Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

parameterized query, mssql and c#

Posted on 2013-01-25
2
Medium Priority
?
544 Views
Last Modified: 2013-01-31
I am trying to work out my stored procedure to build and open a dynamic parameterized query.

it is called as:
List<object> parm = new List<object>();
parm.add(aName);
dbRoutines.getDataSet("select * from sales where company = ?", parm);

Open in new window


but it keeps blowing up, because I can't seem to get it quite right
   public static DataSet GetDataSet(string mySQL, List<Object> parms)
   {
	  SqlDataAdapter sqlDa = new SqlDataAdapter();
	  DataSet sqlDs = new DataSet();
	  using (SqlConnection sqlConn =

	  new SqlConnection("Context Connection=True"))
	  {
	     SqlCommand sqlCmd = new SqlCommand("SET NOCOUNT ON; "  + mySQL, sqlConn);
		  sqlCmd.CommandType = CommandType.Text;         
        sqlDa.SelectCommand = sqlCmd;
        for (int x = 0; x <= parms.Count - 1; x++)
        {
           sqlCmd.Parameters.AddWithValue(x.ToString(), parms[x]); --- this one results in 'incorrect syntax near ?'
           //sqlCmd.Parameters[x].Value = parms[x];//this one results in 'Invalid index 0 for this SqlParameterCollection with Count=0'.
         //sqlCmd.Parameters.Add(new SqlParameter("@" + x.ToString(), parms[x]))  --- this one also results in 'incorrect syntax near ?'
       
        }

        try
        {
		     sqlDa.Fill(sqlDs, "TABLE");
        }

        catch(Exception Ex)
        {
           SqlContext.Pipe.Send("Error retrieving record " + Ex.GetType().ToString() + " " + Ex.Message);
           SqlContext.Pipe.Send(mySQL);
         }
         finally
         {
			   sqlConn.Close();
         }
	  }
     if ((sqlDs.Tables == null) ||
         (sqlDs.Tables["Table"] == null) ||
         (sqlDs.Tables.Count == 0))
        return null;
     else
	     return sqlDs;
   }

Open in new window

so now I'm stuck, because parameterized queries are def. needed.
0
Comment
Question by:Connie McBride
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Accepted Solution

by:
contactnaeem earned 800 total points
ID: 38821698
change ? with @param1
List<object> parm = new List<object>();
parm.add(aName);
dbRoutines.getDataSet("select * from sales where company = @param1", parm);


public static DataSet GetDataSet(string mySQL, List<Object> parms)
   {
        SqlDataAdapter sqlDa = new SqlDataAdapter();
        DataSet sqlDs = new DataSet();
        using (SqlConnection sqlConn =

        new SqlConnection("Context Connection=True"))
        {
           SqlCommand sqlCmd = new SqlCommand("SET NOCOUNT ON; "  + mySQL, sqlConn);
              sqlCmd.CommandType = CommandType.Text;        
        sqlDa.SelectCommand = sqlCmd;
        for (int x = 0; x <= parms.Count - 1; x++)
        {
command.Parameters.AddWithValue("@demographics", demoXml);
           sqlCmd.Parameters.AddWithValue("@param"+x.ToString(), parms[x]);      
        }

        try
        {
                 sqlDa.Fill(sqlDs, "TABLE");
        }

        catch(Exception Ex)
        {
           SqlContext.Pipe.Send("Error retrieving record " + Ex.GetType().ToString() + " " + Ex.Message);
           SqlContext.Pipe.Send(mySQL);
         }
         finally
         {
                     sqlConn.Close();
         }
        }
     if ((sqlDs.Tables == null) ||
         (sqlDs.Tables["Table"] == null) ||
         (sqlDs.Tables.Count == 0))
        return null;
     else
           return sqlDs;
   }
0
 

Author Closing Comment

by:Connie McBride
ID: 38840757
thank you.  means that all parameters will have to be named in a consistent manner, but if that's what it takes..
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
How to leverage one TLS certificate to encrypt Microsoft SQL traffic and Remote Desktop Services, versus creating multiple tickets for the same server.
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question