Multiple concatenation in MySQL query and C#

Question

Hey guys still very new to C# and am very lost.

I have two drop down list ddlcountry(Country) and DdPetPist(Specie) the country selection populates the Specie list with the specie avalible in the country selected.

code bellow

protected void Page_Load(object sender, EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                MySqlCommand cd2 = new MySqlCommand("SELECT DISTINCT(Country) FROM Animals", cs); 
                cs.Open();
                MySqlDataReader ddlCountry = cd2.ExecuteReader();
                ddlcountry.DataSource = ddlCountry;
                ddlcountry.DataValueField = "Country";
                ddlcountry.DataTextField = "Country";
                ddlcountry.DataBind();
                cs.Close();
                cs.Dispose();
            }
        }

protected void ddlcountry_SelectedIndexChanged(object sender, EventArgs e)
        {
            if (ddlcountry.Text != string.Empty)
            {
                MySqlCommand cd = new MySqlCommand(string.Format("SELECT * FROM Animals WHERE Country ='{0}'", ddlcountry.Text), cs);
                cs.Open();
                MySqlDataReader ddlSpecie = cd.ExecuteReader();
                DdPetPist.DataSource = ddlSpecie;
                DdPetPist.DataValueField = "Specie";
                DdPetPist.DataTextField = "Specie";
                DdPetPist.DataBind();
                cs.Close();
                cs.Dispose();
            }
        }  

This works very well and I am happy with it, although I am in the process of protecting it from sql injection.

The problem

I am know trying to print Information out into two labels with two query's, this I am having problems with. so far my label will print out information such as pet price and stock amounts. but I cant seem to get the query's to adjust with the different country selection. I have been at this for a few days now and any help will be fantastic as I am very new to C# and still learning.

Label code and query's(not changing with different country selection)

protected void DropDownList1_SelectedIndexChanged(object sender, EventArgs e)
        {
            string selection_price = DdPetPist.SelectedValue;
            string selection_stock = DdPetPist.SelectedValue;
            string petPrice = string.Empty;
            string available = string.Empty;

            MySqlCommand cd_price = new MySqlCommand(String.Format("SELECT Specie_Price FROM Animals WHERE Specie ='{1}'", ddlcountry.Text, selection_price), cs);
            MySqlCommand cd_available = new MySqlCommand(String.Format("SELECT Stock FROM Animals WHERE Specie ='{1}'", ddlcountry.Text, selection_stock), cs);

            cs.Open();
            petPrice = Convert.ToString(cd_price.ExecuteScalar());
            available = Convert.ToString(cd_available.ExecuteScalar());
            cs.Close();

            PetPrice.Text = String.Format("Minimum Donation For A {0}  Is £{1}.", selection_price, petPrice);
            Availble.Text = String.Format("{0}'s Avalible {1} In Your Country.", selection_stock, available);
        } 

Answer 1

don't put single quote over selection_price value. single quote is only required for varchar(String) types

Replace this:

MySqlCommand cd_price = new MySqlCommand(String.Format("SELECT Specie_Price FROM {0}_Animals WHERE Specie ='{1}'", ddlcountry.Text, selection_price), cs);

With this:

  MySqlCommand cd_price = new MySqlCommand(String.Format("SELECT Specie_Price FROM {0}_Animals WHERE Specie ={1}", ddlcountry.Text, selection_price), cs);

Solution 2: you need to use the SelectedItem property of ComboBox.

Replace these 2 queries:

MySqlCommand cd_price = new MySqlCommand(String.Format("SELECT Specie_Price FROM Animals WHERE Specie ='{1}'", ddlcountry.Text, selection_price), cs);
MySqlCommand cd_available = new MySqlCommand(String.Format("SELECT Stock FROM Animals WHERE Specie ='{1}'", ddlcountry.Text, selection_stock), cs);

With following 2 queries:

MySqlCommand cd_price = new MySqlCommand(String.Format("SELECT Specie_Price FROM Animals WHERE Specie ='{1}' and Country ='{0}'", ddlcountry.SelectedItem.ToString().Trim(), selection_price), cs);
MySqlCommand cd_available = new MySqlCommand(String.Format("SELECT Stock FROM Animals WHERE Specie ='{1}' and Country ='{0}'", ddlcountry..SelectedItem.ToString().Trim(), selection_stock), cs);