ASP.Net String Split not working

Question

Here's my code

Dim RefsUpdate As String() = Session("Refs").Split("-"C)

Dim PaymentsPassedUpdate As String() = Session("PaymentsPassed").Split("-"C)

Dim x as Integer

For x = 1 to RefsUpdate.Length - 1

Dim LogData2 As sterm.markdata = New sterm.markdata() 

Dim queryUpdatePaymentFlags as String = ("UPDATE OPENQUERY (db,'SELECT * FROM table WHERE ref = ''"+ RefsUpdate(x) +"'' AND bookno = ''"+ Session("number") +"'' ') SET alpaid = '"+PaymentsPassedUpdate(x) +"', paidfl = 'Y', amountdue = '0' ") 

Dim drSetUpdatePaymentFlags As DataSet = Data.Blah(queryUpdatePaymentFlags) 

Next

I don't get any errors for this but it doesn't seem to working as it should

I'm passing a bookingref like this AA123456 - BB123456 - CC123456 - etc and payment like this 50000 - 10000 - 30000 -

I basically need to update the db with the ref AA123456 so the alpaid field has 50000 in it.

Can't seem to get it to work

Any ideas?

Thanks

Jamie

What's happening currently, what do your String Arrays Look like? — msarchet, Oct 25 '10 at 19:06
Is the database just not updating? Two possible causes - double '' quoting the string in your query; the split will not remove the spaces padding the strings either so if your db value is clean it will miss. — Jamie Treworgy, Oct 25 '10 at 19:12
On a side note, this is not a secure way to access the database. Concatenating values into SQL leaves you wide open to injection attacks. You need to bind parameters, instead. — Steven Sudit, Oct 25 '10 at 19:14
Check out http://stackoverflow.com/questions/306668/are-parameters-really-enough-to-prevent-sql-injections/306981#306981 — Steven Sudit, Oct 25 '10 at 19:35

score 1 · Accepted Answer · answered Oct 25 '10 at 19:06

1

I'm not sure what isn't working, but I can tell you that you are not going to process the last entry in your arrays. You are going from 1 to Length - 1, which is one short of the last index. Therefore, unless your input strings end with "-", you will miss the last one.

answered Oct 25 '10 at 19:06

Mark Avenius

13,679
6
42
50

1

Actually since it's a zero base index, he'll miss the first one. But you are right that one will turn up missing. – Joel Etherton Oct 25 '10 at 19:09
1

And the first one since it starts at 0 – Anthony Greco Oct 25 '10 at 19:09
It was as @Anthony Greco said it was missing out the first one - thanks for clearing this up much appreciated – Jamie Taylor Oct 25 '10 at 19:12
Sorry; I haven't worked with anything vb in a while, and I couldn't remember if it was 0 or 1 based (I think VB6 is 1 and .Net is 0, now that I think about it). – Mark Avenius Oct 25 '10 at 19:26

score 1 · Answer 2 · answered Oct 25 '10 at 19:13

Your indexing problem mentioned by Mark is only one item, but it will cause an issue. I'd say looking at the base your problem stems from not having trimmed the strings. Your data base probably doesn't have spaces leading or trailing your data so you'll need to do something like:

Dim refsUpdateString as string = RefsUpdate(x).Trim()
Dim paymentsPassedUpdateString as string = PaymentsPassedUpdate(x).Trim()

...

Dim queryUpdatePaymentFlags as String = ("UPDATE OPENQUERY (db,'SELECT * FROM table WHERE ref = ''" & refsUpdateString  & "'' AND bookno = ''" & Session("number") & "'' ') SET alpaid = '" & paymentsPassedUpdateString & "', paidfl = 'Y', amountdue = '0' ")

Also, I would recommend keeping with the VB way of concatenation and use the & character to do it.

ASP.Net String Split not working

2 Answers2