not searching new data

Question

0.00/5 (No votes)

See more:

I am saerching from database by using this code.This data is import from execl sheet.I am also adding new data using some and its working but in this code it only search the data that was imported from execl sheet not the new data...
but the code is same cant figre out the problem please help me with that

C#

protected void Button1_Click(object sender, EventArgs e)
        {
            SqlConnection con;
            con = new SqlConnection(connstring);
            con.Open();



            //string str = "SELECT * FROM ['ISB VAS Nodes$']";
            if (DropDownList1.Text == "Type")
            {
                string str = "SELECT * FROM ['ISB VAS Nodes$'] where Type='" + TextBox2.Text + "'";
                //city is the column name in table
                SqlCommand cmd;
                cmd = new SqlCommand(str, con);
                SqlDataReader dr;
                dr = cmd.ExecuteReader();
                if (dr.Read())
                {


                    //if city is in 0 index of table
                    GridView1.DataSource = dr;
                    GridView1.DataBind();
                }
                else
                {
                    Response.Write("Value does not exist");

                }
                dr.Close();
                con.Close();
            }
             else if(DropDownList1.Text=="Desc") 
                {
                    string str = "SELECT * FROM ['ISB VAS Nodes$'] where [Desc]='" + TextBox2.Text + "'";
                    //city is the column name in table
                    SqlCommand cmd;
                    cmd = new SqlCommand(str, con);
                    SqlDataReader dr;
                    dr = cmd.ExecuteReader();
                    if (dr.Read())
                    {


                        //if city is in 0 index of table
                        GridView1.DataSource = dr;
                        GridView1.DataBind();
                    }
                    else
                    {
                        Response.Write("Value does not exist");

                    }
                    dr.Close();
                    con.Close();
                }
            else if (DropDownList1.Text == "Model")
            {
                string str = "SELECT * FROM ['ISB VAS Nodes$'] where Model='" + TextBox2.Text + "'";
                //city is the column name in table
                SqlCommand cmd;
                cmd = new SqlCommand(str, con);
                SqlDataReader dr;
                dr = cmd.ExecuteReader();
                if (dr.Read())
                {


                    //if city is in 0 index of table
                    GridView1.DataSource = dr;
                    GridView1.DataBind();
                }
                else
                {
                    Response.Write("Value does not exist");

                }
                dr.Close();
                con.Close();
            }
            else if (DropDownList1.Text == "SN")
            {
                string str = "SELECT * FROM ['ISB VAS Nodes$'] where SN='" + TextBox2.Text + "'";
                //city is the column name in table
                SqlCommand cmd;
                cmd = new SqlCommand(str, con);
                SqlDataReader dr;
                dr = cmd.ExecuteReader();
                if (dr.Read())
                {


                    //if city is in 0 index of table
                    GridView1.DataSource = dr;
                    GridView1.DataBind();
                }
                else
                {
                    Response.Write("Value does not exist");         

                }
                dr.Close();
                con.Close();
            }
            else if (DropDownList1.Text == "Asset Tag")
            {
                string str = "SELECT * FROM ['ISB VAS Nodes$'] where AssetTag='" + TextBox2.Text + "'";
                //city is the column name in table
                SqlCommand cmd;
                cmd = new SqlCommand(str, con);
                SqlDataReader dr;
                dr = cmd.ExecuteReader();
                if (dr.Read())
                {


                    //if city is in 0 index of table
                    GridView1.DataSource = dr;
                    GridView1.DataBind();
                }
                else
                {
                    Response.Write("Value does not exist");

                }
                dr.Close();
                con.Close();
            }
            else if (DropDownList1.Text == "ID")
            {
                string str = "SELECT * FROM ['ISB VAS Nodes$'] where ID='" + TextBox2.Text + "'";
                //city is the column name in table
                SqlCommand cmd;
                cmd = new SqlCommand(str, con);
                SqlDataReader dr;
                dr = cmd.ExecuteReader();
                if (dr.Read())
                {


                    //if city is in 0 index of table
                    GridView1.DataSource = dr;
                    GridView1.DataBind();
                }
                else
                {
                    Response.Write("Value does not exist");

                }
                dr.Close();
                con.Close();
            }

Posted 24-Apr-13 19:18pm

fak_farrukh

Updated 24-Apr-13 19:23pm

Vani Kulkarni

v2

Add a Solution

Comments

Rockstar_ 25-Apr-13 1:32am

Suggestion :Instead of writing code for binding data to gridview in each if's and else's , write once a function and call and also pass parameters based on your condition.
Regarding ur problem :
1. First check whether the data is available in the database or not.
2. If it is available, check for trailing spaces both for databse and the textbox value..

fak_farrukh 25-Apr-13 1:37am

how to check trailing spaces

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

StianSandberg · Accepted Answer · 2013-04-24T21:28:00

A few tips:

1) You are repeating your code unnecessarily
2) Your code is vulnerable for sql injections[^]

My suggestion:

Build your SQL-query based on selection in dropdownlist:

C#

string sql = "SELECT * FROM ['ISB VAS Nodes$'] ";
if (DropDownList1.Text == "Type")
{
   sql += "where [Type]=@Type";
}
else if (DropDownList1.Text == "Desc")
{
   sql += "where [Desc]=@SearchText";
}
else if (DropDownList1.Text == "Model")
{
   sql += "where [Model]=@SearchText";
}
else if (DropDownList1.Text == "SN")
{
   sql += "where [SN]=@SearchText";
}
else if (DropDownList1.Text == "Asset tag")
{
   sql += "where [AssetTag]=@SearchText";
}
else if (DropDownList1.Text == "ID")
{
   sql += "where [ID]=@SearchText";
}

Or you could use the dropdownlist's Id property to search in the correct column:

C#

var column = DropDownList1.SelectedValue; // Your colums
// You will have to strip the "column" variable for unsafe sql-characters to avoid sql injections!
string sql = string.Format("SELECT * FROM ['ISB VAS Nodes$'] where [{0}]=@Type", column);

Then you can use your sql-query to to show the result in your grid.

C#

SqlConnection con = new SqlConnection(connstring);
SqlCommand cmd = new SqlCommand(sql, con);
// Use parameters to avoid sql injections
cmd.Parameters.AddWithValue("@SearchText", TextBox2.Text);

con.Open();
SqlDataReader dr = cmd.ExecuteReader();

if (dr.Read())
{
    GridView1.DataSource = dr;
    GridView1.DataBind();
}
else
{
    Response.Write("Value does not exist"); 
}
dr.Close();
con.Close();

And to answer your question. Are you sure the data is in your database? I don't think its anything wrong with your code here. Double check your data.