Update C # does not work

Navigation
-1

Hello, I'm trying to make an update with C # from VS , but I can not find it and I do not know if I'm having a bad time or if I can not execute a query directly as I pretend I would appreciate your help. : D 

[WebMethod]
public JsonResult UpDateEnEspera(string req_id) {


  string cs = "Data Source=DMX87025;Initial Catalog=DB_PCC;Integrated Security=True";


  using(SqlConnection connection = new SqlConnection(cs)) {
    using(SqlCommand command = connection.CreateCommand()) {
      command.CommandText = "UPDATE [DB_PCC].[dbo].[Requests]  SET [status] = 1  WHERE [id] = " + req_id;

      connection.Open();

      command.ExecuteNonQuery();

      connection.Close();
    }

  }

  return Json(new {
    success = true, message = "Status cambiado"
  }, JsonRequestBehavior.AllowGet);

}

here I leave the full error 

Server Error in '/' Application. Incorrect syntax near '='. Description: An unhandled exception occurred during the execution of the current web request.Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near '='. Source Error : Line 108: command.Parameters.Add(new SqlParameter("reqId", req_id));
Line 109 : Line 110: connection.Open();
Line 111 : Line 112: command.ExecuteNonQuery();
Source File: D: \PCotiza - compras_casifinal\ PCotiza - compras\ Controllers\ RequestController.cs Line: 110 Stack Trace : [SqlException(0x80131904): Incorrect syntax near '='.] System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action '1 wrapCloseInAction)+2440274 System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action' 1 wrapCloseInAction)+5765240 System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)+285 System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean & dataReady)+4169 System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite)+948 System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource '1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry)+286 System.Data.SqlClient.SqlCommand.ExecuteNonQuery()+286 PCotiza_compras.Controllers.RequestController.UpDateEnEspera(String req_id) in D:\PCotiza-compras_casifinal\PCotiza-compras\Controllers\RequestController.cs:110 lambda_method(Closure, ControllerBase, Object[])+103 System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters)+14 System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary' 2 parameters)+157 System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary '2 parameters)+27 System.Web.Mvc.Async.AsyncControllerActionInvoker.<BeginInvokeSynchronousActionMethod>b__39(IAsyncResult asyncResult, ActionInvocation innerInvokeState)+22 System.Web.Mvc.Async.WrappedAsyncResult' 2. CallEndDelegate(IAsyncResult asyncResult)+29 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End()+49 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult)+32 System.Web.Mvc.Async.AsyncInvocationWithFilters.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3d()+50 System.Web.Mvc.Async.<>c__DisplayClass46.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3f()+228 System.Web.Mvc.Async.<>c__DisplayClass33.<BeginInvokeActionMethodWithFilters>b__32(IAsyncResult asyncResult)+10 System.Web.Mvc.Async.WrappedAsyncResult' 1. CallEndDelegate(IAsyncResult asyncResult)+10 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End()+49 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult)+34 System.Web.Mvc.Async.<>c__DisplayClass2b.<BeginInvokeAction>b__1c()+26 System.Web.Mvc.Async.<>c__DisplayClass21.<BeginInvokeAction>b__1e(IAsyncResult asyncResult)+100 System.Web.Mvc.Async.WrappedAsyncResult' 1. CallEndDelegate(IAsyncResult asyncResult)+10 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End()+49 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult)+27 System.Web.Mvc.Controller.<BeginExecuteCore>b__1d(IAsyncResult asyncResult, ExecuteCoreState innerState)+13 System.Web.Mvc.Async.WrappedAsyncVoid' 1. CallEndDelegate(IAsyncResult asyncResult)+29 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End()+49 System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult)+36 System.Web.Mvc.Controller.<BeginExecute>b__15(IAsyncResult asyncResult, Controller controller)+12 System.Web.Mvc.Async.WrappedAsyncVoid' 1. CallEndDelegate(IAsyncResult asyncResult)+22 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End()+49 System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult)+26 System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult)+10 System.Web.Mvc.MvcHandler.<BeginProcessRequest>b__5(IAsyncResult asyncResult, ProcessRequestState innerState)+21 System.Web.Mvc.Async.WrappedAsyncVoid' 1. CallEndDelegate(IAsyncResult asyncResult)+29 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End()+49 System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult)+28 System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result)+9 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()+9987265 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)+155

Server Error in '/'
Application.
Incorrect syntax near '='.
Description: An unhandled exception occurred during the execution of the current web request.Please review the stack trace
for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near '='.

