I got the error:
Procedure or function usp_User_Info3 has too many arguments specified
When I run the program. I don't know the error in SP or in C# code. I have to display the Vendor_ID after the user clicks the submit button. Where the thing going wrong here ?
Table structure :
CREATE TABLE User_Info3
(
SNo int Identity (2000,1) ,
Vendor_ID AS 'VEN' + CAST(SNo as varchar(16)) PERSISTED PRIMARY KEY,
UserName VARCHAR(16) NOT NULL,
User_Password VARCHAR(12) NOT NULL,
User_ConPassword VARCHAR(12) NOT NULL,
User_FirstName VARCHAR(25) NOT NULL,
User_LastName VARCHAR(25) SPARSE NULL,
User_Title VARCHAR(35) NOT NULL,
User_EMail VARCHAR(35) NOT NULL,
User_PhoneNo VARCHAR(14) NOT NULL,
User_MobileNo VARCHAR(14)NOT NULL,
User_FaxNo VARCHAR(14)NOT NULL,
UserReg_Date DATE DEFAULT GETDATE()
)
Stored Procedure :
ALTER PROCEDURE [dbo].[usp_User_Info3]
#SNo INT OUTPUT,
#Vendor_ID VARCHAR(10) OUTPUT,
#UserName VARCHAR(30),
#User_Password VARCHAR(12),
#User_ConPassword VARCHAR(12),
#User_FirstName VARCHAR(25),
#User_LastName VARCHAR(25),
#User_Title VARCHAR(35),
#User_OtherEmail VARCHAR(30),
#User_PhoneNo VARCHAR(14),
#User_MobileNo VARCHAR(14),
#User_FaxNo VARCHAR(14)
AS
BEGIN
SET NOCOUNT ON;
INSERT INTO User_Info3 (UserName,User_Password,User_ConPassword,User_FirstName,
User_LastName,User_Title,User_OtherEmail,User_PhoneNo,User_MobileNo,User_FaxNo)
VALUES (#UserName,#User_Password,#User_ConPassword,#User_FirstName,#User_LastName,
#User_Title,#User_OtherEmail,#User_PhoneNo,#User_MobileNo,#User_FaxNo)
SET #SNo = Scope_Identity()
SELECT Vendor_ID From User_Info3 WHERE SNo = #SNo
END
C# Code :
protected void BtnUserNext_Click(object sender, EventArgs e)
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "usp_User_Info3";
System.Data.SqlClient.SqlParameter SNo=cmd.Parameters.Add("#SNo",System.Data.SqlDbType.Int);
System.Data.SqlClient.SqlParameter Vendor_ID=cmd.Parameters.Add("#Vendor_ID",
System.Data.SqlDbType.VarChar,10);
cmd.Parameters.Add("#UserName", SqlDbType.VarChar).Value = txtUserName.Text;
cmd.Parameters.Add("#User_Password", SqlDbType.VarChar).Value = txtRegPassword.Text;
cmd.Parameters.Add("#User_ConPassword", SqlDbType.VarChar).Value = txtRegConPassword.Text;
cmd.Parameters.Add("#User_FirstName", SqlDbType.VarChar).Value = txtRegFName.Text;
cmd.Parameters.Add("#User_LastName", SqlDbType.VarChar).Value = txtRegLName.Text;
cmd.Parameters.Add("#User_Title", SqlDbType.VarChar).Value = txtRegTitle.Text;
cmd.Parameters.Add("#User_OtherEmail", SqlDbType.VarChar).Value = txtOtherEmail.Text;
cmd.Parameters.Add("#User_PhoneNo", SqlDbType.VarChar).Value =txtRegTelephone.Text;
cmd.Parameters.Add("#User_MobileNo", SqlDbType.VarChar).Value =txtRegMobile.Text;
cmd.Parameters.Add("#User_FaxNo", SqlDbType.VarChar).Value =txtRegFax.Text;
cmd.Connection = SqlCon;
try
{
Vendor_ID.Direction = System.Data.ParameterDirection.Output;
SqlCon.Open();
cmd.ExecuteNonQuery();
string VendorID = cmd.ExecuteScalar() as string;
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
finally
{
string url = "../CompanyBasicInfo.aspx?Parameter=" + Server.UrlEncode(" + VendorID + ");
SqlCon.Close();
}
}
You're not setting the direction of the #SNo parameter
You're calling the command twice - Just call it with ExecuteScalar if you want the return value.
