Must declare the scalar variable "#UserId" in Insert statement - c#-5.0

I am absolute beginner, I can't solve the the problem, getting error & exception is being thrown at
objCommand.ExecuteNonQuery();
Exception Message : "Must declare scalar variable #userId."
private void btnRegister_Click(object sender, EventArgs e)
{
if (tbxUserName.Text == "" || tbxPassword.Text == "")
{
MessageBox.Show("Please enter values!");
return;
}
string strConnection;
strConnection = ConfigurationManager.ConnectionStrings["strConnection"].ConnectionString;
SqlConnection objConnection = new SqlConnection();
objConnection.ConnectionString = strConnection;
objConnection.Open();
string strSQL;
SqlCommand objCommand = new SqlCommand("SELECT * FROM LoginTable WHERE UserId='" + tbxUserName.Text + "';", objConnection);
SqlDataAdapter objAdapter = new SqlDataAdapter();
objAdapter.SelectCommand = objCommand;
objAdapter.Fill(objDataSet);
int i = objDataSet.Tables[0].Rows.Count;
if (i > 0)
{
MessageBox.Show("User Name " + tbxUserName.Text + " already exists");
tbxPassword.Text = "";
objDataSet.Clear();
}
else
{
strSQL = "INSERT INTO LoginTable(UserId, Password) VALUES(#UserId, #Password)";
objCommand.Parameters.AddWithValue("#UsesrId", tbxUserName.Text);
objCommand.Parameters.AddWithValue("#Password", tbxPassword.Text);
objCommand.CommandText = strSQL;
objCommand.ExecuteNonQuery();
objConnection.Close();
message = "Registered Successfully! " + "Welcome " + tbxUserName.Text;
this.Hide();
WelcomeForm wf = new WelcomeForm(message);
wf.Show();
}
}

You have typo in your code, change it as following.( #UsesrId != #UserId)
strSQL = "INSERT INTO LoginTable(UserId, Password) VALUES(#UserId, #Password)";
objCommand.Parameters.AddWithValue("#UserId", tbxUserName.Text);

Related

what is the use of string::format. i am no getting it on internet as well

void updateList(void) {
numCam = get_noofcameras_connected();
if (numCam != 0) {
CameraSelect->Text = ("Please select Camera");
CameraSelect->Items->Add("ALL");
for (int i = 1; i < numCam + 1; i++) {
CameraSelect->Items->Add(string::format("Camera {0}", i));
}
}
else {
CameraSelect->Text = ("NO CAMERA CONNECTED");
}
}
it is giving the error string is ambiguous .
for c# you can call .Format
here an example from the
doc
Decimal pricePerOunce = 17.36m;
String s = String.Format("The current price is {0} per ounce.",
pricePerOunce);
Console.WriteLine(s);

