Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

hardcoded values work only and not parameterized values

Posted on 2013-12-04
6
Medium Priority
?
184 Views
Last Modified: 2013-12-11
I finally got my totals for a report to come out by making another select call. However, two of the values provided, which I would like to use parameters, then causes the sql to fail.

see attached file.

1. can I use parametrized values anywhere in a sql query in ado.net or are there limitations.
2. I had to convert the date before total counts were correct.



probably sql errors, can't seem to see the problem.
sql-parameter-problems.docx
0
Comment
Question by:mahpog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
6 Comments
 
LVL 49

Expert Comment

by:PortletPaul
ID: 39697126
Regarding the date range filter:

There are several "issues" with what you are doing I'm afraid

First thing to note is that you are creating a string (selectsql1) then that string is executed as a query. So the contents of the string must be valid as SQL.

--valid:
'selectsql1 &= "and convert(varchar(10),convert(datetime,u.entry_dt),101) between '01/01/2013' and '12/31/2013'  "

--INVALID:
'selectsql1 &= "and convert(varchar(10),convert(datetime,u.entry_dt),101) between @selyear0101 and @selyear1231  "

Open in new window


Your code will be looking for variables with the names @selyear0101 and @selyear1231

Then, there is a bigger SQL issue with the method you have chosen.

You are converting the data (u.entry_dt) to varchar so you can compare that data to 2 variables. This is vastly inefficient and the "wrong way around".

Don't convert the data to suit variables; instead convert the variables to suit the data
(see: http://en.wikipedia.org/wiki/Sargable)

Then, on top of all that, don't use between either :)
You should use the same technique as this previous answer:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/ASP/Q_28309554.html#a39694443

            AND ( a.entry_dt >= DATEADD(YEAR, (@selyear - 1900), 0)
                        AND   a.entry_dt <  DATEADD(YEAR, (@selyear - 1899), 0)  )
           
====
Your document does not indicate how you populate @metric2 so I'm unable to comment on why that isn't working.
0
 

Author Comment

by:mahpog
ID: 39698297
the entry_dt on the table is defined as a char(10) not as a date type.  The reason for going through the convert, otherwise not recognized as a date.  

 AND ( a.entry_dt >= DATEADD(YEAR, (@selyear - 1900), 0)
                        AND   a.entry_dt <  DATEADD(YEAR, (@selyear - 1899), 0)  )

does not work.

@selyear is replaced with '2013' via cmd.addwithvalue parameter

@metric2 = "('14-1'),('15-1"),('31-11'),('31-14')  [displayed on top of report]
0
 

Author Comment

by:mahpog
ID: 39698885
i have reviewed the link about Sargable. I get right totals, if I hardcode values, if I replace with variables, never works. Code below: argh.......

        Dim selectsql1 As String = "Declare @sprno table (no varchar(10))  "
        selectsql1 &= "INSERT INTO @sprno (no)  "
        selectsql1 &= "VALUES   ('14-1'),('15-1'),('31-11'),('31-14')"
        selectsql1 &= "select s.no, isnull(count(u.srp_no),0) as ttlcnt "
        selectsql1 &= "from @sprno s  "
        selectsql1 &= "LEFT JOIN asrp_usage u ON u.srp_no = s.no "
        selectsql1 &= "AND convert(varchar(10),convert(datetime,u.entry_dt), 112) >= 20130101  "
        selectsql1 &= "AND convert(varchar(10),convert(datetime,u.entry_dt), 112) <= 20131231  "
        selectsql1 &= "and u.frp_ror = '1' "
        selectsql1 &= "and u.bus_type_gc = 'G' "
        selectsql1 &= "and u.location IN(Select Value FROM fn_Split(@locationlist, ',')) "
        selectsql1 &= "group by s.no "
        selectsql1 &= "order by s.no "
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 

Accepted Solution

by:
mahpog earned 0 total points
ID: 39699068
Here is final code that worked.

        ' Define ADO.NET objects.
        Dim selectsql1 As String = "Declare @sprno table (no varchar(10))  "
        selectsql1 &= "INSERT INTO @sprno (no)  "
        selectsql1 &= "VALUES " & Session("MetricList2").ToString() & " "
        selectsql1 &= "select s.no, isnull(count(u.srp_no),0) as ttlcnt "
        selectsql1 &= "from @sprno s  "
        selectsql1 &= "LEFT JOIN asrp_usage u ON u.srp_no = s.no "
        selectsql1 &= "AND convert(varchar(10),convert(datetime,u.entry_dt), 112) >= '" & Session("yearSelected").ToString() & "0101' "
        selectsql1 &= "AND convert(varchar(10),convert(datetime,u.entry_dt), 112) <= '" & Session("yearSelected").ToString() & "1231' "
        selectsql1 &= "and u.frp_ror = '1' "
        selectsql1 &= "and u.bus_type_gc = 'G' "
        selectsql1 &= "and u.location IN(Select Value FROM fn_Split(@locationlist, ',')) "
        selectsql1 &= "group by s.no "
        selectsql1 &= "order by s.no "


        ' Define the ADO.NET objects.
        Dim con1 As New SqlConnection(connectionString1)
        Dim cmd1 As New SqlCommand(selectsql1, con1)

        ' Add the parameters.
        cmd1.Parameters.AddWithValue("@locationlist", Session("LocationList"))
0
 

Author Comment

by:mahpog
ID: 39701761
resolved.
0
 

Author Closing Comment

by:mahpog
ID: 39710851
came up with solution.  closing.
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Naughty Me. While I was changing the database name from DB1 to DB_PROD1 (yep it's not real database name ^v^), I changed the database name and notified my application fellows that I did it. They turn on the application, and everything is working. A …
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question