locked
Can you see anything wrong with this RRS feed

  • Question

  • User565442435 posted

    I am connection to an access database and trying to execute two commands. Can anyone see anything wrong with this code. I can't test it because the code requires a postback from paypal and I can't figure out how to set up a fake postback. Thanks

    Dim SQL As String = "update tblUsers set ismemeber = 1 where userid = " & UserID
                        Dim memberCommand As New Data.OleDb.OleDbCommand(SQL, myConnection)
    
                        Dim AmountDue As String = System.Configuration.ConfigurationManager.AppSettings("registrationFee")
                        Dim str3SQL As String = "insert into tblRegistrations (UserID, PaymentID, AmountDue, DateRegistered) values (" & UserID & ", " & PaymentID & ", " & AmountDue & ", #" & Today.Date.ToString & "#)"
                        Dim renewalCommand As New Data.OleDb.OleDbCommand(str3SQL, myConnection)
                        Try
                            myConnection.Open()
                            renewalCommand.ExecuteNonQuery()
                        Catch ex As Exception
                            NsraShared.log_error("error with renewal sub")
                        Finally
                            myConnection.Close()
                        End Try
                        Try
                            myConnection.Open()
                            memberCommand.ExecuteNonQuery()
                        Catch ex As Exception
                            NsraShared.log_error("error with renewal sub")
                        Finally
                            myConnection.Close()
                        End Try

    Thanks for any help. What I added was the memberCommand. It already had the renewalCommand in there and was working. Now it's not, any ideas why?


    Thursday, September 17, 2009 2:56 PM

All replies

  • User-2119480821 posted

    Instead of directly binding userids to select/insert, use paramaterized query concept, this will help from sql injections.browse web for examples.

    y using two try catch block, handle it in single.

    please wait for more suggestions.

    Thursday, September 17, 2009 4:14 PM
  • User565442435 posted

    One last thing, I know this isn't the proper way to do sql inserts. I didn't design it and its a site that is used by very few people. I don't need advice on best practices, although I appriciate it. I used two try catches because I have ran into issues with an access db putting them in one. Thanks for any suggestions.

    Thursday, September 17, 2009 5:28 PM
  • User-952121411 posted

    It already had the renewalCommand in there and was working. Now it's not
     

    How do you know it is not working if you can't test it?  If you were able to test it, could you please post the exception you received?

    Aside from the best practices you have already addressed, your code looks to be in order.  The exception you may have received should tell exactly the issue coming from that code.  The only problematic issues I see you could have is in regards to the SQL.  For example, I can't see the db schema, but if the UserID is marked as an int in the db, and you are trying to insert a varchar or something along those lines.  Or if you mis-spelled a table or column name.

    Also opening, closing, and re-opening the connection should not cause an exception as long as you do not dispose it.

    Friday, September 18, 2009 2:12 PM
  • User-2119480821 posted

    I don't need advice on best practices, although I appriciate it.
     

     

    If you knew everything why asking us to check your code..

    Why dont test locally on your DB, creating above tables instead going hit a paypal..

    Saturday, September 19, 2009 2:24 AM
  • User565442435 posted

    The only reason I know it is not working is because when someone actually pays, the user gets a confirmation email. The person that pays is then redirected back to the page where this code is located in the page load. If no one sees anything wrong, then I just have to look into it deeper. Thanks for all of your help.

    Monday, September 21, 2009 10:03 AM