[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

SQL query question

Posted on 2011-03-06
8
Medium Priority
?
271 Views
Last Modified: 2012-05-11
Hi,
I have the following line of code:
 query = "sp_GetUserLogin '" + userID + "', '" + password + "'";
that I am trying to rewrite like:
query = "sp_GetUserLogin @userID, @password";
but I am getting SqlException was unhandled by user code (Incorrect syntax near ‘sp_GetUserLogin’)
Can someone tell me what is wrong with my code? Thanks!
0
Comment
Question by:avi7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 41

Expert Comment

by:Sharath
ID: 35050012
Can you post some more code. Do you want to pass UserID and Password as parameters to the SP?
0
 
LVL 11

Expert Comment

by:JoeNuvo
ID: 35050997
the way you try to call, still be inline SQL
so, even you want to put the parameter name.
code will be look like this

query = "sp_GetUserLogin @username =  '" + userID + "',  @password = '" + password + "'"; 

Open in new window


if you don't want to do as above, you should give more details, for ex. what is your application language, etc.
0
 

Author Comment

by:avi7
ID: 35053439
It is C# and I was trying to do something like this:

query = "sp_GetUserLogin '" + userID + "', '" + password + "'";
SqlCommand cmd;
cmd = new System.Data.SqlClient.SqlCommand(query, conn);            
cmd.Parameters.AddWithValue("@userID", userID);
cmd.Parameters.AddWithValue("@password", password);

conn.Open();
SqlDataReader reader = cmd.ExecuteReader(System.Data.CommandBehavior.CloseConnection);
 try
            {
                if (reader.HasRows == true)
                {
                    reader.Close();
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Expert Comment

by:lalitgada
ID: 35053634
check the ' syntax.

and if you want to use the aspnetmembership feature then change the logic.
0
 
LVL 9

Assisted Solution

by:kaminda
kaminda earned 320 total points
ID: 35055176
Hi,

You are adding the parameters to the command with

cmd.Parameters.AddWithValue("@userID", userID);
cmd.Parameters.AddWithValue("@password", password);

So you dont have to state in the query, just state the sp name then your code will work. If you like to dynamically call the sp then remove the parameter adding part to command object and use a query such as ;

EXEC sp_GetUserLogin 'userid', 'password'
0
 
LVL 11

Accepted Solution

by:
JoeNuvo earned 600 total points
ID: 35056840
try

query = "EXEC sp_GetUserLogin @userID , @password";
SqlCommand cmd;
cmd = new System.Data.SqlClient.SqlCommand(query, conn);            
cmd.Parameters.AddWithValue("@userID", userID);
cmd.Parameters.AddWithValue("@password", password);

.
.
.

Open in new window

0
 
LVL 2

Assisted Solution

by:EL_Barbado
EL_Barbado earned 80 total points
ID: 35072670
You need to put EXEC in front of the sp_GetUserLogin
0
 

Author Closing Comment

by:avi7
ID: 35142457
Thanks so much!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article I will describe the Copy Database Wizard method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question