Solved

Passing parameter to SQL statement ASP.NET VB.NET

Posted on 2016-10-25
5
31 Views
Last Modified: 2016-10-25
Hello, I need your help to resolve a problem with passing a parameter to an SQL statement. Line 18: Dim dt As DataTable = GetData(cmd) appears to be wrong but I can't figure out how to fix it. It does not like the (cmd) in there. In short, I am trying to use the login email of the user logging in to filter some data that will be used to produce map (rptMarkers).

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Dim cmd As New SqlCommand(query)

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

End Class

Open in new window

0
Comment
Question by:Cobra967
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859074
The GetData() function is expecting a string. You're passing a SqlCommand object. Try replacing line 18 as follows:
            Dim dt As DataTable = GetData(strQuery)

Open in new window

0
 
LVL 20

Accepted Solution

by:
Russ Suter earned 500 total points
ID: 41859084
Whoops! Hang on, I realize you need to pass a parameter with the SqlCommand object so while my above post will fix the error on line 18 it won't handle the parameter passing. Refactor your GetData() function as follows:
    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

			return GetData(cmd)
			
		End Using

    End Function
	
	Private Function GetData(cmd as SqlCommand) as DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

Open in new window

This uses overloading to create a new version of GetData() that will accept a SqlCommand object as its parameter. GetData(string) still exists so if it's called elsewhere it will not break anything and that code is simplified to simply call the GetData(SqlCommand) version for better maintainability.

Side note: The SqlCommand object implements IDisposable so you should either have a Using statement or call cmd.Dispose() when you're done with the object.
0
 

Author Comment

by:Cobra967
ID: 41859139
Thank you Russ, that did the trick. At what line # should I add cmd.Dispose() ?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859281
Anytime after line 18 will work. It looks like you're done with the object after that.
0
 

Author Comment

by:Cobra967
ID: 41859300
For anyone benefit, this is my final working code thanks to Russ.

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

            Return GetData(cmd)

        End Using

    End Function

    Private Function GetData(cmd As SqlCommand) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con



                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using
        cmd.Dispose()

    End Function


End Class

Open in new window

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now