c# - Select Statement is not being read but works fine before until the Insert INTO query -


need 1 select statement cant read/execute anymore after placed insert into activity log works fine before did wrong placements?

claylink.con.open();  string userid = txt_login.text; string password = txt_password.text;  claylink.cmd = new sqlcommand("select usertype users username='" + userid + "'and password='" + password + "'", claylink.con); claylink.cmd = new sqlcommand("insert alog values ('" + txt_login.text + "','" + admin.lbl_username.text + "','" + admin.label7.text + "', 'login button click','')", claylink.con);  datatable dt = new datatable(); claylink.adapter = new sqldataadapter(claylink.cmd); claylink.adapter.fill(dt); claylink.con.close();   try  {      if (dt.rows.count == 1)     {          if (dt.rows[0][0].tostring() == "administrator")         {              messagebox.show("successfully logged in administrator!");             admin.show();             claylink.con.close();              claylink.con.open();             string str = "select * users username = '" + txt_login.text + "'";              claylink.cmd = new sqlcommand(str, claylink.con);             claylink.datareader = claylink.cmd.executereader();             claylink.datareader.read();               admin.lbl_username.text = claylink.datareader["firstname"].tostring();             admin.lbl_usertype.text = claylink.datareader["usertype"].tostring();              this.txt_login.clear();             this.txt_password.clear();             this.hide();             claylink.con.close();         }     } } 

you have these 2 lines of code:

claylink.cmd = new sqlcommand("select usertype users username='" + userid + "'and password='" + password + "'", claylink.con); claylink.cmd = new sqlcommand("insert alog values ('" + txt_login.text + "','" + admin.lbl_username.text + "','" + admin.label7.text + "', 'login button click','')", claylink.con); 

you setting claylink.cmd twice. value value second time.

other notes:

  • use parameters instead of munging query strings input strings.
  • don't pass unencrypted passwords arounds.
  • list columns inserting when using insert.

Comments

Popular posts from this blog

resizing Telegram inline keyboard -

command line - How can a Python program background itself? -

php - "cURL error 28: Resolving timed out" on Wordpress on Azure App Service on Linux -