MP3 Tagging ID3v2_3 Id3v2_4

I use the JID3 library which works fine for IDv2_3 but when it is asked to update a tracks tags which are V2_4, it simply wipes the Id3v2_4 tags. How can I test which version of tagging a track has.
Example of setting the ratings and times played in the POPULARIMETER tag
public String setmp3RatingTag(Context context, File SourceFile, String email, int rating, int timesPlayed) throws Exception {
String error = null;
if (timesPlayed < 0) {
timesPlayed = 0;
}
try {
MediaFile MediaFile = new MP3File(SourceFile);
ID3V2_3_0Tag ID3V2_3_0Tag = (org.blinkenlights.jid3.v2.ID3V2_3_0Tag) MediaFile.getID3V2Tag();
POPMID3V2Frame popmid3V2Frame = new POPMID3V2Frame(email, rating, timesPlayed);
popmid3V2Frame.setPopularity(email, rating, timesPlayed);
if (ID3V2_3_0Tag != null) {
frames = ID3V2_3_0Tag.getPOPMFrames();
if (frames != null) {
if (frames.length > 0) {
String emailtouser[]=getmp3Email(SourceFile);
for (int i = 0; i < frames.length; i++) {
if (frames[i] != null) {
ID3V2_3_0Tag.removePOPMFrame(emailtouser[i]);
}
}
}
}
} else {
ID3V2_3_0Tag = new ID3V2_3_0Tag();
}
ID3V2_3_0Tag.addPOPMFrame(popmid3V2Frame);
MediaFile.setID3Tag(ID3V2_3_0Tag);
MediaFile.sync();
} catch (ID3Exception | OutOfMemoryError e) {
e.printStackTrace();
error = e.getMessage();
}
error = finish(context, SourceFile);
return error;
}
For anyone using the jid3 library, I added another method to the class MP3File.java
#Override
public int testforVerion() {
int iMinorVersion=0;
try {
InputStream oSourceIS = new BufferedInputStream(m_oFileSource.getInputStream());
ID3DataInputStream oID3DIS = new ID3DataInputStream(oSourceIS);
try
{
// check if v2 tag is present
byte[] abyCheckTag = new byte[3];
oID3DIS.readFully(abyCheckTag);
if ((abyCheckTag[0] == 'I') && (abyCheckTag[1] == 'D') && (abyCheckTag[2] == '3'))
{
// check which version of v2 tags we have
iMinorVersion = oID3DIS.readUnsignedByte();
}
else
{
return iMinorVersion;
}
}
finally
{
oID3DIS.close();
}
} catch (IOException e) {
e.printStackTrace();
}
return iMinorVersion;
}
simply check for value 3 for ID3V2_3 and 4 for ID3V2_4

USBHIDDRIVER works in Visual Studio debug mode but not when deployed to IIS

I'm using USBHIDDRIVER to access a scale connected to our local workstation. Everything works fine when I run the WCF in Visual Studio 2012 Debug. But once I attempt to run the service in IIS it doesn't seem to recognize the USBHIDDRIVER. I have a test service in the WCF which works fine so the WCF is working.
Any information on how to troubleshoot this would be extremely helpful. My problem is that the WCF is compiled when I deploy to the IIS server so I'm having a hard time trying to troubleshoot.
Here is additional information regarding USBHIDDRIVER: http://www.florian-leitner.de/index.php/projects/usb-hid-driver-library/
namespace USBDevices
{
public class Service1 : IService1
{
public string GetWeight(string id)
{
USBHIDDRIVER.USBInterface usb = new USBHIDDRIVER.USBInterface("vid_0922","pid_8007");
//string[] list = usb.getDeviceList();
string result;
string resultDesc;
byte itemWeight;
byte itemUOM;
result = "";
resultDesc = "";
itemWeight = 0;
itemUOM = 0;
if (usb.Connect() == true)
{
usb.startRead();
Thread.Sleep(100);
for (int i = 0; i < 200; i++)
{
var weight = USBHIDDRIVER.USBInterface.usbBuffer;
var cnt = weight.Count;
itemWeight = ((byte[])weight[cnt - 1])[4];
itemUOM = ((byte[])weight[cnt - 1])[2];
}
usb.stopRead();
result = "Success";
resultDesc = "Scale Found";
Debug.WriteLine("Result: " + result + "-" + resultDesc + " - Item Weight: " + ((float)itemWeight / 10));
}
else
{
result = "Failed";
resultDesc = "Scale Not Active";
itemWeight = 0;
itemUOM = 0;
Debug.WriteLine("Result: " + result + "-" + resultDesc + " - Item Weight: " + ((float)itemWeight / 10));
}
return result + "|" + resultDesc + "|" + ((float)itemWeight / 10) + "|" + itemUOM;
}
public string XMLData(string id)
{
return "You requested product " + id;
}
}
// Use a data contract as illustrated in the sample below to add composite types to service operations.
[DataContract]
public class CompositeType
{
bool boolValue = true;
string stringValue = "Hello ";
[DataMember]
public bool BoolValue
{
get { return boolValue; }
set { boolValue = value; }
}
[DataMember]
public string StringValue
{
get { return stringValue; }
set { stringValue = value; }
}
}
}
In order to resolve the problem I had to turn on "Enable 32-Bit Applications" for the website. Believe the problem is related to the DLL's that are used but USBHIDDRIVER

Can Fortify identify the servlet filter?