You're not setting the value of your #Vendor_ID output parameter in the stored procedure.
If I had to guess, I would wager that cmd is being re-used and has parameters from a previous call left in it. One option would be to call cmd.Parameters.Clear(), but frankly I see little point re-using this SqlCommand instance - it would be better to use a new command each time:
using(var cmd = SqlCon.CreateCommand()) {
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "usp_User_Info3";
// TODO: add parameters
// TODO: call one of the Execute* methods
}
User_OtherEmail column doesnt exist in the table
Correct Stored Procedure
Create PROCEDURE [dbo].[usp_User_Info3]
#SNo INT OUTPUT,
#Vendor_ID VARCHAR(10) OUTPUT,
#UserName VARCHAR(30),
#User_Password VARCHAR(12),
#User_ConPassword VARCHAR(12),
#User_FirstName VARCHAR(25),
#User_LastName VARCHAR(25),
#User_Title VARCHAR(35),
#User_Email VARCHAR(30),
#User_PhoneNo VARCHAR(14),
#User_MobileNo VARCHAR(14),
#User_FaxNo VARCHAR(14)
AS
BEGIN
SET NOCOUNT ON;
INSERT INTO User_Info3 (UserName,User_Password,User_ConPassword,User_FirstName,
User_LastName,User_Title,User_Email,User_PhoneNo,User_MobileNo,User_FaxNo)
VALUES (#UserName,#User_Password,#User_ConPassword,#User_FirstName,#User_LastName,
#User_Title,#User_Email,#User_PhoneNo,#User_MobileNo,#User_FaxNo)
SET #SNo = Scope_Identity()
SELECT Vendor_ID From User_Info3 WHERE SNo = #SNo
END
and the c# code to be modified accordingly .
After all these answers from great minds I can't believe you are still stuck. Here are my suggestions
In your PROC
'maintain this in your parameter
#Vendor_ID VARCHAR(10) OUTPUT,
Update to Select VendorID into #VendorID. See the second line
SET #SNo = Scope_Identity()
SELECT #Vendor_ID=VendorID From User_Info3 WHERE SNo = #SNo
In C#, do not call ExecuteScalar use ExecuteNonQuery
string newVendorID = "";
try
{
Vendor_ID.Direction = System.Data.ParameterDirection.Output;
SqlCon.Open();
cmd.ExecuteNonQuery();
if(Vendor_ID.Value != null)
newVendorID = Vendor_ID.Value.ToString();
}
You could rename the Vendor_ID parameter to something more meaningful, like VendorIDParam. Hope this helps?
Thanks for all your response.After i modify many times the C# code and SP according to your ideas, finally i got the answer for my question. I removed 'Vendor_ID' from my SP and add few codes in my code as shown below.
