Hello,
After doing a couple small projects where I concatenated my SQL queries, I decided I needed to finally bite the bullet and do this the right way with parameters.
What I have so far is code that can insert to the DB, and gets the ID returned of the row that was just inserted. That DBID gets stored for later use by another part of my program.
So my question is, if I want to do a "SELECT someColumn FROM someTable WHERE DBID=theOneFromEarlier", is it correct to somehow do a SQL parameter on the DBID I'm passing, or at this point is it OK to simply concatenate that variable into my SQL statement?
If passing DBID as a parameter is still correct, how is that done when my end result is reading data? I know I could do it the same way I returned the DBID from my INSERT statement (Setting up a new SqlParameter, setting it's direction to output, etc) but this seems like I *lot* of overhead if I were setting it up for 15 fields I needed returned?
If it's standard practice to concatenate at this point, I can do that fine and get myself a DataReader as I was doing before with no problems. Any advice is much appreciated!
Maxx
5  1056 
You can select the max id in a query after you run the insert statement. I assume you execute your queries in try catch block. HTH.
Plater 7,872
Recognized Expert Expert
You can use the DBID as a parameter in your 2nd query if you want, but instead of using .ExecuteNonQuery(), you would probably want to use an SqlDataAdapter and have it .Fill() a DataTable for you.
You can use concat for SQL if u make it safe from sql-injections wich isnt that hard... I usally just make an static method in my DB class.
all you need to do is put ' around string and remove ' inside of string so this will work out:
" ' " + strInput.Replace(" ' ","") + " ' " (dont use white space in replace just did that now so you could read it)
Cheers
Krille
Plater 7,872
Recognized Expert Expert
If you wanted to keep the ' in data (sometimes it's important) you would escape it with '' (that is two single quotes, not a double quote)
For Google sake, here was the final solution I decided works for me:
SqlConnection myConnection = new SqlConnection(myConnectionString);
SqlCommand myCommand = new SqlCommand();
myConnection.Open();
myCommand.Connection = myConnection;
myCommand.CommandText =
"SELECT vendorName,vendorContact FROM venderList WHERE ID=@DBID;";
myCommand.Parameters.Add("@DBID", SqlDbType.Int).Value = myDBID;
SqlDataReader myReader = myCommand.ExecuteReader();
myReader.Read();
Hope that helps anyone else looking for this sort of thing. If anyone else has anything to add/correct, feel free. Thanks for the help everyone!
Maxx
Sign in to post your reply or Sign up for a free account.
Similar topics | |
by: softwareengineer2006 |
last post by:
All Interview Questions And Answers
10000 Interview Questions And Answers(C,C++,JAVA,DOTNET,Oracle,SAP)
I have listed over 10000 interview questions asked
in interview/placement test papers for...
|
by: connectrajesh |
last post by:
INTERVIEWINFO.NET
http://www.interviewinfo.net
FREE WEB SITE AND SERVICE FOR JOB SEEKERS /FRESH GRADUATES
NO ADVERTISEMENT
|
by: freepdfforjobs |
last post by:
Full eBook with 4000 C#, JAVA,.NET and SQL Server Interview questions
http://www.questpond.com/SampleInterviewQuestionBook.zip
Download the JAVA , .NET and SQL Server interview sheet and rate...
|
by: Drew |
last post by:
I posted this to the asp.db group, but it doesn't look like there is much
activity on there, also I noticed that there are a bunch of posts on here
pertaining to database and asp. Sorry for...
|
by: Krypto |
last post by:
Hi,
I have used Python for a couple of projects last year and I found it
extremely useful. I could write two middle size projects in 2-3 months
(part time). Right now I am a bit rusty and trying...
| | |
by: ramu |
last post by:
C# Interview Questions and Answers8
http://allinterviewsbooks.blogspot.com/2008/07/c-interview-questions-and-answers8.html
C# Interview Questions and Answers7...
|
by: ramu |
last post by:
C# Interview Questions and Answers8
http://allinterviewsbooks.blogspot.com/2008/07/c-interview-questions-and-answers8.html
C# Interview Questions and Answers7...
|
by: ramu |
last post by:
C# Interview Questions and Answers8
http://allinterviewsbooks.blogspot.com/2008/07/c-interview-questions-and-answers8.html
C# Interview Questions and Answers7...
|
by: reema |
last post by:
EJB Interview Questions
http://interviewdoor.com/technical/EJB-Interview-Questions.htm
CSS Interview Questions
http://interviewdoor.com/technical/CSS-Interview-Questions.htm
C Interview Questions...
|
by: reema |
last post by:
EJB Interview Questions
http://interviewdoor.com/technical/EJB-Interview-Questions.htm
CSS Interview Questions
http://interviewdoor.com/technical/CSS-Interview-Questions.htm
C Interview Questions...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
| |
