how search record in c#

Question

1.00/5 (1 vote)

See more:

VB

ds.Clear() 
da = New SqlDataAdapter("SELECT * FROM student_info WHERE no= " & TextBox12.Text & "", DBConn) 
Try 
    da.Fill(ds, "student_info") 
    Bind()
Catch ex As Exception
    Exit Sub
End Try

pls convert this code to c#
pls pls

Posted 24-Feb-12 2:43am

Amal anjula

Updated 24-Feb-12 3:07am

Estys

v2

Add a Solution

3 solutions

Solution 1

Try this:

http://www.developerfusion.com/tools/convert/vb-to-csharp/[^]

Posted 24-Feb-12 2:59am

Tim Groven

Solution 2

C#

ds.Clear();
da = new SqlDataAdapter("SELECT * FROM student_info WHERE no= " + TextBox12.Text + "", DBConn);
try
{
    da.Fill(ds, "student_info");
    Bind();

}
catch
{
   return;
}

[edit]pre tag for C# added - PES[/edit]

Posted 24-Feb-12 20:56pm

Adeyinka Oluwaseun Doyin

Updated 24-Feb-12 21:08pm

v2

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sander Rossel · Accepted Answer · 2012-02-24T22:25:00

I think your problem is not that you cannot convert to C#. There are plenty of websites and tools that can do this for you. Try Google and you'll find plenty of websites. I prefer Developer Fusion[^]. Actually a fellow CP'ian has written a blog post about this, especially because many people on CP ask for conversion tools. Read it here: .NET Code Conversion - Convert your code[^]

However, and I'm sorry to break this to you, but your code is flawed on many levels.
Take your query string, you simply build it and paste some user input in it. Well, suppose this user types something like ; --drop table student_info... Or worse! Even a simple and innocent input, like "D'Artagnan" will break your query. This is called SQL injection[^] and is very dangerous (and unfortunately very common).
So you need to parameterize your query. Luckily this is not hard. Consider the following code:

VB

Dim cmd As New SqlCommand("SELECT * FROM student_info WHERE no = @Number", DBConn)
cmd.Parameters.AddWithValue("@Number", CInt(TextBox12.Text))
da = New SqlDataAdapter(cmd)
'...

Notice how your code becomes better readable? Your query is now protected from SQL injection and "D'Artagnan" will not break it! What's more, SQL servers performance will increase when you use parameterized queries. It's a win win win situation!
However, this doesn't fix everything. Your TextBox12.Text is user input and thus must be validated. Perhaps the user didn't enter a valid Integer value.
So consider the following code, using Integer.TryParse[^]:

VB

Dim userInput As Integer
If Integer.TryParse(TextBox12.Text, userInput) Then
   cmd.Parameters.AddWithValue("@Number", userInput)
Else
   ' User did not type a valid numeric value.
   ' Possibly show them a MessageBox, whatever.
End If

So that brings us to the next point. Letting your users know if anything went wrong. You now catch an Exception and simply return like nothing happened. The user will wonder why they don't see their records... If you do NOT handle an Exception let it bubble up to the UI and at least show the user something has gone wrong there. Actually I have written an article on proper use of Try Catch blocks: Using Try... Catch..., Finally![^].
Another topic that article discusses is the Using block[^]. It's about cleaning up resources, which I don't see you do.
After you're done with your SqlCommand, your SqlConnection or your SqlDataAdapter you should properly dispose of them. The rule here is that when an Object Implements IDisposable[^] you should call Dispose[^] once you're done.

So now look at the completely revised code:

VB

' I am assuming DBConn is a class field and might be used elsewhere.
' I assume ds is a class field.
Try
   ds.Clear()
   ' Put your SqlCommand in a Using block.
   Using cmd As New SqlCommand("SELECT * FROM student_info WHERE no = @Number")
      ' Validate the users input.
      Dim userInput As Integer
      If Integer.TryParse(TextBox12.Text, userInput) Then
         ' The users input was valid.
         cmd.Parameters.AddWithValue("@Number", userInput)
         ' put your SqlDataAdapter in a Using block.
         ' Not sure if a SqlDataAdapter automatically opens a connection, so...
         DBConn.Open()
         Using da As New SqlDataAdapter(cmd)
            da.Fill(ds, "student_info")
            Bind()
         End Using
      Else
         ' The users input was invalid.
         MessageBox.Show("Please enter a valid numeric value")
      End If
   End Using
Catch ex As Exception
   ' Perhaps log the Exception.
   MessageBox.Show(String.Format("An exception has occurred:{0}{1}", Environment.Newline, ex.Message))
Finally
   ' Closing a closed connection is not a problem.
   DBConn.Close
   ' Don't dispose the DBConn yet if it is used elsewhere.
End Try

This code could be a lot more elegant. But this is a good start :)
I hope you learned a thing or two from my explanation. You can convert the code to C# yourself.
Good luck! :)