Stored procedure :
ALTER PROCEDURE [dbo].[usp_User_Info3]
#SNo INT OUTPUT,
#UserName VARCHAR(30),
#User_Password VARCHAR(12),
#User_ConPassword VARCHAR(12),
#User_FirstName VARCHAR(25),
#User_LastName VARCHAR(25),
#User_Title VARCHAR(35),
#User_OtherEmail VARCHAR(30),
#User_PhoneNo VARCHAR(14),
#User_MobileNo VARCHAR(14),
#User_FaxNo VARCHAR(14)
AS
BEGIN
SET NOCOUNT ON;
INSERT INTO User_Info3 (UserName,User_Password,User_ConPassword,User_FirstName,User_Title,User_OtherEmail,User_PhoneNo,User_MobileNo,User_FaxNo)
VALUES (#UserName,#User_Password,#User_ConPassword,#User_FirstName,#User_LastName,#User_Title,#User_OtherEmail,#User_PhoneNo,#User_MobileNo,#User_FaxNo)
SET #SNo = Scope_Identity()
END
C# Code :
protected void BtnUserNext_Click(object sender, EventArgs e)
{
SqlCon.Open();
SqlCommand cmd2 = new SqlCommand("usp_User_Info3", SqlCon);
cmd2.CommandType = CommandType.StoredProcedure;
cmd2.CommandText = "usp_User_Info3";
System.Data.SqlClient.SqlParameter SNo=cmd2.Parameters.Add("#SNo", System.Data.SqlDbType.Int);
cmd2.Parameters.Add("#UserName", SqlDbType.VarChar).Value = txtUserName.Text.Trim();
cmd2.Parameters.Add("#User_Password", SqlDbType.VarChar).Value = txtRegPassword.Text.Trim();
cmd2.Parameters.Add("#User_ConPassword", SqlDbType.VarChar).Value = txtRegConPassword.Text;
cmd2.Parameters.Add("#User_FirstName", SqlDbType.VarChar).Value = txtRegFName.Text.Trim();
cmd2.Parameters.Add("#User_LastName", SqlDbType.VarChar).Value = txtRegLName.Text.Trim();
cmd2.Parameters.Add("#User_Title", SqlDbType.VarChar).Value = txtRegTitle.Text.Trim();
cmd2.Parameters.Add("#User_OtherEmail", SqlDbType.VarChar).Value = txtOtherEmail.Text.Trim();
cmd2.Parameters.Add("#User_PhoneNo", SqlDbType.VarChar).Value = txtRegCode1.Text;
cmd2.Parameters.Add("#User_MobileNo", SqlDbType.VarChar).Value = txtRegCode2.Text;
cmd2.Parameters.Add("#User_FaxNo", SqlDbType.VarChar).Value = txtRegCode3.Text;
cmd2.Connection = SqlCon;
try
{
SNo.Direction = System.Data.ParameterDirection.Output;
cmd2.ExecuteScalar();
string VendorID = "VEN" + cmd2.Parameters["#SNo"].Value.ToString();
}
finally
{
string url = "../CompanyBasicInfo.aspx?Parameter=" + Server.UrlEncode(" + VendorID + ");
ClientScript.RegisterStartupScript(this.GetType(), "callfunction", "alert('Login created successfully');window.location.href = '" + url + "';", true);
SqlCon.Close();
}
}
Related
There is data in the database but it is not returning any value. I want to retrieve the value from the database
I have done insertion it is working properly but select is not working
public class Portal
{
public SqlCommand cmd = null;
ConnectionClass obj = new ConnectionClass();
public ArrayList fetchEmployee(int empid, String fname, String lname, String qualification, String dob, int status, String image, String statusname, String path)
{
ArrayList ar = null;
SqlDataReader dr = null;
try
{
obj.getConnection();
cmd = new SqlCommand("PROC_EMPLOYEE",obj.con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("#flag", SqlDbType.Int).Value = status;
cmd.Parameters.Add("#statusname", SqlDbType.VarChar).Value = statusname;
cmd.Parameters.Add("#id", SqlDbType.Int).Value = empid;
cmd.Parameters.Add("#fname", SqlDbType.VarChar).Value = fname;
cmd.Parameters.Add("#lname", SqlDbType.VarChar).Value = lname;
cmd.Parameters.Add("#qualification", SqlDbType.VarChar).Value = qualification;
cmd.Parameters.Add("#dob", SqlDbType.VarChar).Value = dob;
cmd.Parameters.Add("#image", SqlDbType.NVarChar).Value = image;
cmd.Parameters.Add("#path", SqlDbType.NVarChar).Value = path;
obj.con.Open();
dr = cmd.ExecuteReader();
while(dr.Read()){
ar=new ArrayList();
ar.Add(dr[1].ToString());
Console.WriteLine(dr["fname"].ToString());
}
dr.Close();
obj.con.Close();
}
catch(Exception ex) {
ar=null;
}
}
}
}
Here is my procedure
ALTER PROCEDURE [dbo].[PROC_EMPLOYEE](#id numeric(18,0), #fname varchar(25) ,#lname varchar(25), #dob varchar(25),#statusname varchar(25) ,#qualification varchar(25),#image nvarchar(25) = NULL,#flag int,#path nvarchar(MAX) = NULL)
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
declare
#statusid numeric(18,0),
#i numeric(18,0),
#flag1 int
-- Insert statements for procedure here
set #flag1=#flag;
if(#flag1 = 1)
BEGIN
Set #statusid = (Select status_id from dbo.Status where status_name = #statusname);
Insert into Employee(fname,lname,qualification,dob,image,status_id,path) values(#fname,#lname,#qualification,#dob,#image,#statusid,#path);
END
if(#flag1 = 2)
BEGIN
Delete from Employee where emp_id=#id;
END
if(#flag1 = 3)
BEGIN
Select fname from Employee where emp_id=#id;
END
if(#flag1 = 5)
BEGIN
Select emp_id,fname,lname,qualification,dob from Employee;
END
if(#flag1 = 4)
BEGIN
Set #statusid = (Select status_id from dbo.Status where status_name = #statusname);
update Employee set qualification=#qualification, image=#image, dob=#dob,fname=#fname,lname=#lname,status_id=#statusid where emp_id=#id;
END
END
I want it to fetch the record but it is returning record not found. It is connecting to the database properly. Can someone please help
You should do something useful with the catch(Exception ex) {...}
Currently ex.Message probably returns: "ExecuteReader: Connection property has not been initialized."
