All geek questions in one place

String composition in C #

I am trying to understand why this code does not work in C # and how to fix it.

string first = "hello";
string second = "look at" + first + "me";

Any suggestions?

Edit: Sorry, I thought the error I was making was a simple mistake by a beginner. I think there is more. This is my actual code:

 string toolOp = lstToolOpen.SelectedValue.ToString();
 string sqlComm = "INSERT INTO ES_TOOL_FACET (esfa_facet, esfa_tool) values (" +
            + toolOp + ", " +  cmbFacet.SelectedValue +"   ) ";

The error I get: Operator + cannot be applied to an operand of type 'string'. There is a red line under toolOp on the third line of code.

+3
source share
1 answer

You have two +before toolOp. It should be:

string sqlComm = "INSERT INTO ES_TOOL_FACET (esfa_facet, esfa_tool) values (" +
        toolOp + ", " +  cmbFacet.SelectedValue +"   ) ";

Speaking of which, I would recommend that you use parameterized queries. Remember that every time you use a statement +when building an SQL query, you do it wrong:

string sqlComm = "INSERT INTO ES_TOOL_FACET (esfa_facet, esfa_tool) VALUES (@esfa_facet, @esfa_tool)";
sqlCommand.Parameters.AddWithValue("@esfa_facet", toolOp);
sqlCommand.Parameters.AddWithValue("@esfa_tool", cmbFacet.SelectedValue);

You are now protected against SQL injection.

: + SQL-.

+15

Source: https://habr.com/ru/post/1782556/

More articles:


All Articles