How to insert one record at a time? - c#

I'm having some 8 text boxes and one submit button. I just want to insert only one text box value into db when I press submit. So, I must press submit button 8 times to enter all the text box values into the db.
SqlConnection conn = new SqlConnection();
conn.ConnectionString = #"Data Source=Sadiq;Initial Catalog=rafi;Integrated Security=True";
conn.Open();
SqlCommand cmd = new SqlCommand();
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "student1";
int studid = Convert.ToInt32(TextBox1.Text);
string name = TextBox2.Text;
int age = Convert.ToInt32(TextBox3.Text);
string school = TextBox4.Text;
string clas = TextBox5.Text;
int marks = Convert.ToInt32(TextBox6.Text);
string grade = TextBox7.Text;
cmd.Parameters.Add(new SqlParameter("#stud_id", studid));
cmd.Parameters.Add(new SqlParameter("#name", name));
cmd.Parameters.Add(new SqlParameter("#age", age));
cmd.Parameters.Add(new SqlParameter("#school", school));
cmd.Parameters.Add(new SqlParameter("#class", clas));
cmd.Parameters.Add(new SqlParameter("#marks", marks));
cmd.Parameters.Add(new SqlParameter("#grade", grade));
cmd.Connection=conn;
cmd.ExecuteNonQuery();
conn.Close();

Related

trying to update access DB using c# it says The connection was not closed. The connection's current state is open

string p_ID = TextBox4.Text;
string pname = TextBox1.Text;
string page = TextBox6.Text;
string pgender = TextBox3.Text;
string paddress = TextBox2.Text;
cmd.CommandType = CommandType.Text;
conn.Open();
cmd.CommandText = ("update patient set name = #pname , age = #page , gender = #pgender , address = #paddress where [patient ID] = #p_ID ");
cmd.Parameters.Add(new OleDbParameter("#pname", pname));
cmd.Parameters.Add(new OleDbParameter("#page", page));
cmd.Parameters.Add(new OleDbParameter("#pgender", pgender));
cmd.Parameters.Add(new OleDbParameter("#paddress", paddress));
cmd.Parameters.Add(new OleDbParameter("#p_ID", p_ID));
cmd.ExecuteNonQuery();
MessageBox.Show("patient Updated");
conn.Close();

SQL Server stored procedure return value to string [duplicate]

This question already has answers here:
Fetch scope_identity value in C# code from stored procedure in 3 tier architecture
(2 answers)
Closed 4 years ago.
I have a stored procedure that will return the SCOPE_IDENTITY() which is the ID for the row just added.
I have run the procedure from my C# application and adds the correct data to the database. What I need is for this returned value to be stored as a string in C~ so I can populate a text box in the UI.
SqlConnection con = new SqlConnection(connectionString);
con.Open();
SqlDataAdapter aa = new SqlDataAdapter("sp_insert_order", con);
aa.SelectCommand.CommandType = CommandType.StoredProcedure;
aa.SelectCommand.Parameters.Add("#customer_id", SqlDbType.VarChar, (50)).Value = comboBox1.SelectedItem;
aa.SelectCommand.ExecuteNonQuery();
con.Close();
Changed to
SqlConnection con = new SqlConnection(connectionString);
con.Open();
SqlDataAdapter aa = new SqlDataAdapter("sp_insert_order", con);
aa.SelectCommand.CommandType = CommandType.StoredProcedure;
aa.SelectCommand.Parameters.Add("#customer_id", SqlDbType.VarChar, (50)).Value = comboBox1.SelectedItem;
object oString = aa.SelectCommand.ExecuteScalar();
string myString = "";
if (oString != null)
{
myString = oString.ToString();
textBox1.Text = myString;
}
Textbox1 is still blank. :(

Ok, we're assuming your SProc is returning properly. Try assigning an output parameter as follows:
SqlConnection cnx = new SqlConnection(WebConfigurationManager.ConnectionStrings["yourConnName"].ConnectionString);
SqlCommand cmd = new SqlCommand();
cmd.Connection = cnx;
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.CommandText = "testSProc";
cmd.Parameters.AddWithValue("name", "test Name");
SqlParameter outputParam = cmd.Parameters.Add("outID", SqlDbType.Int);
outputParam.Direction = ParameterDirection.Output;
object oString;
cnx.Open();
cmd.ExecuteNonQuery();
cnx.Close();
TextBox1.Text = outputParam.Value.ToString();