You should assign cmd.Connection with the value of the connection you want to use.
(see: SQL Server error: ExecuteNonQuery: Connection property has not been initialized )
This question already has answers here:
Procedure or function !!! has too many arguments specified
(8 answers)
Closed 4 years ago.
My stored procedure is as follows :
ALTER PROCEDURE [dbo].[sp5]
#mat NVARCHAR(1000) = NULL,
#party NVARCHAR(1000) = NULL,
#place NVARCHAR(1000) = NULL,
#truk NVARCHAR(1000) = NULL,
#qty NVARCHAR(10) = NULL,
#ptm NVARCHAR(10) = NULL,
#mop NVARCHAR(100) = NULL,
#tos NVARCHAR(100) = NULL,
#driver NVARCHAR(100) = NULL,
#date1 DATE = NULL
AS
BEGIN
DECLARE #sql NVARCHAR(4000);
DECLARE #params NVARCHAR(4000);
DECLARE #rate nvarchar(10);
SET #sql ='select #rate = ['+#mat+'] from tblcos'+ ' where [Name] = #party'
set #params = '#party nvarchar (1000), #rate NVARCHAR(10) OUTPUT'
exec sp_executesql #sql, #params,#party= #party,#rate = #rate OUTPUT
INSERT INTO tblsls([Party], [Place], [truk], [Material], [Qty], rate,
[Payment], [MOP], [TOS], [driver], [Date])
SELECT
#party, #place, #truk, #mat, #qty, #rate,
#ptm, #mop, #tos, #driver, #date1
END
aspx.cs code file is as follows :
namespace crusoft
{
public partial class WebForm3 : System.Web.UI.Page
{
protected void Button1_Click(object sender, EventArgs e)
{
string cs = ConfigurationManager.ConnectionStrings["VRAConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(cs);
SqlCommand cmd = new SqlCommand("sp5", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("#date1", SqlDbType.Date).Value = Calendar1.SelectedDate.ToShortDateString();
cmd.Parameters.AddWithValue("#party", SqlDbType.NVarChar).Value = Ddprt.SelectedValue;
cmd.Parameters.AddWithValue("#place", SqlDbType.NVarChar).Value = tbpls.Text;
cmd.Parameters.AddWithValue("#truk", SqlDbType.NVarChar).Value = Tbtru.Text;
cmd.Parameters.AddWithValue("#mat", SqlDbType.NVarChar).Value = Ddmat.SelectedValue;
cmd.Parameters.AddWithValue("#qty", SqlDbType.SmallInt).Value = Tbqty.Text;
cmd.Parameters.Add("#rate", SqlDbType.NVarChar, 10);
cmd.Parameters["#rate"].Direction = ParameterDirection.Output;
cmd.Parameters.AddWithValue("#ptm", SqlDbType.NVarChar).Value = Tbptm.Text;
cmd.Parameters.AddWithValue("#mop", SqlDbType.NVarChar).Value = Ddmop.SelectedValue;
cmd.Parameters.AddWithValue("#tos", SqlDbType.NVarChar).Value = Ddtos.SelectedValue;
cmd.Parameters.AddWithValue("#driver", SqlDbType.NVarChar).Value = Tbdri.Text;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
}
When I run the program it fails, when I execute without the #rate parameter, everything works fine, but I want to execute with the #rate parameter.
