public DataTable findrecords(string UserName) { connect.Open(); SqlCommand cmd = new SqlCommand("Select * from UserInfo where UserName= '" + UserName + "'", connect); DataTable dt = new DataTable(); SqlDataAdapter sda = new SqlDataAdapter(cmd); sda.Fill(dt); return dt; }
public void selectRecords() { da.findrecords(UserName); }
cmd.Parameters.AddWithValue("@UserName", UserName); da.findrecords(UserName);
bll.UserName = UserNameTextBox.Text; bll.selectRecords(); if (bll.UserTyp == 0) { Session.Add("Msg_", "user you are un active"); Response.Redirect("~/ShowMessage.aspx"); } else if (bll.UserTyp == 1) { Response.Redirect("~/index.aspx"); }
public DataTable findrecords(string UserName) { using (SqlCommand cmd = new SqlCommand("Select * from UserInfo where UserName= @UserName", connect)) { cmd.Parameters.AddWithValue("@UserName", UserName); DataTable dt = new DataTable(); SqlDataAdapter sda = new SqlDataAdapter(cmd); sda.Fill(dt); return dt; } }
SqlCommand cmd = new SqlCommand("Select * from UserInfo where UserName= '" + UserName + "'", connect);
if (!string.IsNullOrEmpty(UserNameTextBox.Text) { bll.UserName = UserNameTextBox.Text; bll.bl_bind(); if (bll.UserTyp == 0) { Response.Redirect("~/ShowMessage.aspx"); } else { // handle invalid (empty) username... }
UserName
null
cmd.Parameters.AddWithValue("@UserName", UserName);
@UserName nvarchar(x) = null,
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)