LCKB ** OLD LCKB DATABASE ** Programmers Gateway Coders Talk v
MySQL Syntax Error

Linear Mode
MySQL Syntax Error
Wizatek Offline
Posting Freak
*****
Posts: 768
Threads: 40
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: May 2011
Reputation: 0
#5
08-04-2013, 04:09 PM


MySqlCommand cmd = new MySqlCommand("UPDATE bg_user SET user_id = @uname, passwd = @pwd, cash = @cash, email = @email WHERE user_code = @uid", sqlcon);

cmd.Prepare();

cmd.Parameters.AddWithvalue("@uname", textBox36.Text);

cmd.Parameters.AddWithvalue("@passwd", textBox37.Text);

// etc etc etc

cmd.ExecuteNonQuery();
This way your strings will get escaped automatically, and its also mysql injection safe for how far thats needed
Find


Messages In This Thread
[No subject] - by Paramount - 08-03-2013, 06:55 PM
[No subject] - by ReturnKratos - 08-03-2013, 07:56 PM
[No subject] - by someone - 08-03-2013, 08:07 PM
[No subject] - by Paramount - 08-03-2013, 10:40 PM
[No subject] - by Wizatek - 08-04-2013, 04:09 PM
[No subject] - by ReturnKratos - 08-04-2013, 05:21 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)