Solved

VB.net SQL Store SQL statement in nvarchar(max) field

Posted on 2014-09-24
3
502 Views
Last Modified: 2014-09-25
Hi

I have a VB.net app that stores SQL statements in a SQL database nvarchar(MAX) field
How do I convert the enterire SQL statement so that it can be stored in my SQL database via
the  insert statement shown below

        Dim cn As New OleDbConnection(cs)

        Dim oReportName As String = Me.txtReportName.Text
        Dim oSQL As String = Me.lblALL_SQL.Text
        Dim oUserName As String = ""
        Dim oPassword As String = ""
        Dim oConnectionString As String = ""

        Dim sSQL As String
        sSQL = "INSERT INTO Users ( [Report_Name], [SQL], [UserName], [Password], [Connection_String] )"
        sSQL = sSQL & " SELECT "
        sSQL = sSQL & "'" & oReportName & "' AS Expr1,"
        sSQL = sSQL & "'" & SQLConvert(oSQL) & "' AS Expr2"
        sSQL = sSQL & "'" & oUserName & "' AS Expr3"
        sSQL = sSQL & "'" & oPassword & "' AS Expr4"
        sSQL = sSQL & "'" & oConnectionString & "' AS Expr5"


        '// define the sql statement to execute
        Dim cmd As New OleDbCommand(sSQL, cn)

        Try

            cn.Open()
            cmd.ExecuteNonQuery()

        Catch ex As Exception
            Me.lblError2.Text = ex.Message
        Finally
            If cn.State <> ConnectionState.Closed Then
                cn.Close()
            End If
        End Try
0
Comment
Question by:murbro
3 Comments
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
ID: 40341312
what error do you get?
anyhow, you should not use such dynamic sql, but is OleDbParameters to avoid using SQLConvert (or forgetting to do so)
for example, see here:http://msdn.microsoft.com/en-us/library/50xtbfet%28v=vs.110%29.aspx
code will be much shorter, easier to read and no hassle with special characters for your SQL
0
 
LVL 27

Expert Comment

by:Ark
ID: 40345344
Since all your values are strings:
Dim sSQL As String
sSQL = "INSERT INTO Users ( [Report_Name], [SQL], [UserName], [Password], [Connection_String] )"
sSQL += " VALUES ('"
sSQL += oReportName & "','"
sSQL += oSQL & "','"
sSQL += oUserName & "','"
sSQL += oPassword & "','"
sSQL += oConnectionString & "')"

Open in new window

Values are in brackets, separated with commas and each value is inside single quotes (telling SQL that they are strings)
0
 

Author Closing Comment

by:murbro
ID: 40345387
Thanks
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

This article explains how to reset the password of the sa account on a Microsoft SQL Server.  The steps in this article work in SQL 2005, 2008, 2008 R2, 2012, 2014 and 2016.
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that undeā€¦
Via a live example, show how to shrink a transaction log file down to a reasonable size.
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now