I am sending some data from windows mobile to webservice. Now i want to write a method in webservice to insert those values into sql database . How to proceed. please help
What you want is a Restful web service. That link is your basic howto.
there is good book called practical database programming with visual c#.NET by ying bai.
//base class
public class SQLInsertBase
{
public bool SQLInsertOK;
public string SQLInsertError;
public string lat;
public string lon;
public string id;
public SQLInsertBase()
{
//
// TODO: Add constructor logic here
//
}
}
[WebMethod]
public SQLInsertBase GetSQLInsertCourse(string id,string lat,string lon)
{
string cmdString = "INSERT into Location values(#id,#latitude,#longitude)";
SqlConnection sqlConnection = new SqlConnection();
SQLInsertBase GetSQLResult = new SQLInsertBase();
SqlDataReader sqlReader;
GetSQLResult.SQLInsertOK = true;
sqlConnection = SQLConn();
if (sqlConnection == null)
{
GetSQLResult.SQLInsertError = "Database connection is failed";
ReportError1(GetSQLResult);
return null;
}
SqlCommand sqlCommand = new SqlCommand(cmdString, sqlConnection);
sqlCommand.CommandType = CommandType.Text;
sqlCommand.Parameters.Add("#id", SqlDbType.Text).Value = id;
sqlCommand.Parameters.Add("#latitude", SqlDbType.Text).Value = lat;
sqlCommand.Parameters.Add("#longitude", SqlDbType.Text).Value = lon;
int result = sqlCommand.ExecuteNonQuery();
// if (sqlReader.HasRows == true)
// FillCourseDetail(ref GetSQLResult, sqlReader);
if (result == 0)
{
GetSQLResult.SQLInsertError = "cannot update ";
ReportError1(GetSQLResult);
}
/* else
{
GetSQLResult.SQLInsertError = "No matched found";
ReportError1(GetSQLResult);
}*/
// sqlReader.Close();
sqlConnection.Close();
sqlCommand.Dispose();
return GetSQLResult;
}
protected SqlConnection SQLConn()
{
string cmdString = ConfigurationManager.ConnectionStrings["sql_conn"].ConnectionString;
SqlConnection conn = new SqlConnection();
conn.ConnectionString = cmdString;
conn.Open();
if (conn.State != System.Data.ConnectionState.Open)
{
MessageBox.Show("Database Open failed");
conn = null;
}
return conn;
}
protected void ReportError1(SQLInsertBase ErrSource)
{
ErrSource.SQLInsertOK = false;
MessageBox.Show(ErrSource.SQLInsertError);
}
You may want to look into Linq To SQL which does a nice job of encapsulating your stored procedures into c# methods so you can access your data. You can also use it to read and update tables, but I prefer stored procedures personally.
Related
I am new to .net and written the code to validate userid and password using sql stored procedure and code is below:
using System;
using System.Data;
using System.Data.SqlClient;
namespace *********
{
public static class DBHelper
{
public static bool ValidateUser(string userID, string password)
{
bool isCustomerExists = false;
string constr = "Data Source = ****-PC\\SQLEXPRESS; Initial Catalog = *******; Integrated Security = True";
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("Validate_User"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("#UserId", userID);
cmd.Parameters.AddWithValue("#Password", password);
cmd.Connection = con;
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.Read())
{
if (reader["UserID"] != DBNull.Value)
{
isCustomerExists = true;
}
}
con.Close();
}
}
return isCustomerExists;
}
internal static bool AddNewCustomer(Customer customer)
{
bool isCustomerCreated = false;
try
{
string constr = "Data Source = *****-PC\\SQLEXPRESS; Initial Catalog = *****; Integrated Security = True";
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("InserNewCustomer"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("#PFirstName", customer.FirstName);
cmd.Parameters.AddWithValue("#PLastName", customer.LastName);
cmd.Parameters.AddWithValue("#PLoginID", customer.LoginID);
cmd.Parameters.AddWithValue("#PCustomerPassword", customer.CustomerPassword);
cmd.Parameters.AddWithValue("#PConfirmCustomerPassword", customer.ConfirmCustomerPassword);
cmd.Parameters.AddWithValue("#PBirthday", customer.Birthday);
cmd.Parameters.AddWithValue("#PCustomerAddress", customer.CustomerAddress);
cmd.Connection = con;
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.RecordsAffected == 1)
{
isCustomerCreated = true;
}
con.Close();
}
}
}
catch (Exception ex)
{
isCustomerCreated = false;
}
return isCustomerCreated;
}
}
}
I want use the above code in MFC application project. Can anyone help me please. Thanks in advance.
