current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 3 down vote favorite

I am new with this so i think it will be easy for you.I am making WFA application.I have DataGridView on my form and i want to insert SQL table in DataGridView.Here is my code:

OracleCommand cmd = new OracleCommand();
        OracleDataReader reader;
        cmd.Connection = conn;

        cmd.CommandText = "select * from rezervacija where korisnicko_ime_posetioca = '" + kip + "'";
        cmd.CommandType = CommandType.Text;
        reader = cmd.ExecuteReader();
        while (reader.Read())
        {

        }

I already opened the connection so thats not a problem.What do i need to do while reader is reading so i could bind data's?

share|improve this question
    
Don't use inline SQL like in the manner you are doing it, use parameterized SQL to avoid SQL injection attacks. –  Cortright Jun 13 '13 at 17:02
    
Please look at this page: msdn.microsoft.com/en-us/library/… –  CM Kanode Jun 13 '13 at 17:04
add comment

1 Answer

up vote 1 down vote

Use an OracleDataAdapter like this:

OracleDataAdapter yourAdapter = new OracleDataAdapter();
OracleCommand command = new OracleCommand("select * from rezervacija where korisnicko_ime_posetioca = :kip", conn);

//Add your parameters like this to avoid Sql Injection attacks
command.Parameters.AddWithValue(":kip", kip);
yourAdapter.SelectCommand = command;
DataSet yourDataSet = new DataSet("RezervacijaData");

yourAdapter.Fill(yourDataSet, "rezervacija");

//Finally do the binding

yourDataGrid.SetDataBinding(yourDataSet, "Rezervacija");

This is the general idea. I'm not at my development machine so I haven't tested the code, but it should be fairly close.

share|improve this answer
add comment

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.