Wednesday, March 28, 2012

Query problem

I have a count code that works just fine...to get the total..

I need to modify it to select the total where zip = Session("zip")

can anyone help me?

Dim cmd3AsNew Data.SqlClient.SqlCommand("Select count (*) from CustomerInfo", MyConn)

cmd.Connection.Open()

Dim count3AsInteger = cmd3.ExecuteScalar()'this contains the number of records

Label_registeredusers.Text = count3

cmd.Connection.Close()

you can use a parameter in your query to limit the results The parameterized query will be much safer than simply concatenating in the zip code as text in your sql statement as that would expose you to the possibility of a sql injection attack.

Dim paramZipAs New System.Data.SqlClient.SqlParameterparamZip.ParameterName ="@.zip"param.Value = Session("zip")Dim cmd3As New Data.SqlClient.SqlCommand("Select count (*) from CustomerInfo WHERE zip=@.zip", MyConn) cmd3.Parameters.Add(paramZip)cmd.Connection.Open()Dim count3As Integer = cmd3.ExecuteScalar()'this contains the number of recordsLabel_registeredusers.Text = count3cmd.Connection.Close()
|||

You could do this:

Dim cmd3AsNew Data.SqlClient.SqlCommand("Select count (*) from CustomerInfo WHERE zip = '" & Session("zip") &"'", MyConn)

But it would be better to use command Parameters like :|||

A lot easier than I thought... Thank you very much!

sql

No comments:

Post a Comment