Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Passing parameter to SQL statement ASP.NET VB.NET

Posted on 2016-10-25
5
Medium Priority
?
118 Views
Last Modified: 2016-10-25
Hello, I need your help to resolve a problem with passing a parameter to an SQL statement. Line 18: Dim dt As DataTable = GetData(cmd) appears to be wrong but I can't figure out how to fix it. It does not like the (cmd) in there. In short, I am trying to use the login email of the user logging in to filter some data that will be used to produce map (rptMarkers).

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Dim cmd As New SqlCommand(query)

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

End Class

Open in new window

0
Comment
Question by:Cobra967
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859074
The GetData() function is expecting a string. You're passing a SqlCommand object. Try replacing line 18 as follows:
            Dim dt As DataTable = GetData(strQuery)

Open in new window

0
 
LVL 20

Accepted Solution

by:
Russ Suter earned 2000 total points
ID: 41859084
Whoops! Hang on, I realize you need to pass a parameter with the SqlCommand object so while my above post will fix the error on line 18 it won't handle the parameter passing. Refactor your GetData() function as follows:
    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

			return GetData(cmd)
			
		End Using

    End Function
	
	Private Function GetData(cmd as SqlCommand) as DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con

                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using

    End Function

Open in new window

This uses overloading to create a new version of GetData() that will accept a SqlCommand object as its parameter. GetData(string) still exists so if it's called elsewhere it will not break anything and that code is simplified to simply call the GetData(SqlCommand) version for better maintainability.

Side note: The SqlCommand object implements IDisposable so you should either have a Using statement or call cmd.Dispose() when you're done with the object.
0
 

Author Comment

by:Cobra967
ID: 41859139
Thank you Russ, that did the trick. At what line # should I add cmd.Dispose() ?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41859281
Anytime after line 18 will work. It looks like you're done with the object after that.
0
 

Author Comment

by:Cobra967
ID: 41859300
For anyone benefit, this is my final working code thanks to Russ.

Imports System.Data.SqlClient

Public Class MapMyTerritories
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim eMail As String = Context.User.Identity.Name

        If Not Me.IsPostBack Then


            Dim strQuery As String = "select * from VW_MyTerritories WHERE eMail = @eMail"

            Dim cmd As New SqlCommand(strQuery)

            cmd.Parameters.AddWithValue("@eMail", eMail)

            Dim dt As DataTable = GetData(cmd)

            rptMarkers.DataSource = dt

            rptMarkers.DataBind()

        End If

    End Sub

    Private Function GetData(query As String) As DataTable

        Using cmd As New SqlCommand(query)

            Return GetData(cmd)

        End Using

    End Function

    Private Function GetData(cmd As SqlCommand) As DataTable

        Dim conString As String = ConfigurationManager.ConnectionStrings("DefaultConnection").ConnectionString

        Using con As New SqlConnection(conString)

            Using sda As New SqlDataAdapter()

                cmd.Connection = con



                sda.SelectCommand = cmd

                Using dt As New DataTable()

                    sda.Fill(dt)

                    Return dt

                End Using

            End Using

        End Using
        cmd.Dispose()

    End Function


End Class

Open in new window

0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In .NET 2.0, Microsoft introduced the Web Site.  This was the default way to create a web Project in Visual Studio 2005.  In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Si…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question