0

Working on a project which will update a column in my database with the users instagram ID. When I try run the query it isn't updating the column I've specified in my query.

I'm trying to update a table based off the Instagram ID of a user but nothing is being updated on my dev db. I feel like it has something to do with my SQL query

public static async Task<InstagramUser> ScrapeInstagram(string url)
        {
            using (var client = new HttpClient())
            {
                var response = await client.GetAsync(url);
                if (response.IsSuccessStatusCode)
                {
                    // create html document
                    var htmlBody = await response.Content.ReadAsStringAsync();
                    var htmlDocument = new HtmlDocument();
                    htmlDocument.LoadHtml(htmlBody);

                    // select script tags
                    var scripts = htmlDocument.DocumentNode.SelectNodes("/html/body/script");

                    // preprocess result
                    var uselessString = "window._sharedData = ";
                    var scriptInnerText = scripts[0].InnerText
                        .Substring(uselessString.Length)
                        .Replace(";", "");

                    // serialize objects and fetch the user data
                    dynamic jsonStuff = JObject.Parse(scriptInnerText);
                    dynamic userProfile = jsonStuff["entry_data"]["ProfilePage"][0]["graphql"]["user"];

                    //Update database query 
                    string connectionString = @"Server=myproject-dev-db.cothtpanmcn7.ap-southeast-2.rds.amazonaws.com;Database=Enrolment;User Id=testadmin;Password=test123;MultipleActiveResultSets=true;Trusted_Connection=False;";

                    using (SqlConnection con = new SqlConnection(connectionString))
                    {
                        SqlCommand cmd = new SqlCommand("Update ApplicationUser Set InstagramId = '" + userProfile.id + "'" + "where Instagram =  '" + userProfile.username + "'", con);


                    }
                   
                    // create an InstagramUser
                    var instagramUser = new InstagramUser
                    {
                        FullName = userProfile.full_name,
                        FollowerCount = userProfile.edge_followed_by.count,
                        FollowingCount = userProfile.edge_follow.count,
                        Id = userProfile.id,
                        url = url
                    };
                    return instagramUser;
                } else
                {
                    throw new Exception($"Something wrong happened {response.StatusCode} - {response.ReasonPhrase} - {response.RequestMessage}");
                }
            }
        }
Improve this question
2
  • Answered my own question I was missing the following lines: cmd.Connection.Open(); cmd.ExecuteNonQuery(); Commented Sep 16, 2020 at 3:01
  • 1
    SQL Injection alert - you should not concatenate together your SQL statements - use parametrized queries instead to avoid SQL injection - check out Little Bobby Tables Commented Sep 16, 2020 at 3:50

1 Answer 1

Reset to default
1

Answered my own question:

Was missing the following lines of code:

cmd.Connection.Open();
cmd.ExecuteNonQuery();
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

There are other issues here. You shouldn't post your connection string info on the internet. Also concatenating your sql statement leaves you open for sql injection attacks.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.