Hey guys,
I urgently need your help. Just stuck in the develpment of my website.
My problem is as follows:-
I am using asp:hyperlink in my masterpage as--

 <asp:HyperLink ID="HyperLink9" runat="server" Text="Expert" 
                    Font-Underline="False" ForeColor="White" 
                    NavigateUrl="~/exam.aspx?cat=css_ex" ToolTip="Expert in CSS?"></asp:HyperLink>

and in exam.aspx page , i am retrieving the values from exam table in exam.mdf database depending on the comparison of querystring value of "cat" with column name "category" of the table "exam" as--

 cmd.CommandText = "select * from exam where category = " + Request.QueryString["cat"].ToString() ;

now on running the website ,the error comes as --
Invalid column name 'css_ex'...
I am not able to understand the situation. Please guys help me as soon as possible.
Thanks in advance.

Member Avatar for michelleradu

Try to put single quotes around the value you're testing in the where clause of the query:
cmd.CommandText = "select * from exam where category = '" + Request.QueryString["cat"].ToString() + "'" ;

Never use hard-coded sql strings. Always use Parameters.

cmd.CommandText = "select * from exam where category=@category";
cmd.Parameters.AddWithValue("@category",Request.QueryString["cat"]);

thnks man

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.