I am sure the stored procedure is working correctly.
Include #rate as an output parameter in the procedure and the code should be fine
I am looking to Insert a row into a table and return the Identity column in c# code. I cannot seem to get the syntax quite right.
Here is the storted procedure
ALTER PROCEDURE [dbo].[sp_InsertIssue]
#Application nchar(20) = NULL ,
#Version nchar(10) = NULL ,
#CreatedBy NVARCHAR(30) = NULL ,
#AssignedTo nVARCHAR(max) = NULL ,
#Description nVARCHAR(max) = NULL ,
#UserId INT
AS
BEGIN
SET NOCOUNT ON
INSERT INTO dbo.Issue
(
Application ,
Version ,
CreatedBy ,
AssignedTo ,
Description ,
UserId
)
VALUES
(
#Application ,
#Version ,
#CreatedBy ,
#AssignedTo ,
#Description ,
#UserId
)
RETURN SCOPE_IDENTITY()
END
Here is the C# Code
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "sp_InsertIssue ";
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Connection = m_Connection;
SqlParameter parm = new SqlParameter("#IssueId", SqlDbType.Int);
parm.Direction = ParameterDirection.ReturnValue;
cmd.Parameters.Add("#Application", SqlDbType.VarChar).Value = p_Application;
cmd.Parameters.Add("#Version", SqlDbType.VarChar).Value = p_Version;
cmd.Parameters.Add("#CreatedBy", SqlDbType.VarChar).Value = p_CreatedBy;
cmd.Parameters.Add("#AssignedTo", SqlDbType.VarChar).Value = p_AssignedTo;
cmd.Parameters.Add("#Description", SqlDbType.VarChar).Value = p_Description;
cmd.Parameters.Add("#UserId", SqlDbType.Int).Value = p_UserId;
var returnParameter = cmd.Parameters.Add("IssueId", SqlDbType.Int);
returnParameter.Direction = ParameterDirection.ReturnValue;
/// send data to db
Int32 id = (int)cmd.ExecuteNonQuery();
Return -1 not the identity column
You have to make some changes :
SELECT SCOPE_IDENTITY() is beter than Return SCOPE_IDENTITY()
in your code you have to change also cmd.ExecuteNonQuery()
with int id = Convert.ToInt32(cmd.ExecuteScalar());
Changing my answer completely after reading your code more closely :) You were so close
Change:
Int32 id = (int)cmd.ExecuteNonQuery();
To:
cmd.ExecuteNonQuery(); // this returns the # of "rows affected"
Int32 id = (int)returnParameter.Value
Procedure or function 'login' expects parameter '#Abc', which was not supplied
4 hours searching and trying and no use I already supplied this parameter (copy/paste) and the number of parameters given to procedure is the same of procedure and in order.
#Abc is an output parameter.
Stored procedure definition:
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER proc [dbo].[login]
(
#Abc int output,
#firstname varchar(255) output,
#lastname varchar(255) output,
#Email varchar(255),
#pass varchar(255)
)
As
begin
if not exists (select Email from user_1 where email=#email)
select #Abc = 0
else begin
if not exists (
select Email from user_1 where email =#Email and password = #pass
)
select #Abc = 1
else
select #Abc = 2,#firstname = u.first_name ,#lastname=u.last_name from user_1 u where u.email = #email
end
end
Code to call the stored procedure:
myCon.Open();
TextBox username = UserName;
TextBox password = Password;
SqlCommand myCommand = new SqlCommand("login", myCon);
SqlParameter count= myCommand.Parameters.Add("#Abc", SqlDbType.Int);
count.Direction = ParameterDirection.Output;
SqlParameter fnp = myCommand.Parameters.Add("#firstname", SqlDbType.VarChar,255);
fnp.Direction = ParameterDirection.Output;
SqlParameter lnp = myCommand.Parameters.Add("#lastname", SqlDbType.VarChar, 255);
lnp.Direction = ParameterDirection.Output;
myCommand.Parameters.AddWithValue("#Email",username.Text);
myCommand.Parameters.AddWithValue("#pass", password.Text);
myCommand.ExecuteNonQuery();
myCon.Close();
You have omitted:
myCommand.CommandType = CommandType.StoredProcedure;
So the command sent to the DB is a malfed sp_executeSQL call instead of the desired exec login
FYI there is also a shorter syntax:
myCommand.Parameters.Add("#Abc", SqlDbType.Int).Direction = ParameterDirection.Output;
I m creating new user registration moduleand for that i wrote following stored proc.
