Solved

Passing parameter to SQL statement ASP.NET VB.NET

Posted on 2016-10-25
5
85 Views
Last Modified: 2016-10-25
Hello, I need your help to resolve a problem with passing a parameter to an SQL statement. Line 18: Dim dt As DataTable = GetData(cmd) appears to be wrong but I can't figure out how to fix it. It does not like the (cmd) in there. In short, I am trying to use the login email of the user logging in to filter some data that will be used to produce map (rptMarkers).

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Dim cmd As New SqlCommand(query)

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

End Class

Open in new window

0
Comment
Question by:Cobra967
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859074
The GetData() function is expecting a string. You're passing a SqlCommand object. Try replacing line 18 as follows:
            Dim dt As DataTable = GetData(strQuery)

Open in new window

0
 
LVL 20

Accepted Solution

by:
Russ Suter earned 500 total points
ID: 41859084
Whoops! Hang on, I realize you need to pass a parameter with the SqlCommand object so while my above post will fix the error on line 18 it won't handle the parameter passing. Refactor your GetData() function as follows:
    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

			return GetData(cmd)
			
		End Using

    End Function
	
	Private Function GetData(cmd as SqlCommand) as DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

Open in new window

This uses overloading to create a new version of GetData() that will accept a SqlCommand object as its parameter. GetData(string) still exists so if it's called elsewhere it will not break anything and that code is simplified to simply call the GetData(SqlCommand) version for better maintainability.

Side note: The SqlCommand object implements IDisposable so you should either have a Using statement or call cmd.Dispose() when you're done with the object.
0
 

Author Comment

by:Cobra967
ID: 41859139
Thank you Russ, that did the trick. At what line # should I add cmd.Dispose() ?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859281
Anytime after line 18 will work. It looks like you're done with the object after that.
0
 

Author Comment

by:Cobra967
ID: 41859300
For anyone benefit, this is my final working code thanks to Russ.

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

            Return GetData(cmd)

        End Using

    End Function

    Private Function GetData(cmd As SqlCommand) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con



                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using
        cmd.Dispose()

    End Function


End Class

Open in new window

0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
Today is the age of broadband.  More and more people are going this route determined to experience the web and it’s multitude of services as quickly and painlessly as possible. Coupled with the move to broadband, people are experiencing the web via …
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question