Moving a project from Web pages 1 to Web Pages 2 and having problems. This simple page runs fine on 1 but gives me a compilation error where it says "} expected" ... on the line after the <li> Of course it is there. Not sure what it wants?
@{Layout="~/Shared/_Layout.cshtml";Page.Title="Contact List";varsearchrequest=UrlData[0];vardb=Database.Open("CDB");varcontactquery="SELECT * FROM CustomerContact WHERE Name LIKE '"+@searchrequest+"%' ORDER BY Name";varquery=db.Query(contactquery);if(IsPost){}
}
<divdata-role="content"><uldata-role="listview"data-inset="true"data-theme="b"data-divider-theme="a"><lidata-role="list-divider">Contacts</li>@foreach(variteminquery){<li><ahref="@Href("~/CRC/ContactEdit.cshtml/"+item.CustomerContactID)">@item.Name</a></li>}</ul><ahref="#"data-role="button">Add New</a></div>
You have a variable in your SQL statement. You have prefixed it with an @ sign, which is not needed in a code block. @ signs should only prefix a vairiable if you are rendering the value to the browser. V1 allowed @ signs in code blocks. V2 is more strict.
If you remove the @ sign, you will notice that the last brace on your code block is highlighted instead of the one that closes your if(IsPost) condition block.
You shouldn't concatenate variables into SQL that you intend to execute against a database in any event. You open yourself up for SQL injection attacks. So the correct version of your code should look like this:
var searchrequest = UrlData[0] + "%";
var db = Database.Open("CDB");
var contactquery = "SELECT * FROM CustomerContact WHERE Name LIKE @0 ORDER BY Name";
var query = db.Query(contactquery, searchrequest);
Bruce Gibson
Member
1 Points
5 Posts
Webmatrix 1 vs Webmatrix 2 problems
Jul 24, 2012 05:30 AM|LINK
Moving a project from Web pages 1 to Web Pages 2 and having problems. This simple page runs fine on 1 but gives me a compilation error where it says "} expected" ... on the line after the <li> Of course it is there. Not sure what it wants?
Mikesdotnett...
All-Star
155599 Points
19982 Posts
Moderator
MVP
Re: Webmatrix 1 vs Webmatrix 2 problems
Jul 24, 2012 06:57 AM|LINK
You have a variable in your SQL statement. You have prefixed it with an @ sign, which is not needed in a code block. @ signs should only prefix a vairiable if you are rendering the value to the browser. V1 allowed @ signs in code blocks. V2 is more strict. If you remove the @ sign, you will notice that the last brace on your code block is highlighted instead of the one that closes your if(IsPost) condition block.
You shouldn't concatenate variables into SQL that you intend to execute against a database in any event. You open yourself up for SQL injection attacks. So the correct version of your code should look like this:
var searchrequest = UrlData[0] + "%"; var db = Database.Open("CDB"); var contactquery = "SELECT * FROM CustomerContact WHERE Name LIKE @0 ORDER BY Name"; var query = db.Query(contactquery, searchrequest);Web Pages CMS | My Site | Twitter
Bruce Gibson
Member
1 Points
5 Posts
Re: Webmatrix 1 vs Webmatrix 2 problems
Jul 24, 2012 12:47 PM|LINK
Thanks!