0

I'm new to programming and I was following an example to read data from the database. But I was wondering what would be the best practice to handle Exceptions when executing SQL queries. Like for Example, in the below code if I give a wrong column name or table name, it will catch exception but what should my program do in such cases? Also, should I just catch general Exception or any specific exception? 

public DataSet ForgotPassword(string userName)
{
    SqlConnection conn = new SqlConnection(this.connectionStringTech);
    conn.Open();
    DataSet DS = new DataSet();
    try
    {
        string strSql = "select * from UserAccount where usename = '" + userName + "'";
        SqlDataAdapter adapter = new SqlDataAdapter(strSql, conn);
        adapter.SelectCommand.CommandTimeout = 0;
        adapter.Fill(DS);
    }
    catch (Exception)
    {
    }
    finally
    {
        conn.Close();
    }
    return DS;
}

I'm very confused about handling these exceptions. If somebody can provide any example or article, I will be very grateful.

Shiza Khan
  • 51
  • 5
  • There are many articles on this subject: please try searching. Handle most specific exceptions first (SqlException). http://stackoverflow.com/questions/6221951/sqlexception-catch-and-handling , http://stackoverflow.com/questions/4825365/how-to-know-actual-problem-because-of-which-sqlexception-is-thrown – Mitch Wheat Jul 21 '16 at 06:53
  • What is your table name? – Bilgesu Erdoğan Jul 21 '16 at 06:55
  • Obligatory : don't use concatenation, use Parameters instead – Mitch Wheat Jul 21 '16 at 06:57

0 Answers0