Modify database from web page

Printable View

Aug 14th, 2009, 10:18 AM
principiante

Modify database from web page

I am using this code to write data from an access database in C: to an asp textbox (txtNam) in a web page. I´m searching it from a textbox named “txtCode” with a “Go” asp Button inside the same page.

Protected Sub btnGo_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnGo.Click
Dim oConnection As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:WEBMTT.mdb")
oConnection.Open()
Dim oCommand As New OleDbCommand("SELECT * FROM Equipment WHERE Code='" & txtCode.Text & "'")
oCommand.Connection = oConnection
Dim oRedader As OleDbDataReader
oRedader = oCommand.ExecuteReader()

While oRedader.Read
txtNam.Text = oRedader.Item("Name")
End While
oConnection.Close()
End sub

How can I use another textbox and another button to change that field “Name” in that database from the web page?. I mean, doing the process backwards. The table’s name is “Equipment”. Thanks in advance
Aug 14th, 2009, 11:13 AM
mendhak

Re: Modify database from web page

Something similar, but you'd use ExecuteNonQuery.

Your statement would be an UPDATE statement

UPDATE tablename SET fieldname='something' WHERE field1 = 1234
Aug 14th, 2009, 04:56 PM
principiante

OK Modify database from web page OK

That was the answer

Protected Sub btnGua_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnGua.Click
Dim oConnection As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:WEBMTT.mdb")
oConnection.Open()
Dim oCommand As New OleDbCommand("update Equipment set Name='" & txtCode2.Text & "' where Codigo='" & txtCode.Text & "'")
oCommand.Connection = oConnection
oCommand.ExecuteNonQuery()
oConnection.Close()
End Sub
Aug 14th, 2009, 05:14 PM
rjv_rnjn

Re: Modify database from web page

Since you are at it you would like to use parameterized queries rather than building the query all by itself. Something like

Code:

Dim cmd As New OleDbCommand() cmd.CommandText = "update Equipment set Name=@equipmentName where Codigo= @code" Dim param As New OleDbParameter() param.ParameterName = "@equipmentName" param.Value = txtCode2.Text.Trim() param.OleDbType = OleDbType.VarChar param.Direction = ParameterDirection.Input cmd.Parameters.Add(param)

Do similarly for the second parameter. The advantages are improved query performance (may not matter here) and avoiding SQL injection.