-3

I'm having some troubles parsing SQL query, I'm trying to update the database. I have a database as follows:

name: Users
columns:
ID (int)
userName (string)
LastConnected (string)
isConnected (string)

I tried this:

SqlCeCommand upDateUserAsConnected = new SqlCeCommand("(update Users set isConnected='Connected' where ID=" + userID + " and userName='"+userName+"')", cn);

and that's not working... what did I do wrong?

Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
Roy M
  • 1
  • 1
  • 2
    What do you mean by _not working_ ? Any error message or exception? And please learn [parameterized queries](http://blog.codinghorror.com/give-me-parameterized-sql-or-give-me-death/). This kind of string concatenations are open for _SQL Injection_ attacks. – Soner Gönül May 25 '14 at 18:29
  • Are you sure the trouble is in the bit of code you posted? – Mihai May 25 '14 at 18:30
  • I"m getting this exption {"There was an error parsing the query. [ Token line number = 1,Token line offset = 2,Token in error = update ]"} – Roy M May 25 '14 at 18:32
  • Soner Gönül It's for a small project i'm working on nothing serious – Roy M May 25 '14 at 18:38
  • Have you tried the same query but without parentheses? – Gusman May 25 '14 at 18:46
  • yeah.. is a cell that is null can be the problem? – Roy M May 25 '14 at 18:48
  • post how you execute that query. – Hassan May 25 '14 at 18:53
  • 'code' if (userIDMach && userNameMach) { try { cn.Open(); upDateUserAsConnected.ExecuteNonQuery(); cn.Close(); return logInCheckSuccess = true; } catch (Exception) { MessageBox.Show("Testing"); } } 'code' – Roy M May 25 '14 at 18:57

1 Answers1

0

First of all you don't need parentheses within the query string. Second of all, you have merely written the query here, have you tried to execute it as non-query? How exactly are you running this query?

Rabbiya Shahid
  • 422
  • 3
  • 14