I used the filter to fix the XSS. But when i scan my codes using fortify software, the number of XSS issues didn't change. Did i miss something? or Fortify cannot recognize the filter? Here are my filter codes:
public final class RequestWrapper extends HttpServletRequestWrapper {
public RequestWrapper(HttpServletRequest servletRequest) {
super(servletRequest);
}
public String[] getParameterValues(String parameter) {
String[] values = super.getParameterValues(parameter);
if (values==null) {
return null;
}
int count = values.length;
String[] encodedValues = new String[count];
for (int i = 0; i < count; i++) {
encodedValues[i] = cleanXSS(values[i]);
}
return encodedValues;
}
public String getParameter(String parameter) {
String value = super.getParameter(parameter);
if (value == null) {
return null;
}
return cleanXSS(value);
}
public String getHeader(String name) {
String value = super.getHeader(name);
if (value == null)
return null;
return cleanXSS(value);
}
private String cleanXSS(String value) {
System.out.println("filter : " + value);
//System.out.println("afterfilter : " + (isNotEmptyOrNull(value) ? StringEscapeUtils.escapeHtml4(value) : value));
//return isNotEmptyOrNull(value) ? StringEscapeUtils.escapeHtml4(value) : value;
if(isNotEmptyOrNull(value)){
value = value.replaceAll("<", "<").replaceAll(">", ">");
value = value.replaceAll("\\(", "(").replaceAll("\\)", ")");
value = value.replaceAll("'", "'");
value = value.replaceAll("eval\\((.*)\\)", "");
value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
value = value.replaceAll("script", "");
}
System.out.println("afterfilter : " +value);
return value;
}
public static boolean isNotEmptyOrNull(String string) {
if (string != null && !"".equals(string.trim())) {
return true;
}
return false;
}
}
The problem here is that Fortify doesn't have a rule for your cleanXSS method. What you will have to do is to write a custom rule, specifically a "data flow cleanse rule". This will let fortify know that any data that enters and then returned from this method will be safe from XSS.
However after looking at you XSS filter, I have to inform you that it's incomplete and will not take in to account all possible XSS vectors. I recommend that you use OWASP ESAPI's XSS filter. Fortify already has a rules for ESAPI.

Why does the compiler say "undeclared identifier" for a variable I declared in the "if" statement just above?

Why is this throwing an error, undeclared identifier?
void IDcard::Prepare(CoatingDecorator *coating)
{
if (select == 1) { IDcard *currentID = new Passport(); }
else if (select == 2) { IDcard *currentID = new DriversLicence(); }
AddPhoto();
coating->Prepare(currentID);
std::cout << "Total Cost: " << coating->totalCost;
DispenseID();
}
(specifically currentID parameter when calling coating->Prepare(currentID)).
As far as I can tell currentID is declared in the if statements.
Running this on MS VS2012, error code is C2065.
currentID only exist in the if and the else, outside that its not declared, you can declare it before the IF and initialize inside the IF and Else.
Also as commented if select its not 1 or 2 it would not be initialized and can cause problems so make sure to initialize it.
void IDcard::Prepare(CoatingDecorator *coating)
{
IDcard *currentID;
if (select == 1) { currentID = new Passport(); }
else if (select == 2) { currentID = new DriversLicence(); }
AddPhoto();
coating->Prepare(currentID);
std::cout << "Total Cost: " << coating->totalCost;
DispenseID();
}
You can declare the currentID outside the if block to fix the error.
void IDcard::Prepare(CoatingDecorator *coating)
{
IDcard *currentID = NULL;
if (select == 1) { currentID = new Passport(); }
else if (select == 2) { currentID = new DriversLicence(); }
AddPhoto();
coating->Prepare(currentID);