Error in executing web method

Question

I have created asp.net WebService. I want to update user's info after validating him , means if new UserName entered by him is not already exist than only he can update new UserName otherwise not .

The problem is that it validates the user successfully but when i am trying to specify new UserName which is not exist than it gives me an error like ;

 Request format is unrecognized for URL unexpectedly ending in '/UpdateUserInfo'.

Following is my code :

 public int UpdateUserInfo(string oldusername, string newusername, string mailid, string password)
    {
        string validateUser = "Select UserName from tbl_UserInfo where UserName='" + newusername + "' ";
        con = new MySqlConnection(conString);
        con.Open();
        MySqlCommand cmd1 = new MySqlCommand(validateUser, con);
        string User = cmd1.ExecuteScalar().ToString();
        con.Close();
        if (User == newusername)
        {
            return 0;
        }
        else 
        {
            string updateUser = "Update tbl_UserInfo SET UserName='" + newusername + "',Password='" + password + "',Email_ID='" + mailid + "' where UserName='" + oldusername + "' ";
            con = new MySqlConnection(conString);
            con.Open();
            MySqlCommand cmd = new MySqlCommand(updateUser, con);
            int success = cmd.ExecuteNonQuery();
            con.Close();

            if (success > 0)
            {
                return success;
            }
            else
                return 0;
        }
    }

NOTE : I want result as ;

         IF my UserName is A and when i update that UserName with same name 
           i.e A than it should not be updated but when i give another name as B 
             than it should be updated by B i.e now UserName A becomes the B

what can be problem ?

Please give solution.

Thanks..

try this http://stackoverflow.com/questions/657313/request-format-is-unrecognized-for-url-unexpectedly-ending-in — Tariqulazam, May 16 '12 at 12:33
Have you declared the method in your web service as `[WebMethod]`. From where are you calling your method? is it a POST request or GET? — Murtaza, May 16 '12 at 12:34

Darin Dimitrov · Accepted Answer · 2012-05-16T12:43:59.513

Oh, please use parametrized queries. Ah, and dispose your IDisposable resources. You wil save yourself headaches, SQL injections, improperly formatted data, ...

public int UpdateUserInfo(
    string oldusername, 
    string newusername, 
    string mailid, 
    string password
)
{
    using (var con = new MySqlConnection(conString))
    using (var cmd = con.CreateCommand())
    {
        con.Open();
        cmd.CommandText = "SELECT count(UserName) from tbl_UserInfo where UserName = @newusername";
        cmd.Parameters.AddWithValue("@newusername", newusername);

        var count = (long)cmd.ExecuteScalar();
        if (count < 1)
        {
            return 0;
        }
    }

    using (var con = new MySqlConnection(conString))
    using (var cmd = con.CreateCommand())
    {
        con.Open();
        cmd.CommandText = "UPDATE tbl_UserInfo SET UserName = @newusername, Password = @password, Email_ID = @mailid WHERE UserName = @oldusername";
        cmd.Parameters.AddWithValue("@newusername", newusername);
        cmd.Parameters.AddWithValue("@password", password);
        cmd.Parameters.AddWithValue("@mailid", mailid);
        cmd.Parameters.AddWithValue("@oldusername", oldusername);
        return cmd.ExecuteNonQuery();
    }
}

or you could also split those into separate methods:

public bool UsernameExists(string username)
{
    using (var con = new MySqlConnection(conString))
    using (var cmd = con.CreateCommand())
    {
        con.Open();
        cmd.CommandText = "SELECT count(UserName) from tbl_UserInfo where UserName = @newusername";
        cmd.Parameters.AddWithValue("@newusername", username);
        return (long)cmd.ExecuteScalar() > 0;
    }
}

public int Update(string oldusername, string newusername, string mailid, string password)
{
    using (var con = new MySqlConnection(conString))
    using (var cmd = con.CreateCommand())
    {
        con.Open();
        cmd.CommandText = "UPDATE tbl_UserInfo SET UserName = @newusername, Password = @password, Email_ID = @mailid WHERE UserName = @oldusername";
        cmd.Parameters.AddWithValue("@newusername", newusername);
        cmd.Parameters.AddWithValue("@password", password);
        cmd.Parameters.AddWithValue("@mailid", mailid);
        cmd.Parameters.AddWithValue("@oldusername", oldusername);
        return cmd.ExecuteNonQuery();
    }
}

public int UpdateUserInfo(string oldusername, string newusername, string mailid, string password)
{
    if (!UsernameExists(newusername))
    {
        return Update(oldusername, newusername, mailid, password);
    }
    return 0;
}

with this code the username is case-sensitive - maybe that is your problem as well? — riffnl, May 16 '12 at 13:08
Did you attach a SQL debugger to see the exact queries being sent to your database? — Darin Dimitrov, May 16 '12 at 13:13
Yes, but you could attach a debugger to your SQL server to analyze the queries being sent. — Darin Dimitrov, May 16 '12 at 13:19
@DarinDimitrov - Thnaks a lot. I have tried your second code and it works successfully. : ) — Rohan, May 16 '12 at 13:25
@DarinDimitrov - Can you please help me in solving my another question ? : ) i have asked question "Error in excuting sql query" — Rohan, May 16 '12 at 13:30

Error in executing web method

1 Answers1