How do I include multiple parameters in a SQL query in C#.net using ODBCPARAMETER?

I have a form that I accept inputs from 5 text boxes.
I want to be able to include each input from the text boxes in my insert into query.
I want to use parameters to prevent database injection.
I also want to update the field in the database as NULL if nothing was entered in a text box.
I am using a SQL backend.

I got the following example from someone:

P = new SqlParameter("@Val1",SqlDbType.VarChar);
if (Text1.Text.Trim.Length > 0){
 P.Value = Text1.Text;
}else{
 P.Value = System.Data.DBNull.Value;
}
cmd.Parameters.Add(P);


P = new SqlParameter("@Val2",SqlDbType.VarChar);
if (Text1.Text.Trim.Length > 0){
 P.Value = Text1.Text;
}else{
 P.Value = System.Data.DBNull.Value;
}
cmd.Parameters.Add(P);

My insert command looks something like this insert into table(("@Val1","@Val2",

But when I debug the program "@Val1","@Val2", are NULL

The record is inserted in the database but the filed are empty


Instead of using "@Val1","@Val2", should I be using something like ? ,? instead because I am using ODBC?

wademiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

numberkruncherCommented:
Try the following...it would be interesting to know if your results change:
P = new SqlParameter("@Val1",SqlDbType.VarChar);
if (Text1.Text.Trim.Length > 0){
 P.Value = Text1.Text;
}else{
 P.Value = 'T';
}
cmd.Parameters.Add(P);
 
 
P = new SqlParameter("@Val2",SqlDbType.VarChar);
if (Text1.Text.Trim.Length > 0){
 P.Value = Text1.Text;
}else{
 P.Value = 'T';
}
cmd.Parameters.Add(P);

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wademiAuthor Commented:
This did not help P.Value = 'T'. I dont want to change P.Value = System.Data.DBNull.Value because if the text box are blank I want the field to be null.

I think their is something else causing the fields to be null.
0
numberkruncherCommented:
I found another Experts Exchange question for which the solution may be relevant to your problem. It suggests that you should use OdbcParameter with an OdbcCommand and that named parameters should be replaced with variables.

Check out the following link:
http://www.experts-exchange.com/Microsoft/Development/MS-SQL-Server/SQL-Server-2005/Q_23425185.html
0
numberkruncherCommented:
Did my previous suggestion help with your problem?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.