Solved

SQL query question

Posted on 2011-03-06
8
267 Views
Last Modified: 2012-05-11
Hi,
I have the following line of code:
 query = "sp_GetUserLogin '" + userID + "', '" + password + "'";
that I am trying to rewrite like:
query = "sp_GetUserLogin @userID, @password";
but I am getting SqlException was unhandled by user code (Incorrect syntax near ‘sp_GetUserLogin’)
Can someone tell me what is wrong with my code? Thanks!
0
Comment
Question by:avi7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 41

Expert Comment

by:Sharath
ID: 35050012
Can you post some more code. Do you want to pass UserID and Password as parameters to the SP?
0
 
LVL 11

Expert Comment

by:JoeNuvo
ID: 35050997
the way you try to call, still be inline SQL
so, even you want to put the parameter name.
code will be look like this

query = "sp_GetUserLogin @username =  '" + userID + "',  @password = '" + password + "'"; 

Open in new window


if you don't want to do as above, you should give more details, for ex. what is your application language, etc.
0
 

Author Comment

by:avi7
ID: 35053439
It is C# and I was trying to do something like this:

query = "sp_GetUserLogin '" + userID + "', '" + password + "'";
SqlCommand cmd;
cmd = new System.Data.SqlClient.SqlCommand(query, conn);            
cmd.Parameters.AddWithValue("@userID", userID);
cmd.Parameters.AddWithValue("@password", password);

conn.Open();
SqlDataReader reader = cmd.ExecuteReader(System.Data.CommandBehavior.CloseConnection);
 try
            {
                if (reader.HasRows == true)
                {
                    reader.Close();
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 1

Expert Comment

by:lalitgada
ID: 35053634
check the ' syntax.

and if you want to use the aspnetmembership feature then change the logic.
0
 
LVL 9

Assisted Solution

by:kaminda
kaminda earned 80 total points
ID: 35055176
Hi,

You are adding the parameters to the command with

cmd.Parameters.AddWithValue("@userID", userID);
cmd.Parameters.AddWithValue("@password", password);

So you dont have to state in the query, just state the sp name then your code will work. If you like to dynamically call the sp then remove the parameter adding part to command object and use a query such as ;

EXEC sp_GetUserLogin 'userid', 'password'
0
 
LVL 11

Accepted Solution

by:
JoeNuvo earned 150 total points
ID: 35056840
try

query = "EXEC sp_GetUserLogin @userID , @password";
SqlCommand cmd;
cmd = new System.Data.SqlClient.SqlCommand(query, conn);            
cmd.Parameters.AddWithValue("@userID", userID);
cmd.Parameters.AddWithValue("@password", password);

.
.
.

Open in new window

0
 
LVL 2

Assisted Solution

by:EL_Barbado
EL_Barbado earned 20 total points
ID: 35072670
You need to put EXEC in front of the sp_GetUserLogin
0
 

Author Closing Comment

by:avi7
ID: 35142457
Thanks so much!
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When writing XML code a very difficult part is when we like to remove all the elements or attributes from the XML that have no data. I would like to share a set of recursive MSSQL stored procedures that I have made to remove those elements from …
INTRODUCTION: While tying your database objects into builds and your enterprise source control system takes a third-party product (like Visual Studio Database Edition or Red-Gate's SQL Source Control), you can achieve some protection using a sing…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question