It is a late reply but it may be useful for people learning mfc DB Connection.
Recently i got chance to Learn MFC and SQL Server Stored Procedure, i checked for many solutions and found this one i am sharing with you, Hope it will help.
I am Using VS2012 and SQL Server 2008.
I used your code data and tried to replicate your scenario.
Create Stored Procedures Accordingly in SQL.
bool ClassName::ValidateUser(string userID, string password)
{
bool isCustomerExists = false;
CDatabase database;
CString strConn;
strConn = L"Data Source = ****-PC\\SQLEXPRESS; Initial Catalog = *******; Integrated Security = True";
// your connection string, i was using ODBC Data source.
TRY
{
database.Open(NULL,0,0,strConn);
CRecordset recordset(&database);
CString strQuery;
strQuery.Format(L"{CALL Validate_User('%s','%s')}",userID,password);
recordset.Open(CRecordset::forwardOnly,strQuery,CRecordset::readOnly);
if(!recordset.IsBOF())
{
isCustomerExists = true;
}
recordset.Close();
database.Close();
}
CATCH(CDBException,e)
{
MessageBox(L"Exception: "+e->m_strError);
}
END_CATCH;
return isCustomerExists;
}
bool ClassName::AddNewCustomer(Customer customer)
{
bool isCustomerCreated;
CDatabase database;
CString strConn;
strConn = L"Data Source = ****-PC\\SQLEXPRESS; Initial Catalog = *******; Integrated Security = True";
//your connection string, i was using ODBC Data source.
TRY
{
database.Open(NULL,0,0,strConn);
CRecordset recordset(&database);
CString strQuery;
strQuery.Format(L"{CALL InserNewCustomer('%s','%s','%s','%s','%s','%s','%s')}",customer.FirstName,customer.LastName,customer.LoginID,customer.CustomerPassword,customer.ConfirmCustomerPassword,customer.Birthday,customer.CustomerAddress);
database.ExecuteSQL(strQuery);
isCustomerCreated = true;
database.Close();
}
CATCH(CDBException,e)
{
MessageBox(L"Exception: "+e->m_strError);
isCustomerCreated = false;
}
END_CATCH;
return isCustomerCreated;
}
If you have any doubts, you can ask me, i will try to solve it.
It is real easy to port this code to MFC. Take a look at CDatabase and CRecordset classes. You can also find the following article helpful: http://www.codeguru.com/cpp/data/mfc_database/storedprocedures/article.php/c1167/Calling-Stored-Procedures.htm
_T("{CALL your_sp_name(param list)}" is the only syntax that works for the CRecordset if the sp returns a result set, pay close attention to braces {} and ()
I am missing something very simple. I have a form with 5 textBox and want to fill them with the data from the SQL Server database. Here is what I have so far:
As I debug this code line by line it returns to the calling block at the connection.open() line.
public void Get_Contact_Info()
{
using (DataAccessClass.sql_Connection)
{
string SQL = "SELECT * FROM Customer_Contacts WHERE Contact_ID = #contact_Id";
SqlCommand sqlCommand = new SqlCommand(SQL, DataAccessClass.sql_Connection);
sqlCommand.Parameters.AddWithValue("#Contact_Id", contact_Id);
sqlCommand.Parameters.AddWithValue("#Contact_Direct_Number", contact_Direct_NumberTextBox);
sqlCommand.Parameters.AddWithValue("#Contact_Cell_Number", contact_Cell_NumberTextBox);
sqlCommand.Parameters.AddWithValue("#Contact_Email", contact_EmailTextBox);
sqlCommand.Parameters.AddWithValue("#Contact_Department", contact_DepartmentTextBox);
DataAccessClass.sql_Connection.Open();
using (SqlDataReader sqlDataReader = sqlCommand.ExecuteReader())
{
while (sqlDataReader.Read())
{
contact_Id = sqlDataReader["Contact_ID"].ToString();
}
DataAccessClass.sql_Connection.Close();
}
}
}
I have been doing a pretty good job of getting info from the user and saving it to the SQL Server DataTable but know I want to get some out so that I can edit the info.
Any help will be gratefully appreciated.