PROCEDURE [dbo].[addNewUser]
-- Add the parameters for the stored procedure here
#usertype VarChar(10),
#useremail VarChar(70),
#userpass VarChar(20),
#fullname VarChar(70),
#city VarChar(70),
#state Int,
#allowAlerts Bit,
#allowLetter Bit,
#aboutMe NVARCHAR(160)
As
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
if ((select count(user_info._id) from user_info where useremail like #useremail) = 0)
BEGIN
Insert Into user_info
(usertype,useremail,userpass,fullname,city,[state],allowAlerts,allowLetters,aboutMe)
Values
(
#usertype,
#useremail,
#userpass ,
#fullname,
#city,
#state,
#allowAlerts,
#allowLetter,
#aboutMe
)
Select ##IDENTITY as NewID
END
Else
BEGIN
Print '-1'
END
And following is the simple ASP.net C# Code that I try to use
public int registerNewUser(string usertype, string useremail, string userpass, string fullname, string city, string state, string allowAlerts, string allowLetter, string aboutMe)
{
con = new SqlConnection(connectionString);
cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "addBlogEntry";
cmd.Parameters.Add("#usertype", SqlDbType.VarChar).Value = usertype;
cmd.Parameters.Add("#useremail", SqlDbType.VarChar).Value = useremail;
cmd.Parameters.Add("#userpass", SqlDbType.VarChar).Value = userpass;
cmd.Parameters.Add("#fullname", SqlDbType.VarChar).Value = fullname;
cmd.Parameters.Add("#city", SqlDbType.VarChar).Value = city;
cmd.Parameters.Add("#state", SqlDbType.VarChar).Value = Convert.ToInt16(state);
cmd.Parameters.Add("#allowAlerts", SqlDbType.VarChar).Value = Convert.ToInt16(allowAlerts);
cmd.Parameters.Add("#allowLetter", SqlDbType.VarChar).Value = Convert.ToInt16(allowLetter);
cmd.Parameters.Add("#aboutMe", SqlDbType.VarChar).Value = aboutMe;
try
{
if (con.State != ConnectionState.Open)
con.Open();
cmd.ExecuteNonQuery();
con.Close();
con.Dispose();
// some code to be written here so that i can return userID(success) or -1(if that username is already registered)
return 0;
}
catch (Exception Ex)
{
con.Close();
con.Dispose();
return 0;
}
}
Through my C# code i want to return either auto generated userId which my stored procedures returns to me or if user alrady exists than i want to return -1
Please tell how to do this?
Thanks in advance :)
Yes, you can use ExecuteScalar() and change
Print '-1'
into
Select -1 as NewID
First of all, you should use SELECT SCOPE_IDENTITY() inside your stored proc to retrieve the new ID value (##IDENTITY can return false results).
And yes, if you want to get the result back, you need to call either .ExecuteScalar() or .ExecuteReader() and then read that value back.
And while you're at it - I'd also recommend putting your SqlConnection and SqlCommand objects into using blocks - so instead of your code, use this:
using(con = new SqlConnection(connectionString))
using(cmd = new SqlCommand(con))
{
..... // put the rest of your code here
}
If you want to create an output parameter for your stored proc, and set it to the new key you can access it that way. ExecuteNonQuery will return the number of rows affected, so that can be used as well. Something like this:
cmd.Parameters.Add("#uniquID", SqlDbType.Int).Direction = ParameterDirection.Output;
// Your other code...
var result = cmd.ExecuteNonQuery();
// Your other code...
return (result == 1) ? (int)cmd.Parameters["#uniquID"].Value : -1;