Click here to Skip to main content
15,904,288 members
Home / Discussions / C#
   

C#

 
AnswerRe: Mutlithreading application threading and semaphores? Pin
Gerry Schmitz23-Mar-20 8:05
mveGerry Schmitz23-Mar-20 8:05 
AnswerRe: Mutlithreading application threading and semaphores? Pin
Bohdan Stupak24-Mar-20 1:14
professionalBohdan Stupak24-Mar-20 1:14 
QuestionRDLC printing without print preview Pin
Member 1419221622-Mar-20 21:20
Member 1419221622-Mar-20 21:20 
AnswerRe: RDLC printing without print preview Pin
OriginalGriff22-Mar-20 21:34
mveOriginalGriff22-Mar-20 21:34 
GeneralRe: RDLC printing without print preview Pin
Member 1419221622-Mar-20 21:49
Member 1419221622-Mar-20 21:49 
GeneralRe: RDLC printing without print preview Pin
OriginalGriff22-Mar-20 21:51
mveOriginalGriff22-Mar-20 21:51 
GeneralRe: RDLC printing without print preview Pin
Member 1419221622-Mar-20 22:08
Member 1419221622-Mar-20 22:08 
SuggestionRe: RDLC printing without print preview Pin
Richard Deeming23-Mar-20 0:22
mveRichard Deeming23-Mar-20 0:22 
Member 14192216 wrote:
C#
da.SelectCommand = new SqlCommand("select c.id,c.transno,c.pcode,c.price,c.qty,c.disc,c.total,c.sdate,c.status,p.pdesc from tblCart as c inner join tblProduct as p on p.pcode=c.pcode where transno like '" + f.lblTrans.Text + "' ", con);
Don't do it like that!

Your code is almost certainly vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

C#
da.SelectCommand = new SqlCommand("select c.id, c.transno, c.pcode, c.price, c.qty, c.disc, c.total, c.sdate, c.status, p.pdesc from tblCart as c inner join tblProduct as p on p.pcode = c.pcode where transno like @transno", con);
da.SelectCommand.Parameters.AddWithValue("@transno", f.lblTrans.Text);




"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer

AnswerRe: RDLC printing without print preview Pin
Gerry Schmitz23-Mar-20 7:49
mveGerry Schmitz23-Mar-20 7:49 
QuestionNotify User From Server Pin
Kevin Marois22-Mar-20 16:11
professionalKevin Marois22-Mar-20 16:11 
AnswerRe: Notify User From Server Pin
Dave Kreskowiak22-Mar-20 18:41
mveDave Kreskowiak22-Mar-20 18:41 
GeneralRe: Notify User From Server Pin
Kevin Marois22-Mar-20 18:50
professionalKevin Marois22-Mar-20 18:50 
GeneralRe: Notify User From Server Pin
Dave Kreskowiak23-Mar-20 4:18
mveDave Kreskowiak23-Mar-20 4:18 
GeneralRe: Notify User From Server Pin
Gerry Schmitz23-Mar-20 6:24
mveGerry Schmitz23-Mar-20 6:24 
QuestionCreate Custom File Property/Attribute Pin
Kevin Marois22-Mar-20 9:30
professionalKevin Marois22-Mar-20 9:30 
AnswerRe: Create Custom File Property/Attribute Pin
Tony Hill22-Mar-20 10:02
professionalTony Hill22-Mar-20 10:02 
AnswerRe: Create Custom File Property/Attribute Pin
OriginalGriff22-Mar-20 10:14
mveOriginalGriff22-Mar-20 10:14 
GeneralRe: Create Custom File Property/Attribute Pin
Kevin Marois22-Mar-20 13:02
professionalKevin Marois22-Mar-20 13:02 
AnswerRe: Abuse Standard File Property/Attribute Pin
Luc Pattyn22-Mar-20 10:36
sitebuilderLuc Pattyn22-Mar-20 10:36 
GeneralRe: Abuse Standard File Property/Attribute Pin
Kevin Marois22-Mar-20 13:04
professionalKevin Marois22-Mar-20 13:04 
Questionupdate problem Pin
ago248619-Mar-20 23:31
ago248619-Mar-20 23:31 
AnswerRe: update problem Pin
OriginalGriff20-Mar-20 0:03
mveOriginalGriff20-Mar-20 0:03 
GeneralRe: update problem Pin
ago248620-Mar-20 0:08
ago248620-Mar-20 0:08 
GeneralRe: update problem Pin
ago248620-Mar-20 2:52
ago248620-Mar-20 2:52 
GeneralRe: update problem Pin
OriginalGriff20-Mar-20 3:00
mveOriginalGriff20-Mar-20 3:00 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.