Here is my DataAccessClass
public static class DataAccessClass
{
static SqlConnection sqlConnection = new SqlConnection();
public static SqlConnection sql_Connection
{
get { return sqlConnection; }
}
public static void OpenConnection()
{
string sqlString = Properties.Settings.Default.ConnectionString;
sqlConnection.ConnectionString = sqlString;
sqlConnection.Open();
}
public static void CloseConnection()
{
sqlConnection.Close();
}
}
Here is how I am calling Get_Contact_Info.
private void Customer_Add_Contact_Form_Load(object sender, EventArgs e)
{
this.customer_ContactsBindingSource.AddNew();
if (contact_Id == null)
{
contact_NameTextBox.Select();
}
else
{
Get_Contact_Info();
}
}
From a DataGridView I am selecting a row and passing customer_ID to the Customer_Add_Contact_Form so that I can edit the contact information. Here is the code for this step:
DataGridViewRow row = customer_ContactsDataGridView.CurrentCell.OwningRow;
string contact_ID = row.Cells[0].Value.ToString();
string customer_Ship_ID = null;
using (Form Customer_Add_Contact_Form = new Customer_Add_Contact_Form(customer_Ship_ID, contact_ID))
As discussed here it is better to let connection pooling manage the connections, so you can simplify your code to:
public void Get_Contact_Info()
{
using (var connection = new SqlConnection(roperties.Settings.Default.ConnectionString))
{
connection.Open();
var SQL = "SELECT * FROM Customer_Contacts WHERE Contact_ID = #contact_Id";
var sqlCommand = new SqlCommand(SQL, connection);
sqlCommand.Parameters.AddWithValue("#Contact_Id", contact_Id);
using (var sqlDataReader = sqlCommand.ExecuteReader())
{
while (sqlDataReader.Read())
{
contact_Id = sqlDataReader["Contact_ID"].ToString();
TextBoxName.Text = sqlDataReader["Contact_Name"].ToString();
//etc ...
}
}
}
}
I have removed unused parameters and created a new connection. Possibly you tried to open a connection using .Open() without initializing it with a connections string (is it roperties?)
Im a beginner to C# (.net of course) and for my final year project im developing a payroll system. Now I have some issues regarding ado.net sql connection object.
To keep the connection string centrally I have used a separate class call db. Taking another step to this centralization thinking, I've initialized the connection object also centrally in this db class as follows.
class db
{
string connectionString = ("connection string will be here...");
public SqlConnection GetConn()
{
SqlConnection NewConn = new SqlConnection(connectionString);
return NewConn;
}
}
Now Im using this connection object as follows in my application...
I just want to know whether I would face issues in future because of this practice and also appreciate if one of experts could explain me what is the best practice in this regard.
Thanks in advance
class client
{
db NewDB = new db(); // db class is instantiated...
SqlConnection newCon; // object referece newConn is created...
//Method to insert new clients to 'client' table
public void addNewClient(DateTime entDate, client NewClient)
{
try
{
newCon = NewDB.GetConn(); // connection object is assigned to newCon... but this is optional and I put this for the clarity
string CommandString = "INSERT INTO client(Client_Name, C_Add, Contact_Person, C_Mob_No, C_Tel_No, Remarks, Ent_Date)" +
" VALUES (#CName, #CAdd, #CPerson, #CMob, #CTel, #Remarks, #entDate)";
SqlCommand SqlCom = new SqlCommand();
SqlCom.CommandText = CommandString;
SqlCom.Parameters.Add("#CName", SqlDbType.VarChar).Value = NewClient.CName;
SqlCom.Parameters.Add("#CAdd", SqlDbType.VarChar).Value = NewClient.CAdd;
SqlCom.Parameters.Add("#CPerson", SqlDbType.VarChar).Value = NewClient.CPerson;
SqlCom.Parameters.Add("#CMob", SqlDbType.Char).Value = NewClient.CMob;
SqlCom.Parameters.Add("#CTel", SqlDbType.Char).Value = NewClient.CTel;
SqlCom.Parameters.Add("#Remarks", SqlDbType.VarChar).Value = NewClient.Remarks;
SqlCom.Parameters.Add("#entDate", SqlDbType.Date).Value = entDate;
SqlCom.Connection = newCon;
newCon.Open();
SqlCom.ExecuteNonQuery();
}
catch
{
throw;
}
finally
{
newCon.Close(); // newCon object is global to entire class so can call its close method.
}
}
}
You don't need to use global connection object. Your db connections are stored in connection pool. So you won't run out of connections. Read more about connections pooling.
