Instead of a textbox, how can I do this:Code:Dim SQLQuery = "SELECT * FROM MYTABLE WHERE MYCOLUMD = '" + TextBox1.Text + "'"
Code:FFF.DownloadString("http://www.mywebsite.com")
Printable View
Instead of a textbox, how can I do this:Code:Dim SQLQuery = "SELECT * FROM MYTABLE WHERE MYCOLUMD = '" + TextBox1.Text + "'"
Code:FFF.DownloadString("http://www.mywebsite.com")
Anyone?
First off, use a parameterised query to guard against SQL injection attacks. Like this:
vbnet Code:
As to your question, I assume FFF is an instance of WebClient? In which case, DownloadString() returns
a string containing the entire resource. You may need to parse out the value you're after from the return from this function. Maybe not though. Once you've got the string that represents your value, you simply use that in place of the 'TextBox1.Text' expression.
[Edit: for MySQL, you'd be using the MySQL client library, no doubt. So use MySqlCommand instead of SqlCommand. I am pretty sure that the parameter syntax in the query is the same (i.e. named parameters preceeded with an '@' symbol]
That is my current code. I'm not too worried about SQL injection hacks at the moment, because this is just for my personal use.Code:Dim FFF As New System.Net.WebClient()
Dim SQLQuery = "SELECT * FROM TABLE WHERE COLUMD = FFF.DownloadString("http://www.mywebsite.org")
The problem with the above code though is error "End of statement expected" and "SQLQuery is not declared. It may be in accessible..."
Can you post example code?
Also, I didn't want to make another thread, but I have another error.
Whenever the textbox says "Default" and I click on the checkbox, the msgbox pops up twice. Any way to fix this?Code:Private Sub CheckBox1_CheckChanged(sender As System.Object, e As System.EventArgs) Handles CheckBox1.CheckedChanged
If TextBox1.Text = "Default" Then
MessageBox.Show("Default")
CheckBox1.Checked = False
Else
MsgBox("Not Default")
End If
End Sub
So are you going to post every error you ever have for the rest of your life to this thread? One thread per topic and one topic per thread please. New topic = new thread.Quote:
Originally Posted by Ritzky
Ok well how about the answer to the first question?
So assuming you just want the returned string from that DownloadString method in place of the TextBox's Text, you started with this:Quote:
Originally Posted by Evil_Giraffe
and, replacing the "TextBox1.Text" expression with "FFF.DownloadString("...")" as I suggested, you ended up with this:Code:Dim SQLQuery = "SELECT * FROM TABLE WHERE COLUMD = '" + TextBox1.Text + "'"
(Hint: where have the red bits gone?)Code:Dim SQLQuery = "SELECT * FROM TABLE WHERE COLUMD = FFF.DownloadString("http://www.mywebsite.org")
That's a good reason not to bring up new topics in existing threads. I assumed that the original question had been answered. Now that I look at it, I don't even really know what the question is. Are you saying that you want to get some text from a web site and then use that text in a SQL query? You might try providing a FULL and CLEAR explanation in future because those with no prior experience with your project, i.e. everyone but you, won't necessarily be able to interpret code snippets. Anyway, if that's what you want then you pretty much do exactly what you said. You use the result of DownloadString instead of the Text of the TextBox. This is your original code:Quote:
Originally Posted by Ritzky
This would be your new code:Code:Dim SQLQuery = "SELECT * FROM MYTABLE WHERE MYCOLUMD = '" + TextBox1.Text + "'"
It's just a straight substitution of one String for another.Code:Dim SQLQuery = "SELECT * FROM MYTABLE WHERE MYCOLUMD = '" + FFF.DownloadString("http://www.mywebsite.com") + "'"
i tried that but it didn't work.
This worked though. :DCode:Dim SQLQuery = "SELECT * FROM TABLE WHERE COLUMN = '" & FFF.DownloadString("yourwebsite.com") & "'"
thanks for all the helpp!!