        String mycon = "Data Source=DESKTOP-15TQB1B\\SQLEXPRESS;Initial Catalog=studenttt;Integrated Security=True";
        SqlConnection con = new SqlConnection(mycon);
        con.Open();
        SqlCommand cmd = new SqlCommand();
        cmd.CommandText = query;
        cmd.Connection = con;
        cmd.ExecuteNonQuery();
    }
}

What I have tried:

the error is placing is NullReferenceException was unhandled user code

Posted 5-Jan-20 20:23pm

nehaperiyasamy

Updated 6-Jan-20 15:35pm

Add a Solution

4 solutions

Solution 1

The best way to find a null reference error is to use the debugger. Place a breakpoint in the method you're calling and going through the code check what goes wrong. In other words, what object is null and why. The chances are that the name is misspelled so you may not component RadioButton1 on your page or perhaps it's not a RadioButton

For more information about debugging, see First look at the debugger - Visual Studio | Microsoft Docs[^]

Another note: Never concatenate values directly to a SQL statement. This leaves you open to SQL injections. Instead use parameters. For examples, have a look at Properly executing database operations[^]

Posted 5-Jan-20 20:33pm

Wendelius

Updated 5-Jan-20 20:35pm

v2

Solution 4

C#

String query = "insert into Studentstudenttt(batch,semester,subjectcode,subjectname,rollno,nameofthestudent,) values(" + rollno + ",'" + nameofthestudent  + "','" + dateofclass1 + "','" + semester + "','" + subjectcode + "''" + subjectname + "','" + batch + "')";

Not necessary a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]

Posted 6-Jan-20 15:36pm

Patrice T

Solution 3

Enable Autopostback property of radio button(child control
) Of grid control

Posted 6-Jan-20 12:44pm

Member 14708715

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2020-01-05T20:35:00

This is one of the most common problems we get asked, and it's also the one we are least equipped to answer, but you are most equipped to answer yourself.

Let me just explain what the error means: You have tried to use a variable, property, or a method return value but it contains null - which means that there is no instance of a class in the variable.
It's a bit like a pocket: you have a pocket in your shirt, which you use to hold a pen. If you reach into the pocket and find there isn't a pen there, you can't sign your name on a piece of paper - and you will get very funny looks if you try! The empty pocket is giving you a null value (no pen here!) so you can't do anything that you would normally do once you retrieved your pen. Why is it empty? That's the question - it may be that you forgot to pick up your pen when you left the house this morning, or possibly you left the pen in the pocket of yesterdays shirt when you took it off last night.

We can't tell, because we weren't there, and even more importantly, we can't even see your shirt, much less what is in the pocket!

Back to computers, and you have done the same thing, somehow - and we can't see your code, much less run it and find out what contains null when it shouldn't.
But you can - and Visual Studio will help you here. Run your program in the debugger and when it fails, VS will show you the line it found the problem on. You can then start looking at the various parts of it to see what value is null and start looking back through your code to find out why. So put a breakpoint at the beginning of the method containing the error line, and run your program from the start again. This time, VS will stop before the error, and let you examine what is going on by stepping through the code looking at your values.

But we can't do that - we don't have your code, we don't know how to use it if we did have it, we don't have your data. So try it - and see how much information you can find out!

And don't do it like that! Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:

SQL

SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'

The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:

SQL

SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;--'

Which SQL sees as three separate commands:

SQL

SELECT * FROM MyTable WHERE StreetAddress = 'x';

A perfectly valid SELECT

SQL

DROP TABLE MyTable;

A perfectly valid "delete the table" command

SQL

--'

And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?