Looking at your client class it is bad practice to write raw SQl in the code. It is better practice to write a stored procedure and call it from the code passing the parameters.
public void addNewClient(DateTime entDate, client NewClient)
{
try
{
newCon = NewDB.GetConn(); // create connection
conn.Open(); //open connection
// create a command object identifying the stored procedure
SqlCommand SqlCom = new SqlCommand("Store Procedure name", newConn);
// add parameter to sql command, which is passed to the stored procedure
SqlCom .Parameters.Add(new SqlParameter("#CName", NewClient.CName));
// Rest of parameters
// execute the command
cmd.ExecuteReader();
}
}
Creating a class to store the connection is good practice. However you could expand on this further.
public struct slqParameters
{
public object ParamData { get; set; }
public string ParamKey { get; set; }
public SqlDbType ParamDatabaseType { get; set; }
public int ParamSize { get; set; }
}
class db
{
private string connectionString = ("connection string will be here...");
public static void ExecuteStoreProcedure(string ProcedureName, ref slqParameters[] CommandParameters)
{
string str_ConnectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
try
{
using (SqlConnection sqlConnection = new SqlConnection(str_ConnectionString))
{
using (SqlCommand sqlCommand = new SqlCommand(sProcedureName, sqlConnection) { CommandType = CommandType.StoredProcedure })
{
// Add all the parameters to the sql command.
foreach (slqParametersParameter in CommandParameters)
{
// Add a parameter
sqlCommand.Parameters.Add(new SqlParameter(Parameter.ParamKey, Parameter._ParamDatabaseType , Parameter._ParamSize ) { Value = Parameter.ParamData });
}
sqlConnection.Open();
DataTable dtTable = new DataTable();
sqlCommand.ExecuteReader())
}
}
}
catch (Exception error)
{
throw error;
}
}
}
This is only a ruff guide as i have not tested it yet but it should work
To use it on your page
Public SomeMethod()
{
slqParameters[] parameters = new Parameters[1]
{
new sqlParameters{ ParamData = , paramKey = "#CName", ParamDatabaseType = NewClient.CName}
};
db.ExecuteStoreProcedure("Store Procedure name", parameters);
}
I am trying to add Sql Parameters to my project but i have the database connections in a class. How would i go about adding them as the code is trying to read employerId as a column name
I have this code in a class to read and return from a database:
public SqlDataReader ExecuteQuery(String query)
{
SqlCommand cmd = new SqlCommand(query,sqlConn);
SqlDataReader reader = cmd.ExecuteReader();
return reader;
}
and this code in a web service:
[WebMethod]
public string CheckTime1(string employerId)
{
try
{
UseDatabase useDb = new UseDatabase("database.mdf");
string queryString = "SELECT * FROM [employer] WHERE [employerId] =" + employerId;
useDb.ConnectToDatabase();
SqlDataReader dbReader = useDb.ExecuteQuery(queryString);
if (dbReader != null && dbReader.HasRows)
{
return "RECORDS EXIST";
}
else if (dbReader == null)
{
return "RECORDS DONT EXIST";
}
else
{
return "Error";
}
useDb.DisconectDatabase();
}
catch (Exception exq)
{
return exq.ToString(); ;
}
}
Although I strongly encourage you to rethink your data access layer from scratch, here is an easy solution to your problem:
public SqlDataReader ExecuteQuery(String query, params object[] p)
{
SqlCommand cmd = new SqlCommand(query, sqlConn);
for (int i = 0; i < p.Length; i++)
{
cmd.Parameters.Add(new SqlParameter("#p"+i, p[i]));
}
SqlDataReader reader = cmd.ExecuteReader();
return reader;
}
Then call it like this:
public string CheckTime1(string employerId)
{
...
string queryString = "SELECT * FROM [employer] WHERE [employerId] = #p0";
SqlDataReader dbReader = useDb.ExecuteQuery(queryString, employerId);
...
}
private void button1_Click(object sender, EventArgs e)
{
try
{
SqlConnection conn = new SqlConnection();
conn.ConnectionString = "Data Source=*******;Initial Catalog=ChatApp;User ID=Chatapplication;Password=****";
conn.Open();
SqlCommand cmd = new SqlCommand();
string chatroomidno = textBox1.Text;
string chatroomname = textBox2.Text;
//cmd.CommandText = "Select ChatRoomID=#ChatRoomID,ChatRoomName=#ChatRoomName from tblChatRoom";
//cmd.Connection = conn;
SqlDataAdapter adapt = new SqlDataAdapter("Chatroomapp",conn);
adapt.SelectCommand.CommandType = CommandType.StoredProcedure;
DataSet ds=new DataSet();
DataTable dt = new DataTable();
adapt.SelectCommand.Parameters.Add(new SqlParameter("#ChatRoomID", SqlDbType.VarChar, 100));
adapt.SelectCommand.Parameters["#ChatRoomID"].Value = chatroomidno;
adapt.SelectCommand.Parameters.Add(new SqlParameter("#ChatRoomName", SqlDbType.VarChar, 50));
adapt.SelectCommand.Parameters["#ChatRoomName"].Value = chatroomname;
adapt.Fill(ds, "tblChatRoom");
if (dt.Rows.Count > 0)
{
MessageBox.Show("Connection Succedded");
}
else
{
MessageBox.Show("Connection Fails");
}
}
catch (Exception ex)
{
MessageBox.Show("Error", ex.Message);
}
}
While compiling the program I got only connection fails message box, in the database. I found correct, how to overcome the program to get the connection succeeded message box.