Error occured when datatype is converted from int to string

protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection cn = new SqlConnection();
SqlCommand cmd = new SqlCommand();
SqlDataAdapter da1 = new SqlDataAdapter();
DataSet ds1 = new DataSet();
cn.ConnectionString = #"Data Source=BOPSERVER;Initial Catalog=Project;Integrated Security=True";
cn.Open();
string n = Convert.ToString(txtfid.Text);
cmd.CommandText = "select * from Personal_det where FID=" + n + "";
cmd.CommandType = CommandType.Text;
cmd.Connection = cn;
da1.SelectCommand = cmd;
da1.Fill(ds1, "Personal_det");
double dn = ds1.Tables["Personal_det"].Rows.Count;
if (dn == 0)
{
DateTime sdt = DateTime.Today;
SqlCommand cmd3 = new SqlCommand();
cn.Close();
cn.Open();
cmd3.CommandText = "insert into Personal_det(FID,Name,DOB,MobileNo,EmailId,add1,add2,add3,Pincode) values(#FID,#Name,#DOB,#MobileNo,#EmailId,#add1,#add2,#add3,#Pincode)";
cmd3.CommandType = CommandType.Text;
cmd3.Connection = cn;
cmd3.Parameters.Add("#FID", SqlDbType.VarChar,50);
cmd3.Parameters["#FID"].Value = this.txtfid.Text;
cmd3.Parameters.Add("#Name", SqlDbType.VarChar, 50);
cmd3.Parameters["#Name"].Value = this.txtname.Text;
cmd3.Parameters.Add("#DOB", SqlDbType.DateTime, 8);
cmd3.Parameters["#DOB"].Value = Convert.ToDateTime(this.txtdob.Text);
cmd3.Parameters.Add("#MobileNo", SqlDbType.Decimal, 18);
cmd3.Parameters["#MobileNo"].Value = this.txtmbl.Text;
cmd3.Parameters.Add("#EmailId", SqlDbType.VarChar, 50);
cmd3.Parameters["#EmailId"].Value = this.txtmail.Text;
cmd3.Parameters.Add("#add1", SqlDbType.VarChar, 50);
cmd3.Parameters["#add1"].Value = this.txtadd1.Text;
cmd3.Parameters.Add("#add2", SqlDbType.VarChar, 50);
cmd3.Parameters["#add2"].Value = this.txtadd2.Text;
cmd3.Parameters.Add("#add3", SqlDbType.VarChar, 50);
cmd3.Parameters["#add3"].Value = this.txtadd3.Text;
cmd3.Parameters.Add("#Pincode", SqlDbType.Decimal, 18);
cmd3.Parameters["#Pincode"].Value = this.txtpin.Text;
cmd3.ExecuteNonQuery();
cn.Close();
This is my C# code..Actually what i have done is previously i had FID as int now i converted it as varchar(50),because of some needs,i have already changed the datatype in sql..Personal_det is the table where in FID is a primary key constraint and foriegn key for other tables..Now When i am going to execute the code..it gives the error shown in the Image

Do not create CommandText using strings concatenation - such a bad practice make your sql queries vulnerable for sql-injections.
You can use SqlParameter also for "select" queries, like this.
cmd.CommandText = "select * from Personal_det where FID=#fid";
...
cmd.Parameters.Add(new SqlParameter("#fid", fidValue))

since FID is string you need to use '' as below
cmd.CommandText = "select * from Personal_det where FID='" + n + "'";
above will avoid your exception but it is not safe
You need to use parameters like you did on second case

Oracle Update Query From a C# interface

I'm having an issue with an update query in C#. It's odd to me that I'm having an issue with update, but select, delete, and insert work.
public void updateTeacherInfo(string SSN, string Classroom, string salary, string tenured, string phone)
{
OracleConnection conn = new OracleConnection("myconnectionstring;");
conn.Open();
OracleCommand cmd = new OracleCommand("Update Teachers Set classroom_number = :TRM, Salary = :TSALARY, Tenured = :TTENURE, Phone_numer = :TPHONE Where SSN = :TSSN", conn);
OracleCommand commit = new OracleCommand("COMMIT", conn);
cmd.Parameters.Add(new OracleParameter(":TSSN", SSN));
cmd.Parameters.Add(new OracleParameter(":TRM", Classroom));
cmd.Parameters.Add(new OracleParameter(":TSALARY", salary));
cmd.Parameters.Add(new OracleParameter(":TTENURE", tenured));
cmd.Parameters.Add(new OracleParameter(":TPHONE", phone));
int i = cmd.ExecuteNonQuery();
int k = commit.ExecuteNonQuery();
MessageBox.Show(i + " rows affected");
MessageBox.Show(k + " rows affected");
conn.Close();
}
Edit* the rest of the method to clear things up, and also, it is not throwing any errors, but does not update the database.

Put the Parameters.Add in proper sequence. In your update query
"Update Teachers Set classroom_number = :TRM, Salary = :TSALARY, Tenured = :TTENURE, Phone_numer = :TPHONE Where SSN = :TSSN"
:TRM is occuring first and likewise. So keep the Parameters.Add also in same sequence. It will work. The sequence will be:
cmd.Parameters.Add(new OracleParameter(":TRM", Classroom));
cmd.Parameters.Add(new OracleParameter(":TSALARY", salary));
cmd.Parameters.Add(new OracleParameter(":TTENURE", tenured));
cmd.Parameters.Add(new OracleParameter(":TPHONE", phone));
cmd.Parameters.Add(new OracleParameter(":TSSN", SSN));

can we assign object value to the label?

I have a label for that i have to assign object value which is returned by stored procedure.my code as following
object returnvalue;
SqlConnection con = new SqlConnection("Data Source=vela21; Initial Catalog=MilkDb;Integrated Security=True");
con.Open();
string sa;
sa = textBox1.Text;
SqlCommand cmd = new SqlCommand("custname", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("Cid", SqlDbType.Int).Value = sa;
cmd.Parameters.Add("cname", SqlDbType.NVarChar, 20);
cmd.Parameters["cname"].Direction = ParameterDirection.Output;
returnvalue = cmd.ExecuteNonQuery();
label3.Text = Convert.ToString(returnvalue);
con.Close();
can anyone help me? plz........

label3.Text = Convert.ToString(cmd.Parameters["cname"].Value);

Yeah. Andrey is right...
I had the same answer...
label3.Text = Convert.ToString(cmd.Parameters["cname"].Value);

Categories

Resources