Ken

Help with parameters passing a column to a MySql query

Jul 13 2017 2:53 AM

Hi. I have a function that returns a dictionary with info pulled from a database. The first parameter of the function is a string of the column to search, the second a string with the value. I am doing this:

Dictionary<string, string> getData(string indexfield, string indexvalue) {
using (MySqlConnection DB = getConnection()) {
using (MySqlCommand cmd = new MySqlCommand("SELECT * FROM customers WHERE ?if = ?iv", DB) {
DB.Open();
cmd.Parameters.AddWithValue("?if", indexfield);
cmd.Parameters.AddWithValue("?iv", indexvalue);
using (MySqlDataReader RS = cmd.ExecuteReader()) {
DataTable schemaTable = RS.GetSchemaTable();
if (!RS.HasRows) { MessageBox.Show("debug"); return ret; }
while (RS.Read()) {
foreach (DataRow fld in schemaTable.Rows) {
ret.Add(fld["ColumnName"].ToString(), RS[fld["ColumnName"].ToString()].ToString());
}
}
}
DB.Close();
}
}

When I run that, I get the "debug" messagebox indicating no rows. I enabled the general log in MySQL, and I see this when passing field cid and value 5:

SELECT * FROM customers WHERE 'cid' = '5'

I copied that and ran the query, it failed. Once I made it cid instead of 'cid', it worked fine. Why is C# adding quotes around my field? Is it because the variable being passed to cmd.Parameters.AddWithValue is a string? Is there any way to stop that?

Answers (1)

Hotel HotelID have relation with package and in same time ha

Excel sheet will upload but not store in database using Asp