Click here to Skip to main content
15,902,635 members
Search within:


Search button and Display in Data Grid in Winforms
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#3.5
Data is Not displaying in DataGridview by searching Name
What Should I do...
Plz help me...
C#
private void button1_Click(object sender, EventArgs e)
{
  SqlConnection con = new SqlConnection("Data Source=SUBHAN-PC;Initial Catalog=subhan;Integrated Security=True");
  DataTable dt = new DataTable();
  SqlDataAdapter da = new SqlDataAdapter("select * from ghtdetails where EmployeeName='"+textBox1.Text+"'", con);
  
  da.Fill(dt);
  da.ToString();
  dataGridView1.DataSource = dt;
Posted
Updated 26-Nov-14 0:57am
v2
Add a Solution
Comments
Richard Deeming 26-Nov-14 9:10am    
Your code is vulnerable to SQL Injection[^].

NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

2 solutions

Hello,

I think that's because you are using '=' operator for employee name instead of 'LIKE'. '=' operator means that you are looking for exact match. 'LIKE' operator allows you to search using wildcards (partial searching). Try code below:

C#
private void button1_Click(object sender, EventArgs e)
{
    SqlConnection con = new SqlConnection("Data Source=SUBHAN-PC;Initial Catalog=subhan;Integrated Security=True");
            
    DataTable dt = new DataTable();

    string query = "SELECT * FROM ghtdetails WHERE EmployeeName LIKE @EmployeeName";

    // If user checks CheckBox control then filter by salary rang
    if (chkFilterBySalary.Checked)
    {
        query = query + " AND Salary >= @SalaryFrom";
        query = query + " AND Salary <= @SalaryTo";
    }
            
    SqlDataAdapter da = new SqlDataAdapter(query, con);
    var command = da.SelectCommand;
    command.Parameters.AddWithValue("EmployeeName", string.IsNullOrWhiteSpace(textBox1.Text) ? "%" : textBox1.Text);

    if (chkFilterBySalary.Checked)
    {
        command.Parameters.AddWithValue("SalaryFrom", nudSalaryFrom.Value);
        command.Parameters.AddWithValue("SalaryTo", nudSalaryTo.Value);
    }

    da.Fill(dt);
    da.ToString();
    dataGridView1.DataSource = dt; 
}


[Update 1]
1. 'LIKE' operator can be used with STRING type fields only. I'm assuming that 'Salary' is numeric type (single, double or decimal). So, you can use '=', '>', '>=', '<' or '<=' operators only for filtering.
2. You can not have two 'WHERE' keywords in one query. To set more than one filter condition use 'AND' or 'OR' keywords.
3. In my opinion it's better to separate filtering by text and numeric fields. To do that add new controls to your Form: one CheckBox (name it: chkFilterBySalary) and two NumericUpDown controls (name them: nudSalaryFrom and nudSalaryTo) and update your code.

[Update 2]
Added use of parametrized query. Based on Richard Deeming's comment.

I hope it help you.
 
Share this answer
 
Posted
Updated 26-Nov-14 3:39am
v3
Comments
123456789shaik 26-Nov-14 7:08am    
hi It is displaying but not showing data in datagrid
Plz Help Me...
Regards
subhan
Marcin Kozub 26-Nov-14 7:11am    
What do you mean 'Not showing data'? Do you have any error? Can you share some screenshot?
I tested my code with my own database table and everything works well.
Please check columns, field names in DataGridView control.
123456789shaik 26-Nov-14 7:27am    
hiIn this Screenshorts are not working so am writing the fields
I have Taken these fields both in database and datagridview

EmployeeID[pk],EmployeeName,EmployeeEmailId,OfficalEmailId,JoiningDate,Salary,RelevingDate


Showing empty datagridview
Marcin Kozub 26-Nov-14 7:39am    
Lets try from begining:
1. Start new WinForms solution in VisualStudio
2. Add controls to Form1: DataGridView (do not add columns manually), TextBox and Button
3. Add my code to Button's click event

Check if it works and let me know, will try to help you then.
123456789shaik 26-Nov-14 8:08am    
hi
Just now i have writen the code which u have given me
its working but
its not working for other fields to search and what query should i pass ? to search with other fields also
please help me ...
i have passed this query
query = query + " WHERE EmployeeName LIKE '%" + textBox1.Text + "%'";
query = query + " WHERE Salary LIKE '%" + textBox1.Text + "%'";
replace your code with below code 

SqlDataAdapter da = new SqlDataAdapter("select * from ghtdetails where EmployeeName LIKE '%"+textBox1.Text+"%'", con);
 
Share this answer
 
Posted
Updated 26-Nov-14 1:06am
Comments
Richard Deeming 26-Nov-14 9:11am    
You've copied the SQL Injection[^] vulnerability from the question.

NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
searching and displaying multiple data in grid
Search data in treeview without search button
To search by Grid View
c# data grid view search
TextBox search in Grid
Searching code for Grid row data
to filter data currently displayed on the grid
Howto display data in grid view
load data in grid view ,edit data on link click and search
How to add button column picker visibility to ridzen grid?

Advertise
Privacy
Cookies
Terms of Use
Last Updated 26 Nov 2014
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web02 2.8:2024-05-14:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900