3

I'm trying to run a MySqlCommand with a parameter, but when I look in the SQL logs, the parameter is showing up.

I've tried with both @ and ?, tried with 'old syntax=yes' in my sqlconnection string also.

Here's my code.

bool CheckLoginDetails(string username, string password){
    DataTable dt = new DataTable ();
    MySqlCommand command = new MySqlCommand ("select * from `accounts` where `username` = '@username';", SL.Database.connection);
    command.Parameters.AddWithValue ("@username", username);
    dt.Load (command.ExecuteReader());
}

Here's the SQL logs.

150823  3:19:50    22 Connect   root@localhost on unity_test
       22 Query SHOW VARIABLES
       22 Query SHOW COLLATION
       22 Query SET character_set_results=NULL
       22 Init DB   unity_test
150823  3:19:52    22 Query select * from `accounts` where `username` = '@username'

I'm using .net 2.0 and I'm unsure of the mysql dll version, I found that here: http://forum.unity3d.com/threads/reading-database-and-or-spreadsheets.11466/

I'm unable to upgrade .net due to Unity. Any advice would be greatly appreciated!

Improve this question

4 Answers 4

Reset to default
1

Suggestion (not tested):

bool CheckLoginDetails(string username, string password){
    string sql = select * from accounts where username = ?";
    MySqlCommand command  = new MySqlCommand(sql);
    command.Parameters.Add(new MySqlParameter("", username));
    MySqlDataReader r = command.ExecuteReader();
    ...
}

The main point is that "?" should work.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This one worked, thanks a lot! New code is like so, for anyone wondering. MySqlCommand command = new MySqlCommand ("select * from accounts where username = ?username", SL.Database.connection); command.Parameters.Add(new MySqlParameter("username", username))
0

Try command.Parameters.Add("@username", MysqlDbType.Varchar).Value = username;

Should work !

Improve this answer

Comments

0

Try this, change

MySqlCommand command = new MySqlCommand ("select * from `accounts` where `username` = '@username';", SL.Database.connection);
command.Parameters.AddWithValue ("@username", username);

to

MySqlCommand command = new MySqlCommand ("select * from accounts where username = @username;", SL.Database.connection);
command.Parameters.Add("@username", username);
Improve this answer

Comments

0

Try this(suggestion)

bool CheckLoginDetails(string username, string password){
DataTable dt = new DataTable ();
MySqlCommand command = new MySqlCommand ("select * from accounts where username = @username;", SL.Database.connection);
command.Parameters.AddWithValue ("@username", username);
dt.Load (command.ExecuteReader());

}

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.