I have a stored procedure which checks the username and the password from a SQL Server database table. The stored procedure returns 1 if the username and the password is correct or returns 0. Here is the code. Could you please tell me how can I get the 1 or 0 pls? The rdr.toString does not work.
SqlCommand cmd = new SqlCommand("sp_IsValidLogon", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("#Username", textBox1.Text));
cmd.Parameters.Add(new SqlParameter("#Password", textBox2.Text));
rdr = cmd.ExecuteReader();
label1.Text = rdr.ToString();
Try this
label1.Text=cmd.ExecuteScalar().ToString();
instead of this:
rdr = cmd.ExecuteReader();
label1.Text=rdr.ToString();
This should work fine:
if (rdr.Read())
label1.Text = rdr[0].ToString();
You first must call .Read() method once to "initialize" the data reader then take the value of the first field - assuming that's all your stored procedure returns, it will work.
You can do all of this without Reader though:
label1.Text = cmd.ExecuteScalar().ToString();
The ExecuteScalar() exists exactly for this purpose - read one single value from database.
If you are returning it from the sproc using the RETURN statement, then you need to add another INTEGER parameter to the SqlCommand in your .NET code with a ParameterDirection = ParameterDirection.ReturnValue.
Then after executing the sproc, just retrieve the value of that param from the SqlCommand.
Use ExecuteScalar insted. Example here:
http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.executescalar.aspx
I assume that your stored procedure has an actual "return" statement that returns 0 or 1. in that case, add a sqlparameter to your command with ParameterDirection set to "ReturnValue".
ExecuteNonQuery should work fine in this case.
ExecuteScalar returns the value of the first column of the first row. If you are not "returning" the 0 or 1 from the stored procedure as a query result, then that is not what you want.
However, without seeing your stored procedure code I can't tell which of the two approaches is the one you need.
Related
When I use this code below, I get a -1 returned from line
cmd.ExecuteNonQuery()
It may have something to do with InvalidCastException.
When we run this stored procedure manually in SSMS, it produces a SQL script in its output which we then copy and paste in a new window and run that to get what we want.
Any ideas of why it's not working from C#?
I knew the connection to the server is good.
using (SqlCommand cmd = new SqlCommand("dbo.sp_SSISCloneConfiguration", sqlConnection))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("#project", SqlDbType.VarChar).Value = projectName;
cmd.Parameters.Add("#destinationProject", SqlDbType.VarChar).Value = projectName;
cmd.ExecuteNonQuery();
}
Because ExecuteNonQuery() returns "The number of rows affected."
If you're expecting data as a result, you probably meant to use ExecuteReader() which returns "A SqlDataReader object", or perhaps ExecuteScalar() which returns "The first column of the first row in the result set, or a null reference if the result set is empty."
For example:
var result = cmd.ExecuteScalar();
Note that the type of result is object. So if "it produces a sql script in its output" then you would probably need to convert it to a string, for example:
var result = cmd.ExecuteScalar()?.ToString();
Note the ? operator being used, because ExecuteScalar() could return null.
I'm trying to pull data from an SQL variable in C# to use in another SQL query.
Basically I have a for loop that is running through a datagrid and inserting the data into a table which I need to be linked to #DataID in this query below. As it is in a different query I can't access it so I want to pull it out into a var.
What's the best way to go about this? already searched lots of options and not coming up with anything that works
The help is appreciated!
