This function works because I search by userid:
private void showList_Click(object sender, EventArgs e)
{
int id = 0;
for (int i = 0; i <= sqlClient.Count("UserList"); i++)
{
Dictionary<string, string> dik = sqlClient.Select("UserList", "userid = " + id);
var lines = dik.Select(kv => kv.Key + ": " + kv.Value.ToString());
userList.AppendText(string.Join(Environment.NewLine, lines));
userList.AppendText(Environment.NewLine);
userList.AppendText("--------------------------------------");
id++;
}
}
This function does not work because I search by email:
private void login_Click(object sender, EventArgs e)
{
string email = lemail.Text;
Dictionary<string, string> dik = sqlClient.Select("UserList", "firstname = " + email);
var lines = dik.Select(kv => kv.Key + ": " + kv.Value.ToString());
logged.AppendText(string.Join(Environment.NewLine, lines));
}
This is the error message I receive when I click on the login button:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right
syntax to use near '@aol.com' at line 1
The email I searched for in the database was "
[email protected]" without quotes.
I'm lead to believe by the error message the @ sign is causing conflict as I know it is a special character but I am having a hard time figuring out what phrase to search for to help me.
Also, here is the function that is being called:
public Dictionary<string, string> Select(string table, string WHERE)
{
//This methods selects from the database, it retrieves data from it.
//You must make a dictionary to use this since it both saves the column
//and the value. i.e. "age" and "33" so you can easily search for values.
//Example: SELECT * FROM names WHERE name='John Smith'
// This example would retrieve all data about the entry with the name "John Smith"
//Code = Dictionary<string, string> myDictionary = Select("names", "name='John Smith'");
//This code creates a dictionary and fills it with info from the database.
string query = "SELECT * FROM " + table + " WHERE " + WHERE + "";
Dictionary<string, string> selectResult = new Dictionary<string, string>();
if (this.Open())
{
MySqlCommand cmd = new MySqlCommand(query, conn);
MySqlDataReader dataReader = cmd.ExecuteReader();
try
{
while (dataReader.Read())
{
for (int i = 0; i < dataReader.FieldCount; i++)
{
selectResult.Add(dataReader.GetName(i).ToString(), dataReader.GetValue(i).ToString());
}
}
dataReader.Close();
}
catch { }
this.Close();
return selectResult;
}
else
{
return selectResult;
}
}
My database table is called "UserList"
The fields in order are as follows:
userid, email, password, lastname, firstname
Any help would be greatly appreciated. This site is amazing!
