I think your problem is not that you cannot convert to C#. There are plenty of websites and tools that can do this for you. Try Google and you'll find plenty of websites. I prefer
Developer Fusion[
^]. Actually a fellow CP'ian has written a blog post about this, especially because many people on CP ask for conversion tools. Read it here:
.NET Code Conversion - Convert your code[
^]
However, and I'm sorry to break this to you, but your code is flawed on many levels.
Take your query string, you simply build it and paste some user input in it. Well, suppose this user types something like
; --drop table student_info
... Or worse! Even a simple and innocent input, like "D'Artagnan" will break your query. This is called
SQL injection[
^] and is very dangerous (and unfortunately very common).
So you need to parameterize your query. Luckily this is not hard. Consider the following code:
Dim cmd As New SqlCommand("SELECT * FROM student_info WHERE no = @Number", DBConn)
cmd.Parameters.AddWithValue("@Number", CInt(TextBox12.Text))
da = New SqlDataAdapter(cmd)
Notice how your code becomes better readable? Your query is now protected from SQL injection and "D'Artagnan" will not break it! What's more, SQL servers performance will increase when you use parameterized queries. It's a win win win situation!
However, this doesn't fix everything. Your
TextBox12.Text
is user input and thus must be validated. Perhaps the user didn't enter a valid
Integer
value.
So consider the following code, using
Integer.TryParse[
^]:
Dim userInput As Integer
If Integer.TryParse(TextBox12.Text, userInput) Then
cmd.Parameters.AddWithValue("@Number", userInput)
Else
End If
So that brings us to the next point. Letting your users know if anything went wrong. You now catch an
Exception
and simply return like nothing happened. The user will wonder why they don't see their records... If you do NOT handle an
Exception
let it bubble up to the UI and at least show the user something has gone wrong there. Actually I have written an article on proper use of
Try Catch
blocks:
Using Try... Catch..., Finally![
^].
Another topic that article discusses is the
Using block[
^]. It's about cleaning up resources, which I don't see you do.
After you're done with your
SqlCommand
, your
SqlConnection
or your
SqlDataAdapter
you should properly dispose of them. The rule here is that when an
Object Implements IDisposable[
^] you should call
Dispose[
^] once you're done.
So now look at the completely revised code:
Try
ds.Clear()
Using cmd As New SqlCommand("SELECT * FROM student_info WHERE no = @Number")
Dim userInput As Integer
If Integer.TryParse(TextBox12.Text, userInput) Then
cmd.Parameters.AddWithValue("@Number", userInput)
DBConn.Open()
Using da As New SqlDataAdapter(cmd)
da.Fill(ds, "student_info")
Bind()
End Using
Else
MessageBox.Show("Please enter a valid numeric value")
End If
End Using
Catch ex As Exception
MessageBox.Show(String.Format("An exception has occurred:{0}{1}", Environment.Newline, ex.Message))
Finally
DBConn.Close
End Try
This code could be a lot more elegant. But this is a good start :)
I hope you learned a thing or two from my explanation. You can convert the code to C# yourself.
Good luck! :)