Cheers
string dartBoxQuery = #"DECLARE #DataID int;
INSERT INTO DartBox (DartBoxNumber, ReturnDate, Comments)
VALUES (#dbn, #rtndate, #cmmts)
SELECT #DataID = scope_identity();";
// set up the command before exec
SqlCommand cmd = new SqlCommand(dartBoxQuery, con);
//set parameters
cmd.Parameters.AddWithValue("#rtndate", dateTimePicker1.Text);
cmd.Parameters.AddWithValue("#dbn", textBox1.Text);
cmd.Parameters.AddWithValue("#cmmts", textBox2.Text);
// call SQL connection
con.Open();
// execute above query
cmd.ExecuteNonQuery();
//close connection
con.Close();
If you want to fetch #DataID back to the caller, there are 3 options:
declare an output parameter... presumably just moving #DataID to be an output parameter rather than a local variable; add an extra parameter and give it the direction of ParameterDirection.Output; after the ExecuteNonQuery, read out the value
at the end of your existing SQL, return #DataID; add an extra parameter and give it the direction of ParameterDirection.ReturnValue; after the ExecuteNonQuery, read out the value
at the end of your existing SQL, select #DataID; use ExecuteScalar and read out the return value
In this case, ExecuteScalar is probably the easiest option:
string dartBoxQuery = #"DECLARE #DataID int;
INSERT INTO DartBox (DartBoxNumber, ReturnDate, Comments)
VALUES (#dbn, #rtndate, #cmmts)
SELECT #DataID = scope_identity();
SELECT #DataID";
// set up the command before exec
SqlCommand cmd = new SqlCommand(dartBoxQuery, con);
//set parameters
cmd.Parameters.AddWithValue("#rtndate", dateTimePicker1.Text);
cmd.Parameters.AddWithValue("#dbn", textBox1.Text);
cmd.Parameters.AddWithValue("#cmmts", textBox2.Text);
// call SQL connection
con.Open();
// execute above query
var dataId = Convert.ToInt32(cmd.ExecuteScalar());
//close connection
con.Close();
In SQL:
INSERT INTO [dbo].[tblFiles]
([FullFilePath]
,[LastModified])
VALUES
('P:\test\test.csv',
null)
This will store the full path in the database :)
However, I need to do this in code.
SqlConnection connection = new SqlConnection(DatabaseHelper.ConnectionString);
connection.Open();
SqlCommand command = new SqlCommand( "stpInsertFile", connection);
command.CommandType = System.Data.CommandType.StoredProcedure;
command.Parameters.Add(new SqlParameter("#filepath", System.Data.SqlDbType.VarChar));
command.Parameters["#filepath"].Value = article.FullFilePath;
command.Parameters.Add(new SqlParameter( "#LastModified", System.Data.SqlDbType.DateTime));
command.Parameters["#LastModified"].Value = article.LastModified;
int newArticleID = Convert.ToInt32((decimal)command.ExecuteNonQuery());
command.Dispose();
connection.Close();
connection.Dispose();
return newArticleID;
With this all I get is 'P' in the full path column.
So I tried using LINQ and got the same result.
public int InsertArticleUsingLINQ(tblFile article) {
DataClassesDataContext context = new DataClassesDataContext();
tblFile newFileEntry = new tblFile();
newFileEntry.FullFilePath = article.FullFilePath;
newFileEntry.LastModified = article.LastModified;
context.tblFiles.InsertOnSubmit(newFileEntry);
context.SubmitChanges();
return newFileEntry.ID;
}
I'm not doing anything with the string before passing it to the database insert functions. I read that you need to escape the backslash but it seems to be escaping on the quote. Also read that you need an # symbol before the sql but how do you add this to a parameter?
warning: since you didn't share the stored procedure code this is just a wild guess.
did you set the size of the #filePath parameter in the definition of your stored procedure?
if you declare it as:
create procedure stpInsertFile
#filepath varchar,
#LastModified datetime
as
...
then you parameter is created as varchar(1) because of the default behaviour of varchar datatype and that would produce the result you get.please check reference documentation for char and varchar datatype on ms website.
if stpInsertFile is a Stored Procedure you will have to set in your code:
...
command.CommandType = CommandType.StoredProcedure;
else you have to set the query string in your command:
SqlCommand command = new SqlCommand( "INSERT INTO [dbo].[tblFiles] ([FullFilePath] [LastModified]) VALUES (#filepath,#LastModified)", connection);
...
Of the above options, the ADO code did not copy the full path, even with manually adding quotes. All I ever got was one character in the database.
On further inspection, the parameter was of type Varchar(1) !!! I changed this to Varchar(255) an it worked.
Note, the LINQ to SQL function did insert the full path as this was not using the Stored Procedure.
Apologies for the mistake.
I tried milions of methods to make scope identity work. It is just returns __Page !!
