You didn’t tell what is wrong exactly but I see a few things wrong in your code.
- You should always use parameterized queries. This kind of string concatenations are open for SQL Injection attacks.
- I assume your
ScorandIDcolumns are numeric, not character. That’s why you should not use single quotes with it. With parameterized queries, you don’t need to worry about that. - Use
usingstatement to dispose yourSqlConnectionadnSqlCommand. - In your second
SqlCommand(which ish) you are executing first command (up1) not second one (up2).
As an example;
void Update()
{
using(SqlConnection c = new SqlConnection(co))
using(SqlCommand comm = c.CreateCommand())
{
string up1 = "Update Scoruri Set Scor=@scor where ID=@id";
comm.CommandText = up1;
comm.Parameters.AddWithValue("@scor", Convert.ToInt32(scor1));
comm.Parameters.AddWithValue("@id", otherForm.id1);
c.Open();
comm.ExecuteNonQuery();
comm.Parameters.Clear();
comm.Parameters.AddWithValue("@scor", Convert.ToInt32(scor2));
comm.Parameters.AddWithValue("@id", otherForm.id2);
comm.ExecuteNonQuery();
}
}
11
solved How do I update a value in C# and SQL Server? [closed]