Home/ Questions/Q 7897563
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T08:11:54+00:00

I have tried posting this earlier and had to delete it because the code

  • 0

I have tried posting this earlier and had to delete it because the code editor did not post it correctly and incompletely. plus I had a member ask me about SQL injection.

Here’s the story:

I have a page where the user can check his information before it is submitted to the database. All I want to do is look to see if that primary key is present before I submit it to avoid getting a server error.

In my page load event I have the following:

SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString1"].ConnectionString);

SqlCommand oldcmd = new SqlCommand("SELECT * from dbo.registrar WHERE [MY ID] = '"+ID+"'", conn);
oldcmd.CommandType = CommandType.Text;

SqlDataAdapter da = new SqlDataAdapter(oldcmd);
DataTable dt = new DataTable();
da.Fill(dt);

if (dt.Rows.Count >= 1)
{
   lblExists.Visible = true;
   lblExists.ForeColor = System.Drawing.Color.Red;
   lblExists.Text = "Oops! Our records show that you have already signed up for this service. Please check your information or contact your administrator for further assistance.";
}

The label fires even though there is no record in the database which tells me that I am doing it wrong.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Try this.

    SqlCommand oldcmd = new SqlCommand("SELECT COUNT(*) from dbo.registrar WHERE [MY ID] = @id", conn);
oldcmd.Parameters.Add("@id", SqlDbType.Int);
oldcmd.Parameters["@id"].Value = ID;

if ((int)oldcms.ExecuteScalar() >= 1)
{
    lblExists.Visible = true;
    lblExists.ForeColor = System.Drawing.Color.Red;
    lblExists.Text = "Oops! Our records show that you have already signed up for this service. Please check your information or contact your administrator for further assistance.";
}
else
{
    lblExists.Visible = false;
}
    • 0