Query = "INSERT INTO seekers(name,sname,lname,status,gender,dob,major,experince,email,password,phone,valid,city) values(#name,#sname,#lname,#status,#gender,#dob,#major,#exp,#email,#password,#phone,0,#city);SELECT SCOPE_IDENTITY();";
// setting up command definition
Command = new SqlCommand(Query, Connection);
// setting up command parameters
Command.Parameters.AddWithValue("email", txt_email.Text);
Command.Parameters.AddWithValue("gender", lst_gender.SelectedValue);
Command.Parameters.AddWithValue("status", lst_status.SelectedValue);
Command.Parameters.AddWithValue("phone", long.Parse("968" + txt_phone.Text));
Command.Parameters.AddWithValue("password", txt_password.Text);
Command.Parameters.AddWithValue("exp", lst_exp.SelectedValue);
Command.Parameters.AddWithValue("city", lst_exp.SelectedValue);
Command.Parameters.AddWithValue("major", lst_major.SelectedValue);
Command.Parameters.AddWithValue("name", txt_name.Text);
Command.Parameters.AddWithValue("sname", txt_sname.Text);
Command.Parameters.AddWithValue("lname", txt_lname.Text);
Command.Parameters.AddWithValue("dob", cld_birth.SelectedDate);
int ID = (int)Command.ExecuteScalar();
Try Out Parameter as follow...
Query = "INSERT INTO seekers(name,sname,lname,status,gender,dob,major,experince,email,password,phone,valid,city) values(#name,#sname,#lname,#status,#gender,#dob,#major,#exp,#email,#password,#phone,0,#city);SET #ID=SCOPE_IDENTITY();"
//Your Parameters..
SqlParameter ID=new SqlParameter();
ID.Name="#ID";
ID.Direction=ParameterDirection.Output;
Command.Parameters.Add(ID);
Command.ExecuteNonQuery();
int id=(int)ID.Value;
or
Tryb to Cast Output as follow...
Query = "INSERT INTO seekers(name,sname,lname,status,gender,dob,major,experince,email,password,phone,valid,city) values(#name,#sname,#lname,#status,#gender,#dob,#major,#exp,#email,#password,#phone,0,#city);SELECT CAST(scope_identity() AS int);"
int id= (Int32)Command.ExecuteScalar();
use set nocount off and try
As First execute statement is insert the returned value is number of records effected
SCOPE_IDENTITY will return a decimal, try:
int ID = (int) (decimal) Command.ExecuteScalar();
It's not very clear what you mean by:
It is just returns __Page !!
Presumably the posted code is throwing an exception, and that's resulting in some higher level code doing whatever it is you mean by "... returns __Page".
If you look at the exception details, you'll find more about what happened: which I suspect is an InvalidCastException because you're trying to cast the object returned by Command.ExecuteScalar (a boxed decimal) to an int.
I've done some research before posting this question and I'm aware of the fact that when there's no data returned, ExecuteScalar will throw a System.NullReferenceException. That is why I modified my stored proc to "return 1" so there's guaranteed a return value. However, I'm still getting the NULL reference exception.
So I tried to use the SqlCommand to query a table that has data:
SqlCommand sqlCommand = new SqlCommand("SELECT * FROM ATableThatHasValues", conn)
When I ran execute scalar I was able to pick up a value so I know I have permission to query the database. I'm suspecting that this is some specific storeed proc permission setting that I missed?
I'd really appreciate any comment/suggestions as I've been stuck on this for a day now. :(
My code looks like this:
using (SqlConnection sqlConnection = new SqlConnection(connectionString))
{
sqlConnection.Open();
using (SqlCommand sqlCommand = new SqlCommand("GetSomeValue", sqlConnection))
{
sqlCommand.CommandType = CommandType.StoredProcedure;
//sqlCommand.Parameters.Add(new SqlParameter("#Id", this.ID));
//sqlCommand.Parameters.Add(new SqlParameter("#State", 1 /* active */));
byte retValue = (byte)sqlCommand.ExecuteScalar();
return retValue;
}
}
THANKS!
I'm just going to elaborate on what #gbn said. When you execute SQL code you can return information in three different ways, OUTPUT parameters, tabular data and/or a single RETURN value. Like #gbn said, RETURN values are essentially specialized OUTPUT parameters. ExecuteScalar only sees information from tabular data, namely the first column of the first row. If no tabular data is received when you call ExecuteScalar a null value is returned instead. If you try to do something with this null value then obviously you'll get a NRE.
Random guess
You are using RETURN so there is no dataset to read column 1, row 1 for ExecuteScalar
Use SELECT or OUTPUT parameters
Edit: Actually, not so random
RETURN 1 is not a result set: it's a "special" parameter
sqlCmd.Parameters.Add(New SqlParameter("RETURN_VALUE", SqlDbType.Int)).Direction = ParameterDirection.ReturnValue