question

nigelsvisionnigelsvision-3514 avatar image
0 Votes"
nigelsvisionnigelsvision-3514 asked nigelsvisionnigelsvision-3514 answered

Getting data from MySql database in to TextBoxes using multiple WHERE

Hi, I am using VB.NET win forms. I have multiple TextBoxes on my form and I am fetching data from a MySQL database like so. It does work I just want to add an extra clause to check.


 Try
             mySQLcon = New MySqlConnection("Data Source=My IP; userid=My Username; password=My Password; database=Database name")
             cmd.Connection = mySQLcon
             cmd.CommandText = ("select TrailerMOTDate,TrailerServiceDate,TrailerLocationMOT,TrailerLocationService FROM TrailerNumbersTbl WHERE TrailerNumber='" + TrailerTxtBox.Text + "'")
             mySQLcon.Open()
             Dim lrd As MySqlDataReader = cmd.ExecuteReader()
             If lrd.HasRows Then
                 lrd.Read()
                 MotDateTxtBox.Text = lrd.GetValue(0).ToString()
                 ServiceDate.Text = lrd.GetValue(1).ToString()
                 MOTLocation.Text = lrd.GetValue(2).ToString()
                 ServiceLocation.Text = lrd.GetValue(3).ToString()
                 mySQLcon.Close()
             Else
                 MsgBox("Select a trailer first")
             End If
         Catch ex As Exception
             MessageBox.Show("Hmm you have come across an error ")
         Finally
         End Try


I want to add an additional check i.e. I have the company name in a label on my form the company label is called CompanyName.Text


Where I have got this

WHERE TrailerNumber='" + TrailerTxtBox.Text + "'")

I want add an AND CompanyName.Text which would help make it more secure

Can someone help me with this?


Thanks



dotnet-visual-basic
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

nigelsvisionnigelsvision-3514 avatar image
0 Votes"
nigelsvisionnigelsvision-3514 answered

So the answer was easier than I thought

WHERE Company= '" + CompanyHeader.Text + "' AND TrailerNumber='" + TrailerTxtBox.Text + "'")


Thanks anyway



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.