PHP User Warning: fetch_template() calls should be replaced by the vB_Template class. Template name: bbcode_highlight in ..../includes/functions.php on line 4197
what is weakness and problems with this code?-VBForums
Results 1 to 4 of 4

Thread: what is weakness and problems with this code?

  1. #1

    Thread Starter
    New Member
    Join Date
    Jul 2019
    Posts
    2

    what is weakness and problems with this code?

    hello everybody

    Is it possible to help me answer the "what is weakness and problems with this code?"

    VB.NET

    PrivateSub lstProducts_SelectedIndexChanged (_ByVal sender
    System.Object, ByVal e As System.EventArgs) Handles lstProducts.SelectedIndexChanged
    FormShow ( )
    End Sub
    PrivateSub FormShow ( )
    Dim dt As New DataTable
    Dim dr As DataRow
    Dim da As SqlDataAdapter
    Dim strSQL As String
    Dim strConn As String
    strSQL = "SELECT * FROM tblProducts "
    strSQL &= " WHERE iProduct_id = " & lstProducts.SelectedValue.ToString()
    strConn = "Server=Localhost;Database=NTier-eBook;
    "&"Integrated Security=SSPI"

  2. #2
    Fanatic Member
    Join Date
    Feb 2003
    Posts
    723

    Re: what is weakness and problems with this code?

    Quote Originally Posted by assim View Post
    hello everybody

    Is it possible to help me answer the "what is weakness and problems with this code?"

    VB.NET

    PrivateSub lstProducts_SelectedIndexChanged (_ByVal sender
    System.Object, ByVal e As System.EventArgs) Handles lstProducts.SelectedIndexChanged
    FormShow ( )
    End Sub
    PrivateSub FormShow ( )
    Dim dt As New DataTable
    Dim dr As DataRow
    Dim da As SqlDataAdapter
    Dim strSQL As String
    Dim strConn As String
    strSQL = "SELECT * FROM tblProducts "
    strSQL &= " WHERE iProduct_id = " & lstProducts.SelectedValue.ToString()
    strConn = "Server=Localhost;Database=NTier-eBook;
    "&"Integrated Security=SSPI"
    Since you couldn't be bothered to use code tags or supply any useful code... I have absolutely no idea. Here are two tips: use code tags and lookup the System.Text.StringBuilder class.

  3. #3
    Fanatic Member cory_jackson's Avatar
    Join Date
    Dec 2011
    Location
    Fallbrook, California
    Posts
    896

    Re: what is weakness and problems with this code?

    Peter is right. Entering your code here with the highlight option and make the highlight type "vb.net" will make it easier for others to read.

    I'm no expert. Here's a couple thoughts though:
    You code doesn't make sense to me. It doesn't do anything. It's like we're only seeing half of it. Noe even an END SUB.
    I like to use the SqlConnectionStringBuilder Class.
    I like to add most of my parameters when I instantiate.
    I like ot assign the values to value type variables when I declare them.
    I think it's a better practice to use paramaterized SQL queries.
    Why do you have the one sub call the other?
    You don't need to create a string variable for the command. You can add that when in create the SQL command.

  4. #4
    .NUT jmcilhinney's Avatar
    Join Date
    May 2005
    Location
    Sydney, Australia
    Posts
    102,754

    Re: what is weakness and problems with this code?

    I have to agree with Peter Swinkels. That you didn't format your code is bad enough but you didn't even post it with indenting so it's now hard for anyone else to format it too. Fortunately it's not too long so the effort isn't too great. Here's how it should look:
    vb.net Code:
    1. PrivateSub lstProducts_SelectedIndexChanged (ByVal sender System.Object, ByVal e As System.EventArgs) Handles lstProducts.SelectedIndexChanged
    2.     FormShow()
    3. End Sub
    4.  
    5. PrivateSub FormShow()
    6.     Dim dt As New DataTable
    7.     Dim dr As DataRow
    8.     Dim da As SqlDataAdapter
    9.     Dim strSQL As String
    10.     Dim strConn As String
    11.  
    12.     strSQL = "SELECT * FROM tblProducts "
    13.     strSQL &= " WHERE iProduct_id = " & lstProducts.SelectedValue.ToString()
    14.     strConn = "Server=Localhost;Database=NTier-eBook;" & "Integrated Security=SSPI"
    Furthermore, questions of the form "here's some code, tell me what's wrong" are bad questions. In order to know whether code does what it is supposed to do, we need to know what it is supposed to do. Don't expect us to know what code is supposed to do from code that doesn't do it. Sometimes we can guess but other times we can't and we shouldn't have to ever. You need to make the effort to help us help you, which means a FULL and CLEAR description of the problem. That includes all and only the relevant code as well as an explanation of what you're trying to achieve, how you're trying to achieve it (if the code alone is not enough to do that) and what happens when you try. If your code is working as far as you can tell in this case, at least an explanation of what the code is supposed to is a must. As suggested, your code seems rather incomplete and we have no idea whether that is a mistake or on purpose.

    From what little you have posted I would say a few things.

    1. Personally, I'm not fan of declaring all local variables at the top of a method. It's a personal choice so you can do it if you want but I see very few people doing so these days. It's generally considered better practice to declare variables where they are needed, which also means limiting their scope as much as possible.
    2. There's no good reason to be using string concatenation anywhere in that code. You don't need two separate statements for that SQL and you should be using a parameter to insert the ID value.
    3. There's no good reason to use concatenation in the connection string either. You're just making the code harder to read. If you don't want a long line then you can use a multiline string literal, an XML literal or a connection string builder.

    I would recommend that you follow the CodeBank link in my signature below and check out my thread on Retrieving & Saving Data to see how I construct ADO.NET if you want to know how I think it should be done. You might also follow the Blog link and check out my post on Parameters In ADO.NET.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Featured


Click Here to Expand Forum to Full Width