Solved

Passing parameter to SQL statement ASP.NET VB.NET

Posted on 2016-10-25
5
57 Views
Last Modified: 2016-10-25
Hello, I need your help to resolve a problem with passing a parameter to an SQL statement. Line 18: Dim dt As DataTable = GetData(cmd) appears to be wrong but I can't figure out how to fix it. It does not like the (cmd) in there. In short, I am trying to use the login email of the user logging in to filter some data that will be used to produce map (rptMarkers).

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Dim cmd As New SqlCommand(query)

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

End Class

Open in new window

0
Comment
Question by:Cobra967
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859074
The GetData() function is expecting a string. You're passing a SqlCommand object. Try replacing line 18 as follows:
            Dim dt As DataTable = GetData(strQuery)

Open in new window

0
 
LVL 20

Accepted Solution

by:
Russ Suter earned 500 total points
ID: 41859084
Whoops! Hang on, I realize you need to pass a parameter with the SqlCommand object so while my above post will fix the error on line 18 it won't handle the parameter passing. Refactor your GetData() function as follows:
    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

			return GetData(cmd)
			
		End Using

    End Function
	
	Private Function GetData(cmd as SqlCommand) as DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

Open in new window

This uses overloading to create a new version of GetData() that will accept a SqlCommand object as its parameter. GetData(string) still exists so if it's called elsewhere it will not break anything and that code is simplified to simply call the GetData(SqlCommand) version for better maintainability.

Side note: The SqlCommand object implements IDisposable so you should either have a Using statement or call cmd.Dispose() when you're done with the object.
0
 

Author Comment

by:Cobra967
ID: 41859139
Thank you Russ, that did the trick. At what line # should I add cmd.Dispose() ?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859281
Anytime after line 18 will work. It looks like you're done with the object after that.
0
 

Author Comment

by:Cobra967
ID: 41859300
For anyone benefit, this is my final working code thanks to Russ.

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

            Return GetData(cmd)

        End Using

    End Function

    Private Function GetData(cmd As SqlCommand) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con



                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using
        cmd.Dispose()

    End Function


End Class

Open in new window

0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question