Well, you're filling the ds data set - but then you're checking the dt data table for presence of rows... that's never going to work, of course!
If you only need a single DataTable - just use and fill that data table alone - no need for the overhead of a DataSet. Also, put your SqlConnection and SqlCommand into using blocks like this:
using (SqlConnection conn = new SqlConnection("Data Source=*******;Initial Catalog=ChatApp;User ID=Chatapplication;Password=****"))
using (SqlCommand cmd = new SqlCommand("Chatroomapp", conn))
{
string chatroomidno = textBox1.Text;
string chatroomname = textBox2.Text;
SqlDataAdapter adapt = new SqlDataAdapter(cmd);
adapt.SelectCommand.CommandType = CommandType.StoredProcedure;
adapt.SelectCommand.Parameters.Add(new SqlParameter("#ChatRoomID", SqlDbType.VarChar, 100));
adapt.SelectCommand.Parameters["#ChatRoomID"].Value = chatroomidno;
adapt.SelectCommand.Parameters.Add(new SqlParameter("#ChatRoomName", SqlDbType.VarChar, 50));
adapt.SelectCommand.Parameters["#ChatRoomName"].Value = chatroomname;
// fill the data table - no need to explicitly call `conn.Open()` -
// the SqlDataAdapter automatically does this (and closes the connection, too)
DataTable dt = new DataTable();
adapt.Fill(dt);
if (dt.Rows.Count > 0)
{
MessageBox.Show("Connection Succedded");
}
else
{
MessageBox.Show("Connection Fails");
}
}
And just because you get back no rows in dt.Rows doesn't necessarily mean that your connection failed..... it could just be that there are no rows that match your search critieria! The connection worked just fine - but the SQL command just didn't return any rows.
Connection failed means that something went wrong between your program and the database. No records returned does not mean that the connection failed. It just means that your table is empty - it contains no records.
Using ADO.NET and a stored procedures would have been a little different from what you have done it. If you need to check if the connection failed, maybe it is better to check the type of exception that is returned in the catch part.
Below is how I would have done it. I would have created a separate method that would have handled my call, and then in your button1_Click I would have just called this method:
public async Task<ChatRoom> GetAsync(string chatRoomId, string chatRoomName)
{
try
{
string connectionString = ConfigurationManager.ConnectionStrings["Db"].ConnectionString;
using (SqlConnection sqlConnection = new SqlConnection(connectionString))
{
await sqlConnection.OpenAsync();
using (SqlCommand sqlCommand = new SqlCommand("ChatRooms_Get", sqlConnection))
{
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.Parameters.Add(new SqlParameter("#ChatRoomID", chatRoomId));
sqlCommand.Parameters.Add(new SqlParameter("#ChatRoomName", chatRoomName));
using (SqlDataReader sqlDataReader = await sqlCommand.ExecuteReaderAsync())
{
ChatRoom chatRoom = null;
if (await sqlDataReader.ReadAsync())
{
chatRoom = new ChatRoom();
chatRoom.Id = sqlDataReader.GetFieldValue<string>(0);
chatRoom.Name = sqlDataReader.GetFieldValue<string>(1);
chatRooms.Add(chatRoom);
}
return chatRoom;
}
}
}
}
catch (Exception exception)
{
// Try checking if the connection failed here
throw exception;
}
}
My chat room domain model could have looked like this:
public class ChatRoom
{
public string Id { get; set; }
public string Name { get; set; }
}
And the stored procedure would have looked like this:
CREATE PROCEDURE [dbo].[ChatRooms_Get]
(
#ChatRoomID VARCHAR(100),
#ChatRoomName VARCHAR(50)
)
AS
BEGIN
SET NOCOUNT ON;
SELECT
ChatRoomID,
ChatRoomName
FROM
tblChatRoom
WHERE
ChatRoomID = #ChatRoomID
AND ChatRoomName = #ChatRoomName;
END
GO
And then in the calling method you would get the chatroom and do with it whatever you need to do with it. For this example I just checked if it exists or not:
try
{
ChatRoom chatRoom = await chatRoomRepository.GetAsync(chatRoomId, chatRoomName);
if (chatRoom != null)
{
MessageBox.Show("Record found");
}
else
{
MessageBox.Show("No record found");
}
}
catch (Exception exception)
{
throw exception;
}
I hope this can help.