Home/ Questions/Q 8362735
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T12:00:37+00:00

I am trying to delete a row in my users_stocks table. I use this

  • 0

I am trying to delete a row in my users_stocks table.

I use this code:

public bool removeStock(string user_name,string stock_symbol)
{
    user_name = user_name.Trim();
    stock_symbol = stock_symbol.Trim();
    string statement = "DELETE FROM " + "users_stocks" + " WHERE user_name = '" + user_name + "'" + " AND " + "stock_symbol = " + "'" + stock_symbol + "'" ;
    SqlCommand cmdnon = new SqlCommand(statement, connection);
    try
    {
        connection.Open();
        int num = cmdnon.ExecuteNonQuery();
         connection.Close();
        return true;
    }
    catch (SqlException ex)
    {
        Console.WriteLine(ex.ToString());
        connection.Close();
        return false;
    }
}

There is a row with this data, but the query wont erase it.

What am i missing?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use parametrized query to avoid Sql Injection Attacks and quoting problems
    Not to mention that a parametrized query could be stored by the optimization engine of SqlServer and reused more quickly. An hand made query will be reevaluated every time you send to the database- 

    public bool removeStock(string user_name,string stock_symbol) 
{ 
    user_name = user_name.Trim(); 
    stock_symbol = stock_symbol.Trim(); 
    string statement = "DELETE FROM users_stocks " + 
                        "WHERE user_name = @name AND stock_symbol = @stock" ; 
    SqlCommand cmdnon = new SqlCommand(statement, connection); 
    try 
    { 
        cmdnon.Parameters.AddWithValue("@name", user_name);
        cmdnon.Parameters.AddWithValue("@stock", stock_symbol);
        connection.Open(); 
        int num = cmdnon.ExecuteNonQuery(); 
        connection.Close(); 
        return true; 
    } 
    catch (SqlException ex) 
    { 
        Console.WriteLine(ex.ToString()); 
        connection.Close(); 
        return false; 
    } 
}
    • 0