Source Error:


  Line 108: command.Parameters.Add(new SqlParameter("reqId", req_id));
Line 109:
  Line 110: connection.Open();
Line 111:
  Line 112: command.ExecuteNonQuery();

Source File: D: \PCotiza - compras_casifinal\ PCotiza - compras\ Controllers\ RequestController.cs Line: 110

Stack Trace:


  [SqlException(0x80131904): Incorrect syntax near '='.]
System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action '1 wrapCloseInAction) +2440274
   System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action'
  1 wrapCloseInAction) + 5765240
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) + 285
System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean & dataReady) + 4169
System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite) + 948
System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource '1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry) +286
   System.Data.SqlClient.SqlCommand.ExecuteNonQuery() +286
   PCotiza_compras.Controllers.RequestController.UpDateEnEspera(String req_id) in D:\PCotiza-compras_casifinal\PCotiza-compras\Controllers\RequestController.cs:110
   lambda_method(Closure , ControllerBase , Object[] ) +103
   System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14
   System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary'
  2 parameters) + 157
System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary '2 parameters) +27
   System.Web.Mvc.Async.AsyncControllerActionInvoker.<BeginInvokeSynchronousActionMethod>b__39(IAsyncResult asyncResult, ActionInvocation innerInvokeState) +22
   System.Web.Mvc.Async.WrappedAsyncResult'
    2. CallEndDelegate(IAsyncResult asyncResult) + 29 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End() +49
   System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
   System.Web.Mvc.Async.AsyncInvocationWithFilters.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3d() +50
   System.Web.Mvc.Async.<>c__DisplayClass46.<InvokeActionMethodFilterAsynchronouslyRecursive>b__3f() +228
   System.Web.Mvc.Async.<>c__DisplayClass33.<BeginInvokeActionMethodWithFilters>b__32(IAsyncResult asyncResult) +10
   System.Web.Mvc.Async.WrappedAsyncResult'
    1. CallEndDelegate(IAsyncResult asyncResult) + 10 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End() +49
   System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
   System.Web.Mvc.Async.<>c__DisplayClass2b.<BeginInvokeAction>b__1c() +26
   System.Web.Mvc.Async.<>c__DisplayClass21.<BeginInvokeAction>b__1e(IAsyncResult asyncResult) +100
   System.Web.Mvc.Async.WrappedAsyncResult'
    1. CallEndDelegate(IAsyncResult asyncResult) + 10 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End() +49
   System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
   System.Web.Mvc.Controller.<BeginExecuteCore>b__1d(IAsyncResult asyncResult, ExecuteCoreState innerState) +13
   System.Web.Mvc.Async.WrappedAsyncVoid'
    1. CallEndDelegate(IAsyncResult asyncResult) + 29 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End() +49
   System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +36
   System.Web.Mvc.Controller.<BeginExecute>b__15(IAsyncResult asyncResult, Controller controller) +12
   System.Web.Mvc.Async.WrappedAsyncVoid'
    1. CallEndDelegate(IAsyncResult asyncResult) + 22 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End() +49
   System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +26
   System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
   System.Web.Mvc.MvcHandler.<BeginProcessRequest>b__5(IAsyncResult asyncResult, ProcessRequestState innerState) +21
   System.Web.Mvc.Async.WrappedAsyncVoid'
    1. CallEndDelegate(IAsyncResult asyncResult) + 29 System.Web.Mvc.Async.WrappedAsyncResultBase '1.End() +49
   System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
   System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9987265
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155
    
asked by E.Rawrdríguez.Ophanim 04.01.2018 в 23:43
source

2 answers

1

You should not concatenate strings when you use SQL. Instead, it always uses parameters to avoid SQL injections: 

using(SqlConnection connection = new SqlConnection(cs))  
{
    using(SqlCommand command = connection.CreateCommand()) 
    {
        command.CommandText = "UPDATE [DB_PCC].[dbo].[Requests] SET [status] = 1 WHERE [id] = @reqId";
        command.Parameters.Add(new SqlParameter("reqId", reqId));

        connection.Open();
        command.ExecuteNonQuery();
    }
}

Also, if you use using , it is not necessary to explicitly call connection.Close() since the Dispose() calls it.

    
answered by 05.01.2018 в 11:32
0

It is better to do what Camilo tells you with parameters, but if you do it concatenated string, you need to add the single quotes, it would stay like this: 

command.CommandText = "UPDATE [DB_PCC].[dbo].[Requests]  SET [status] = 1  WHERE [id] = '" + req_id + "'";
    
answered by 05.01.2018 в 11:38
Error Status 500 in java Adapt .PHP file to .HTML to embed Javascript