Hi. I have a function that returns a dictionary with info pulled from a database. The first parameter of the function is a string of the column to search, the second a string with the value. I am doing this:
- Dictionary<string, string> getData(string indexfield, string indexvalue) {
- using (MySqlConnection DB = getConnection()) {
- using (MySqlCommand cmd = new MySqlCommand("SELECT * FROM customers WHERE ?if = ?iv", DB) {
- DB.Open();
- cmd.Parameters.AddWithValue("?if", indexfield);
- cmd.Parameters.AddWithValue("?iv", indexvalue);
- using (MySqlDataReader RS = cmd.ExecuteReader()) {
- DataTable schemaTable = RS.GetSchemaTable();
- if (!RS.HasRows) { MessageBox.Show("debug"); return ret; }
- while (RS.Read()) {
- foreach (DataRow fld in schemaTable.Rows) {
- ret.Add(fld["ColumnName"].ToString(), RS[fld["ColumnName"].ToString()].ToString());
- }
- }
- }
- DB.Close();
- }
- }
When I run that, I get the "debug" messagebox indicating no rows. I enabled the general log in MySQL, and I see this when passing field cid and value 5:
SELECT * FROM customers WHERE 'cid' = '5'
I copied that and ran the query, it failed. Once I made it cid instead of 'cid', it worked fine. Why is C# adding quotes around my field? Is it because the variable being passed to cmd.Parameters.AddWithValue is a string? Is there any way to stop that?