Update:
I tried to run this on a local instance of sql-server and sadly it worked!!!
now I know that the code is right and there is some kind of DBA restriction I need to find (and ask the DBA to remove)
Any ideas?
using System;
using System.Collections.Generic;
using System.Text;
using System.Data.SqlClient;
using System.Data;
namespace testDBMessages
{
public class CGeneral
{
// Declare and instantiate connection
private static Form1 caller;
public CGeneral(Form1 caller1)
{
caller = caller1;
string connString = "server=(local)\\SQLEXPRESS;database=tests;Integrated Security=SSPI";
SqlConnection cn = new SqlConnection(connString);
cn.InfoMessage += new SqlInfoMessageEventHandler(CnInfoMessage);
cn.FireInfoMessageEventOnUserErrors = true;
SqlCommand cmd = new SqlCommand();
String sql = "dbo.fillTables";
cmd.Connection = cn;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = sql;
cmd.Parameters.Add(new SqlParameter("#test", 6));
try
{
cn.Open();
SqlDataReader sdr;
sdr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (SqlException ex)
{
Console.WriteLine(ex.Message);
}
finally
{
cn.Close();
}
}
static void CnInfoMessage(object sender, SqlInfoMessageEventArgs ev)
{
foreach (SqlError err in ev.Errors)
{
Console.WriteLine("Message- " + err.Message);
caller.addMessage(err.Message);
}
}
}
}
form code
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
namespace testDBMessages
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
CGeneral a = new CGeneral(this);
}
private void Form1_Load(object sender, EventArgs e)
{
Application.DoEvents();
}
public void addMessage(string msg)
{
listView1.Items.Add(msg);
listView1.Refresh();
}
}
}
stored procedure
ALTER PROCEDURE [dbo].[fillTables]
(
#test smallint
)
AS
BEGIN
declare #counter as int
SET #counter=1
while #counter<100
BEGIN
Insert into tests.dbo.tToFill (id,description,testNum)
Values (#counter,'test_1',#test)
RAISERROR ('RECORD NUM %d',10,1,#counter)
SET #counter=#counter+1
END
END
GO
Does the user that you connect to your database as using the Integrated security have EXECUTE permission on the stored procedure (dbo.filltables) as that indicates only dbo (database owner) has full permissions on the procedure.
You will need to grant permissions for anyone that wants to use it. Be careful of granting EVERYONE the right if security is a concern.
Your RAISERROR with severity of 10 is classed as a warning so does not flow to client code.
Use 16, which is defined as "Indicates general errors that can be corrected by the user"
(Edit) I'm sure that used to be different...
RAISERROR ('RECORD NUM %d',16,1,#counter)
Related
Sorry to be asking this I know there are many other questions and have tried to use the solutions provided but I just cannot get my code to work. Thanks for looking!
Connection String as shown in Properties:
Data
Source=(LocalDB)\v11.0;AttachDbFilename="C:\Users\Jacob\Documents\Visual
Studio
2013\Projects\WindowsFormsApplication2\WindowsFormsApplication2\ChatDB.mdf";Integrated
Security=True
Connection string in app.config:
Data
Source=(LocalDB)\v11.0;AttachDbFilename=|DataDirectory|\ChatDB.mdf;Integrated
Security=True
Error: An unhandled exception of type 'System.Data.SqlClient.SqlException' occurred in System.Data.dll
Additional information: Incorrect syntax near the keyword 'User'.
Code:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
//NC-1 More namespaces.
using System.Data.SqlClient;
using System.Configuration;
namespace WindowsFormsApplication2
{
public partial class SignUp : Form
{
string connstr = ConfigurationManager.ConnectionStrings["WindowsFormsApplication2.Properties.Settings.ChatDBConnectionString"].ToString();
public SignUp()
{
InitializeComponent();
}
private void label1_Click(object sender, EventArgs e)
{
}
private void SubmitBtn_Click(object sender, EventArgs e)
{
string Name = NameText.Text;
string Pwd = PwdText.Text;
//make sure they have entered text
if (Name.Length > 0 && Pwd.Length > 0)
{
SqlConnection conn = new SqlConnection(connstr);
//NC-10 try-catch-finally
try
{
//NC-11 Open the connection.
conn.Open();
SqlCommand insert = new SqlCommand();
insert.Connection = conn;
insert.CommandText = "INSERT INTO [User] (Name,Password) VALUES ('" + Name + "','" + Pwd + "')";
insert.ExecuteNonQuery();
MessageBox.Show("Congrats!!!");
}
catch
{
//NC-14 A simple catch.
MessageBox.Show("User was not returned. Account could not be created.");
}
finally
{
//NC-15 Close the connection.
conn.Close();
}
}
//if no text make them enter
else
{
MessageBox.Show("Please enter Text in both fields.");
}
}
}
}
Again thank you for looking.
The problem is your SQL Query because you use a Reserved Keywords
Try to change your table name to tblUser.
