c# - Substring error though not using substring -
i have following code:
public static long createvendorsemailjob(list<recipient> recipients, string subject, string body) { long emailjobid; using (var connection = new mysqlconnection(configurationmanager.connectionstrings["myconnection"].connectionstring)) { connection.open(); // create email job using (var command = new mysqlcommand()) { command.connection = connection; command.commandtype = commandtype.text; command.commandtext = string.format( "insert email_job (parent_id, job_type_lookup_id, from_email, from_name, subject, body_type_lookup_id, body, status_lookup_id, total_emails, persist_addresses) values ({0}, {1}, '{2}', '{3}', '{4}', {5}, '{6}', {7}, {8}, {9})", 5000, 745, "info@domain.com", "company management system", subject, 22, body, 27, recipients.count, 1); command.executenonquery(); emailjobid = command.lastinsertedid; } using (var command = new mysqlcommand()) { command.connection = connection; command.commandtype = commandtype.text; string commandtext = "insert email_job_email (job_id, comm_optin_id, name, email) values "; var valuestoadd = new list<string>(); recipients.foreach(r => valuestoadd.add(string.format("({0}, {1}, '{2}', '{3}')", emailjobid, r.recipientid, r.name, r.emailaddress))); commandtext += string.join(",", valuestoadd.toarray()); command.commandtext = commandtext; command.executenonquery(); } connection.close(); } return emailjobid; } this code runs fine when running 1 task run same code task , doesn't work. gives me following error:
index , length must refer location within string. parameter name: length now difference between each time run subject , body of message. stored in resource file , passed in when method called. can't seem figure out exception happening. windows service , runs on remote machine debugging not easy , don't have dev environment mirror theirs.
the error have seen before seems sort of substring manipulation. text basic stuff , 1 similar other can't see why causing this.
any ideas on or why?
edit: ok after had aha moment , realized print out stack trace here got -
at mysql.data.mysqlclient.mysqltokenizer.nextparameter() @ mysql.data.mysqlclient.statement.internalbindparameters(string sql, mysqlparametercollection parameters, mysqlpacket packet) @ mysql.data.mysqlclient.statement.bindparameters() @ mysql.data.mysqlclient.preparablestatement.execute() @ mysql.data.mysqlclient.mysqlcommand.executereader(commandbehavior behavior) @ mysql.data.mysqlclient.mysqlcommand.executenonquery() @ pcm.autoworkengine.tasks.recurringvendormailer.entities.datamappers.emailjobmapper.createvendorsemailjob(list`1 recipients, string subject, string body) in c:\projects\pcm\pcm.autoworkengine.recurringvendormailer\entities\datamappers\emailjobmapper.cs:line 65 @ pcm.autoworkengine.tasks.recurringvendormailer.hoavendortask.execute() in c:\projects\pcm\pcm.autoworkengine.recurringvendormailer\hoavendortask.cs:line 24 @ pcm.autoworkengine.autoworkengineservice.start() in c:\projects\pcm\pcm.autoworkengine\autoworkengineservice.cs:line 80 what not familiar prepared statements mysql. not trying use that. have single quotes in text. have in both texts , work fine in first not sure if it. escape them in resource file using backslash.
you need sanitize subject , body. example if subject
');you'll run trouble. see example here , here.
Comments
Post a Comment