-1

I am applying a split function when receiving a column value from a database table. And I want to proceed this process while button_click event. but there is a problem the string is not showing in Console.Writeline Method. here is my code:

protected void Button2_Click(object sender, EventArgs e)
{
    string st = "SELECT F_L FROM split_master where First_name='" +    TextBox1.Text + "' ";
    cmd = new SqlCommand(st, sqlcon);
    cmd.Connection.Open();
    SqlDataReader sqlread = cmd.ExecuteReader();

    while (sqlread.Read())
    {

        string[] word = sqlread["F_L"].ToString().Split();
        for (int count = 0; count < word.Length; count++)
          foreach(string words in word)
           {

            Console.WriteLine(word[count]);
           }
      }
      cmd.Connection.Close();
}

and i also want to split a string on spaces. please help .

Jason Evans
  • 28,906
  • 14
  • 90
  • 154
Anurag Dixit
  • 27
  • 1
  • 1
  • 11
  • 2
    Did you debug your code? What is the value of `word` when you debug it? Are you sure the right data coming from your sql? And you should always use [parameterized queries](http://blog.codinghorror.com/give-me-parameterized-sql-or-give-me-death/). This kind of string concatenations are open for [SQL Injection](http://en.wikipedia.org/wiki/SQL_injection) attacks. – Soner Gönül Aug 20 '14 at 07:44
  • 1
    This code wont compile... what are you splitting on? – Nico Aug 20 '14 at 07:48
  • 1
    Its true according to msdn (http://msdn.microsoft.com/en-us/library/system.string.split%28v=vs.110%29.aspx) and intellisense on VS there is no parameterless ctor however it still compiles. – Lee Aug 20 '14 at 07:51
  • @Eugene, @Nico: since the `separator` parameter in [this overload](http://stackoverflow.com/questions/25399298/retrieving-a-value-from-database-then-apply-a-split-function) is defined as `params char[]`, it can take no arguments (resulting in an empty array). In that case it will split on whitespace characters. – M4N Aug 20 '14 at 07:55
  • It works because it uses the following ctor: public string[] Split(params char[] separator); – Lee Aug 20 '14 at 07:55
  • @M4N Thanks for explaining, never knew that empty parameter list for variadic methods will be resolved by compiler as an empty array call. – Eugene Podskal Aug 20 '14 at 07:58
  • (facepalm) of course is params char[] ... sorry. – Nico Aug 20 '14 at 09:27
  • Accept the answer from @Lamloumi Afif if it helped. – Niar Aug 20 '14 at 11:41
  • code doesn't works...@Rain – Anurag Dixit Aug 21 '14 at 06:05

1 Answers1

0

First at all try to avoid the SQL injection ie don't insert directly the input text as an sql query parameters.

try this :

protected void Button2_Click(object sender, EventArgs e)
{
    string st = "SELECT F_L FROM split_master where First_name=@val ";

    using (sqlcon){
    sqlcon.Open();
    cmd = new SqlCommand(st, sqlcon);
    cmd.Parameters.AddWithValue("@val", TextBox1.Text);
    SqlDataReader sqlread = cmd.ExecuteReader();

    while (sqlread.Read())
    {

        string[] word = sqlread["F_L"].ToString().Split(' ');
           try{
          foreach(string words in word)
           {
           Console.WriteLine(words);
           }
               }
          catch{}

      }
                   }
}
Lamloumi Afif
  • 8,941
  • 26
  • 98
  • 191