Hi everybody.

I'm having difficulties with a button handler I put together from a few examples around the internet.

Here's my code:

 <script runat="server">
   
   
   
    Sub Add_To_Cart(ByVal Src As Object, ByVal Args As EventArgs)
       
      
        Dim FVArtikel_id As Label = FormViewDisplay.FindControl("Artikel_idLabel")
        Dim FVArtikel_naam As Label = FormViewDisplay.FindControl("Artikel_naamLabel")
        Dim FVArtikel_prijs As Label = FormViewDisplay.FindControl("Artikel_prijsLabel")
        Dim DBConnection As OleDbConnection
        Dim DBCommand As OleDbCommand
        Dim SQLString As String
        Dim SQLAddString As String
 
        If Not Session("sid") Is Nothing Then
           
       
            DBConnection = New OleDbConnection( _
              "Provider=Microsoft.Jet.OLEDB.4.0;" & _
              "Data Source=C:\Documents and Settings\Administrator\Bureaublad\2ehandslego.nl\data\db.mdb")
           
            DBConnection.Open()
           
            SQLString = "SELECT Count(*) FROM Orders WHERE sid = '" & CType(Session("sid"), String) & "' AND Artikel_id = '" & FVArtikel_id.Text & "'"
           
            DBCommand = New OleDbCommand(SQLString, DBConnection)
           
            DBCommand.Parameters.AddWithValue("@sid", Session("sid"))                             'string?
            DBCommand.Parameters.AddWithValue("@Artikel_id", FVArtikel_id.Text)                 'string?
           
            If DBCommand.ExecuteScalar() = 0 Then
   
                SQLAddString = "INSERT INTO Orders (sid, Order_datum, " & _
                  "Artikel_id, Order_artikel, Order_prijs, Order_hoeveelheid) VALUES (" & _
                  "'" & Session("sid") & "', " & _
                  "'" & Today & "', " & _
                  "'" & FVArtikel_id.Text & "', " & _
                  "'" & FVArtikel_naam.Text & "', " & _
                  "'" & FVArtikel_prijs.Text & "',  1)"
               
                DBCommand = New OleDbCommand(SQLAddString, DBConnection)
               
                DBCommand.Parameters.AddWithValue("@sid", Session("sid"))                         'string?
                DBCommand.Parameters.AddWithValue("@Artikel_id", FVArtikel_id.Text)             'string?
                DBCommand.Parameters.AddWithValue("@Artikel_naam", FVArtikel_naam.Text)
                DBCommand.Parameters.AddWithValue("@Artikel_prijs", FVArtikel_prijs.Text)       'string?
               
                DBCommand.ExecuteNonQuery()
   
            End If
           
            DBConnection.Close()
 
            Src.Text = "Item Added"
            Src.ForeColor = Color.FromName("#990000")
            Src.BackColor = Color.FromName("#E0E0E0")
            Src.Font.Bold = True
           
        End If
       
    End Sub
</script>

I'm not getting any errors, it seems to me that i'm not getting a 'sid' value passed along but i don't know what to do about it.
I've also already tried step debugging. This is my last resort. I hope you can help me.

I'm not sure it is the cause of your problem, but you are adding your parameters twice: once by concatenation, and once with AddWithValue.
You only need one of these two methods, preferably the AddWithValue one (safer).

In that case, you need to change your sql string into:

SELECT Count(*) FROM Orders WHERE sid = @sid AND Artikel_id = @Artikel_id

Veel succes!

Jos

i think it's better to check condition

      If Not Session("sid") Is Nothing Then
in page.ispostback event and take that value in viewstate,so that when you enter in one page,and in between your session expired then it doesn't create any problem

and

in your code

why you have taken(bold part ) i don't understand as you have used '" & CType(Session("sid"), String) & "'  in your query not @sid

may be it create a problem just debug  and check

 SQLString = "SELECT Count(*) FROM Orders WHERE sid = '" & CType(Session("sid"), String) & "' AND Artikel_id = '" & FVArtikel_id.Text & "'"
           
            DBCommand = New OleDbCommand(SQLString, DBConnection)
           
            DBCommand.Parameters.AddWithValue("@sid", Session("sid"))                             'string?
            DBCommand.Parameters.AddWithValue("@Artikel_id", FVArtikel_id.Text)                 'string?

Hao1981:

SQLString = "SELECT Count(*) FROM Orders WHERE sid = '" & CType(Session("sid"), String) & "' AND Artikel_id = '" & FVArtikel_id.Text & "'"
           
            DBCommand = New OleDbCommand(SQLString, DBConnection)
           
            DBCommand.Parameters.AddWithValue("@sid", Session("sid"))                             'string?
            DBCommand.Parameters.AddWithValue("@Artikel_id", FVArtikel_id.Text)                 'string?

You're trying to add the parameters which you've never used in your query at all.  You should remove the string concatenation part from the SQLString variable and replace them with just @parameter name.  This is going to be better approach.

Hao1981:

DBCommand = New OleDbCommand(SQLAddString, DBConnection)
               
                DBCommand.Parameters.AddWithValue("@sid", Session("sid"))                         'string?
                DBCommand.Parameters.AddWithValue("@Artikel_id", FVArtikel_id.Text)             'string?
                DBCommand.Parameters.AddWithValue("@Artikel_naam", FVArtikel_naam.Text)
                DBCommand.Parameters.AddWithValue("@Artikel_prijs", FVArtikel_prijs.Text)       'string?

Here you are using the same command object to execute another query.  But, you have not cleared the parameter collection.  You should first clear the older parameter collection for the command using DBCommand.Parameters.Clear.

Above all this, I strongly recommend you to move all these queries into a stored procedure.  All these what you have tried to achieve using 2 different queries can be combined in a single stored procedure and you need to execute that procedure alone.  I think this will make both your task and code easier.