I can't Convert SQL Select Query Result to Bit

Question

After the user has registered; the user's membership is saved as "passive" by default. I do this in the following way: I have a line called "active" in my user table and the data type of this field is bit and default value of this field is 0. What I want to do is: If the user has not activated his account, I want him to get warning but I got System.IConvertible error. My login.aspx.cs is as follows:

DataRow drlogin = function.GetDataRow("SELECT isactive FROM user WHERE email = '" + TxtEMail.Text + "'");
if(Convert.ToInt32(drlogin) == 0)
{
    string message = "<script>alert('You can't login because your account is not active!');</script>";
}
else
{
    // Login operations
}

score 2 · Answer 1 · answered Aug 27 '17 at 17:20

First, you should be using parameters, rather than munging the query string with parameter values.

Second, you can convert to the type you want, which appears to be an integer:

SELECT CAST(isactive as int) as isactive
FROM user
WHERE email = '" + TxtEMail.Text + "'";

score 0 · Answer 2 · answered Aug 27 '17 at 17:12

0

use this SQL Instead your one :

"SELECT ISNULL((SELECT isactive FROM user WHERE email = '" + TxtEMail.Text + "'),0)"

answered Aug 27 '17 at 17:12

PurTahan

621
9
23

I got and error in "if" code line. How can I change this line? – Shadouspan Aug 27 '17 at 17:19

Vojtěch Dohnal · Accepted Answer · 2017-08-27T17:53:16.530

This line is toxic, robots will hack your website as soon as you publish it:

DataRow drlogin = function.GetDataRow("SELECT isactive FROM user WHERE email = '" + TxtEMail.Text + "'");

Use parameters and not string concatenation!

You cannot convert DataRow to Int32, besides it is a bit column that should be converted to bool. So it should be like this:

if(!Convert.ToBoolean(drlogin[0]))

or

if(!Convert.ToBoolean(drlogin["isactive"]))

I can't Convert SQL Select Query Result to Bit

3 Answers3