Solved

ADP - Must Declare the Scalar Varaible

Posted on 2007-11-22
6
940 Views
Last Modified: 2013-12-05
I am having difficulty with a ADP project, specifically regarding ADO / SQL usage.

I'm currently in the process of writing a function to return a resultset from a SQL table (SQL Server 2005), the code is fairly simple (see attached example).

The problem line looks to be: "Set rs_ = .Execute"... it throws the following error: "Must Declare the Scalar Variable @id".

I have tried to use '?' marks instead, but no luck; does anyone have any ideas (short of creating a stored procedure!).

Cheers
Function Example()
On Error GoTo ErrorHandler:
 
Dim command_ As New ADODB.Command
Dim rs_ As ADODB.Recordset
 
    With command_
    
        .ActiveConnection = CurrentProject.Connection
        .NamedParameters = True
        .CommandType = adCmdText
        .CommandText = "SELECT t.* FROM ticket t WHERE t.id = @id"
        
        .Parameters.Append .CreateParameter("@id", adInteger, adParamInput, , 11)
        
        Set rs_ = .Execute
        
        With rs_
        
            If .State = adStateOpen Then
            
                ' TODO: this bit!
            
            End If
        End With
    End With
    
Tidy:
 
    Set command_ = Nothing
    Set rs_ = Nothing
    
Exit Function
ErrorHandler:
 
    Debug.Print Err.Description: GoTo Tidy
 
End Function

Open in new window

0
Comment
Question by:MISLtd
  • 2
  • 2
6 Comments
 
LVL 22

Expert Comment

by:Kelvin Sparks
ID: 20333437
Replace "SELECT t.* FROM ticket t WHERE t.id = @id"

with

"SELECT t.* FROM ticket t WHERE t.id = " & the vale for @ID.

IF @ID is text then

"SELECT t.* FROM ticket t WHERE t.id = '" & @ID & "'"
0
 
LVL 1

Author Comment

by:MISLtd
ID: 20333538
While that would work, it leaves things a fairly open to SQL injection attacks as the @id parameter will be generated by user input.
0
 
LVL 22

Expert Comment

by:Kelvin Sparks
ID: 20333549
OK, but you haven't said where @ID is coming from. What you have in the adp is a statement that will be executed. Using ADO you have to pass these parameters in from somewhere.

You are using adCmdText. This just executes the string you create
0
 
LVL 1

Author Comment

by:MISLtd
ID: 20333617
I gave the '?' mark another go and seem to have solved the problem.
Function Example()
On Error GoTo ErrorHandler:
 
Dim command_ As New ADODB.Command
Dim rs_ As ADODB.Recordset
 
    With command_
    
        .ActiveConnection = CurrentProject.Connection
        .NamedParameters = True
        .CommandType = adCmdText
        .CommandText = "SELECT t.* FROM ticket t WHERE t.id = ?"
        
        .Parameters.Append .CreateParameter("id", adInteger, adParamInput, , 11)
        
        Set rs_ = .Execute
        
        With rs_
        
            If .State = adStateOpen Then
            
                ' TODO: this bit!
            
            End If
        End With
    End With
    
Tidy:
 
    Set command_ = Nothing
    Set rs_ = Nothing
    
Exit Function
ErrorHandler:
 
    Debug.Print Err.Description: GoTo Tidy
 
End Function

Open in new window

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 21641033
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Using Microsoft Access, learn some simple rules for how to construct tables in a relational database. Split up all multi-value fields into single values: Split up fields that belong to other things into separate tables: Make sure that all record…
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question