Can't update one value in datagridview

Question

I have an edit form for values in datagridview. The problem is with update code. The whole code updated:

int value = int.Parse(label13.Text); // ID
            string txtbox2 = textBox2.Text.ToString();
            string txtbox1 = textBox1.Text.ToString();
            try
            {
                var cmd = new OleDbCommand();
                cmd.CommandType = CommandType.Text;
                cmd.CommandText = "UPDATE guestreg SET g_name='" + txtbox1 + "' AND g_surname = '"+txtbox2+"'  where ID =@id";
                cmd.Parameters.AddWithValue("@id", value);
                cmd.Connection = connection;
                connection.Open();
                cmd.ExecuteNonQuery();
                {
                    MessageBox.Show("Update Success!");
                    connection.Close();
                }

When the update sql command contains just one value to update - it works (example) :

cmd.CommandText = "UPDATE guestreg SET g_name='" + textBox1.Text + "' where ID =@id";

The values not updating at all. But message box shows that everything was done. Just changes name to "0".

Thanks a lot.

You can't use `AND` that way, replace it with a comma. And then parameterize all variables, not just id. — Crowcoder, Jun 17 '17 at 14:14
@Crowcoder updated the code, still doesn't work. The value of name changes to "0" — , Jun 17 '17 at 15:25

score 0 · Accepted Answer · answered Jun 17 '17 at 14:23

0

Your update statement is invalid. Try this:

 cmd.CommandText = "UPDATE guestreg SET g_name='" + textBox1.Text + "', g_surname = '"+textBox2.Text+"'  where ID =@id";

While we're at it, you should be passing those textbox values as parameters also. Your query is vulnerable to SQL Injection. What is SQL injection?

answered Jun 17 '17 at 14:23

mjw

1,166
1
12
19

will try it now – Jun 17 '17 at 15:22

Can't update one value in datagridview

1 Answers1