0

I need to pass 3 parameters to my API DELETE request. Here is my code what I have try.

TaskModel

public class TaskModel
{
    public int DeveloperID { get; set; }
    public int ProjectID { get; set; }
    public string WorkDate { get; set; }
}

This a controller class. called TaskController

    [Route("api/Task")]
    public void Delete(TaskModel value)
    {
        TaskPersistent tp = new TaskPersistent();
        tp.deleteTask(value);
    }

This is TaskPersistent.class

public void deleteTask(TaskModel task)
{
    try
    {
        string sqlString = "DELETE from devproj WHERE (DeveloperID, ProjectID, WorkDate) =  VALUES ('" + task.DeveloperID + "', '" + task.ProjectID + "', '" + task.WorkDate + "')"; // System.NullReferenceException throw
        MySql.Data.MySqlClient.MySqlCommand cmd = new MySql.Data.MySqlClient.MySqlCommand(sqlString, conn);
        cmd.ExecuteNonQuery();
        long x = cmd.LastInsertedId;
    }
    catch (MySqlException x)
    {
        int errr = x.Number;

        Console.WriteLine(errr);
    }
}

I consume this API using ARC rest client like this,http://localhost:2731/api/Task?DeveloperID=1&ProjectID=2&WorkDate="2018-03-14" But when I pass the parameters like this,API thrown exception: 'System.NullReferenceException' in DeleteAPI.dll (I commented error occurred line in my code). What I did wrong here.

Gamma
  • 153
  • 1
  • 1
  • 13
  • Possible duplicate of [What is a NullReferenceException, and how do I fix it?](https://stackoverflow.com/questions/4660142/what-is-a-nullreferenceexception-and-how-do-i-fix-it) – Camilo Terevinto Mar 14 '18 at 10:38
  • You need to consume this API by posting your `TaskModel` as a body for the model binder to work with the way you have your `Delete` controller action set up. Alternatively, change the `Delete` method parameters to `int developerId, int projectId, DateTime workDate` – Vidmantas Blazevicius Mar 14 '18 at 10:39
  • @VidmantasBlazevicius Can you give me it as a answer.please. – Gamma Mar 14 '18 at 10:40
  • If your API method is for a delete action, a good practice is to add `[HttpDelete]` as attribute and send DELETE instead GET. – User.Anonymous Mar 14 '18 at 10:45
  • @User.Anonymous Where I need to put that,before method? – Gamma Mar 14 '18 at 10:52
  • 1
    Yes, between [Route] attribute and method declaration `[Route("api/Task")] [HttpDelete] public void Delete(TaskModel value)` and so you can call with DELETE verbs instead of GET. – User.Anonymous Mar 14 '18 at 10:55
  • @User.Anonymous Thank you sir, please give me an answer. – Gamma Mar 14 '18 at 10:57
  • Please, pay also attention to a possibile Sql Injection problem. Consider cmd.Parameters.AddWithValue() – Riff May 09 '18 at 15:25

2 Answers2

2

You need to consume this API by posting your TaskModel as a body for the model binder to work with the way you have your Delete controller action set up. Alternatively, change the Delete method parameters to int developerId, int projectId, DateTime workDate.

    [Route("api/Task")]
    public void Delete(int developerId, int projectId, DateTime workDate)
    {
        var taskModel = new TaskModel
        {
            DeveloperId = developerId,
            ProjectID = projectId,
            WorkDate = workDate
        };
        TaskPersistent tp = new TaskPersistent();
        tp.deleteTask(taskModel);
    }
Vidmantas Blazevicius
  • 4,327
  • 2
  • 8
  • 28
2
string sqlString = "DELETE from devproj WHERE (DeveloperID, ProjectID, WorkDate) =  VALUES ('" + task.DeveloperID + "', '" + task.ProjectID + "', '" + task.WorkDate + "')"; // System.NullReferenceException throw

This query don't work. SQL delete is :

string sqlString = $"DELETE from devproj WHERE DeveloperID = {task.DeveloperID} AND ProjectID = {task.ProjectID} AND WorkDate = {task.WorkDate}";

And don't forget to check for null value in your model before execute query.

User.Anonymous
  • 1,613
  • 1
  • 26
  • 46