June 20, 2013 at 12:56 pm
I have an ASP.Net VB shopping cart app where when an item is "Removed" from a shopping cart, and the corresponding Database field "NewTotal" is updated with the amount removed. So, that for example, if NewTotal is currently (5) and the amount being returned to inventory is QtyToAddBack (3), then the NEW "NewTotal" amount should be (8)
I am using the following code. If I use SQL Server Management Studio to run the query, it performs as expected; but in the code page it does not... what am I doing wrong.. I suspect the issue is with the "AddWithValue" definition?
Thank you in advance!
Dim strSQL02 As String = "Update [ClinicTest2].[dbo].[ICDbS_Products] SET "& _
"NewTotal = (NewTotal +'" & QtyToAddBack & "') " & _
"WHERE ProductNoID = '" & ItemNumber & "'"
Dim myCommand02 As New SqlCommand(strSQL02, objConn02)
myCommand02.Parameters.AddWithValue("@NewTotal", "@NewTotal"+ QtyToAddBack)
July 8, 2013 at 8:38 am
You are mixing up the SQL with the VB and confusing yourself. Not to mention, introducing a massive SQL-injection hole, by building up the string in that fashion.
Instead, define @variables within the SQL string and use AddWithValue to populate them.
For example:
Dim strSQL02 As String = "Update [ClinicTest2].[dbo].[ICDbS_Products] SET " & _
"NewTotal = (NewTotal + @qty_to_add) " & _
"WHERE ProductNoID = @prod_id"
Dim myCommand02 As New SqlCommand(strSQL02, objConn02)
myCommand02.Parameters.AddWithValue("@qty_to_add", QtyToAddBack)
myCommand02.Parameters.AddWithValue("@prod_id", ItemNumber)
You should also look into separating your SQL code from your VB code, preferably in the form of stored procedures but possibly with a separate class of SQL strings. For best results, the SQL strings should be constants.
July 8, 2013 at 9:00 am
Honestly I think you are doing this the hard way. You should not store the total of your cart, you should instead calculate it based on the items in your cart. Then all you need to store is a CartID, ItemNumber, Quantity, Price. The total is the sum of Quantity * Price. Your code becomes a lot simpler and so does your data. Now all you have to do is add/remove items from the cart and rebind your display.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply