1

I have an C# function that return String datatype. I want to return an json object as string , but I got this error: CS1002: ; expected Here is function:

    public String LoginUser(string Username, string Password)
   {
               string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
               SqlConnection con = new SqlConnection(constr);
               try
               {
                   SqlCommand cmd = new SqlCommand("Login_User");
                   cmd.CommandType = CommandType.StoredProcedure;
                   cmd.Parameters.AddWithValue("@Username", Username);
                   cmd.Parameters.AddWithValue("@Password", Password);
                   cmd.Connection = con;
                   if (con.State == ConnectionState.Closed)
                   {
                       con.Open();
                   }
                   SqlDataReader rd = cmd.ExecuteReader();
                   if (rd.HasRows)
                   {
                       rd.Read();
                       return "{"message": "Successfully"}"; //me sukses
                   }

                   else
                       return "{"message": "Invalid Username and/or Password"}"; //pas sukses
               }

               catch (Exception ex)
               {
                   throw ex;
               }
               finally
               {
                   if (con.State != ConnectionState.Closed)
                   {
                       con.Close();
                   }
               }
  }
Bench
  • 57
  • 2
  • 9

2 Answers2

0

As far as I see, you need escape " character in both string as;

return "{\"message\": \"Successfully\"}"; //me sukses

and

return "{\"message\": \"Invalid Username and/or Password\"}";

Or use verbatim string literals as with doubling them;

return @"{""message"": ""Invalid Username and/or Password""}";

and

return "{""message"": ""Invalid Username and/or Password""}";

Use using statement to dispose your connections, commands and readers automatically instead of calling Close or Dispose methods manually.

Don't use AddWithValue method. It may generate unexpected and surprising results sometimes. Use Add method overload to specify your parameter type and it's size.

Bu the way I strongly suspect you keep your passwords as a plaint text. Don't do that. Read Best way to store password in database

Community
  • 1
  • 1
Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
  • but when I consume this method with JQuery, Response format in browser is displayed with slashes / . I want to remove slashes from object when is returned in browser !!! how can I do this ? – Bench Aug 02 '15 at 09:24
  • I want to return result without \ . I want to remove all / from object when is returned in browser !!! how can I do this ? – Bench Aug 02 '15 at 09:55
0

Use @ before your string to easily escape your double quotes. 

return @"{"message": "Invalid Username and/or Password"}";

Try changing:

           catch (Exception ex)
           {
                  throw ex;  // don't do this
           }

To: 

           catch (SqlException ex)
           {
               return string.Format("error: {0}", ex.message);
           }
brroshan
  • 1,640
  • 17
  • 19