I also suggest to use a parameterize query to prevent future SQL injection: (For Example)
#"INSERT INTO [User] (Name,Password) VALUES (#Name, #Password);"
I am working with C# (visual studio 2012 professional) and Mysql . I trying to create a login form, where a user needs to insert the username and password:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using MySql.Data.MySqlClient;
namespace Dark_Heresy
{
public partial class Login_Menu : Form
{
private MySqlConnection connection = new MySqlConnection();
public Login_Menu()
{
InitializeComponent();
TextPassword.PasswordChar = '*';
}
private void Form1_Load(object sender, EventArgs e)
{
}
private void btn_Login_Click(object sender, EventArgs e)
{
try
{
string connectionString = "datasource = localhost; port = 3306; username = root; password = Mypass;";
using(MySqlConnection myConn = new MySqlConnection(connectionString))
using(MySqlCommand selectCommand = new MySqlCommand())
{
selectCommand.CommandText = ("SELECT COUNT(1) FROM dark_heresy.users WHERE users_=#User and password_=#Password;");
selectCommand.Connection = myConn;
selectCommand.Parameters.Add(new MySqlParameter("User", MySqlDbType.VarChar).Value = TextUserName.Text);
selectCommand.Parameters.Add(new MySqlParameter("Password", MySqlDbType.VarChar).Value = TextPassword.Text);
myConn.Open();
var ret = selectCommand.ExecuteScalar();
var count = Convert.ToInt32(ret);
if (count == 1)
{
this.Hide();
Menu mn = new Menu();
mn.ShowDialog();
}
else if (count > 1)
{
MessageBox.Show("Duplication of Username and Password... Access Denied");
}
else
{
MessageBox.Show("Incorrect Username and/or Password");
}
}
}
catch (Exception exp)
{
MessageBox.Show("Error: \r\n" + exp);
}
}
}
}
I don't get any syntax errors, but when i run this code i recieve this error:
MySql.Data.MySqlClient.MySqlException(0x80004005):
Only MySqlParameter objects may be stored at MySql.Data.MySqlClient.MySqlParameterCollection.Add(Object value)
at Dark_Heresy.Login_Menu.btn_Login_Click(Object sender, EventArgs e)
I know for security reason is it a better idea to use mysql.user table instead of dark_heresy.users table for user check, but right now is for testing purpose.
What is wrong with the code?
it says there is an error in line 39
I think your parameter syntax is wrong.
= operator returns the right side value also instead of just assigning. That's why;
new MySqlParameter("User", MySqlDbType.VarChar).Value = TextUserName.Text;
expression returns TextUserName.Text as a value and your parameter part will be like;
selectCommand.Parameters.Add(TextUserName.Text);
The right syntax seems;
selectCommand.Parameters.Add("#User", MySqlDbType.VarChar).Value = TextUserName.Text;
selectCommand.Parameters.Add("#Password", MySqlDbType.VarChar).Value = TextPassword.Text;
And please, don't store your passwords as a plain text.
Read: Best way to store password in database
I would like to know what's the problem, or your advice to connect to Oracle. I'm trying with this but when I try to insert values, it doesn't work.
I'm using the Visual Web Developer 2008 and when I add a database on Database Explorer connections, it's working. But when I try to connect via this connection string, it doesn't work. What am I missing?
I don't get an exception, so apparently it's working well. But this code apparently doesn't insert! The id column is a varchar(45). I created the table "test" just for testing purposes.
using System.Data;
using System.Data.OracleClient;
public partial class _Default : System.Web.UI.Page
{
//string oradb = "Data Source=localhost;User ID=root;Password=jesua;Unicode=True;";
String oracle = "User ID=root;Password=jesua;Unicode=True;Data Source=localhost;";
OracleConnection con = new OracleConnection();
public void Conectar() {
try
{
con.Close();
con.ConnectionString = oracle;
con.Open();
}
catch(Exception ex){
throw new Exception("No Conecto " + ex);
}
}
public void desconectar() {
// con.ConnectionString = oracle;
con.Close();
}
public void agregar() {
this.Conectar();
OracleCommand query = new OracleCommand("INSERT INTO testing (id) VALUES ('testing')");
query.ExecuteNonQuery();
desconectar();
}
protected void Button1_Click(object sender, EventArgs e)
{
try {
agregar();
}
catch(Exception ex){
Console.Write("No agrego " + ex);
}
TextBox1.Text = "Conected";
}
}
--------------------------UPDATE------------------
So,
i found the way to do that,
i hope anyone here can use this code in a future...
This code creates the connection betwen Oracle and asp.net C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using Oracle.DataAccess.Client; // ODP.NET Oracle managed provider
using Oracle.DataAccess.Types;
namespace proyecto
{
public partial class WebForm1 : System.Web.UI.Page
{
public void dbconnect() {
string oradb = "Data Source=localhost;User ID={Yoir ID};Password={Your Password};";
OracleConnection conn = new OracleConnection(oradb); // C#
conn.Open();
OracleCommand cmd = new OracleCommand();
cmd.Connection = conn;
cmd.CommandText = "INSERT INTO TESTING(id) VALUES ('valor')";
int rowsUpdated = cmd.ExecuteNonQuery();
if (rowsUpdated == 0)
Console.Write("Record not inserted");
else
Console.Write("Success!");
conn.Dispose();
}
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
this.dbconnect();
}
}
}
Good Luck!
The connection string that works for me is
connectionString="Data Source=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1522))
(CONNECT_DATA=(SERVICE_NAME=XE)));User Id=system;Password=pass;"
providerName="Oracle.DataAccess.Client"/>
It seems that you are missing the Service Name and Provider Name. You can find the service name in tnsnames.ora file which will be in your installation directory. Also make sure you have installed ODP.NET for Oracle 11g correctly, added reference to the Oracle.DataAccess.dll into your project and add the Provider Name in the connection string.
I have created a database using SQL Server Management Studio and am now trying to edit that database using Visual Studio Express 2012. I have connected the database to Visual Studio and can see my database but I have not been able to edit the database stored in Management Studio using Visual Studio. I have created a form and am trying to insert what is entered into textbox1 into a specific cell on my database after the user defines the column name and row (using the primary key in my DB) with textbox2 and textbox3. What code can I use to perform this action? So far I have had no luck. Thank you in advance for you help.
This is my current code:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Data.Sql;
using Microsoft.SqlServer.Server;
using System.Data.Linq;
using System.Data.Linq.Mapping;
namespace WindowsFormsApplication1
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
SqlConnection myConnectionString = new SqlConnection("Data Source=Server Catalog=DataBase;Integrated Security=True");
SqlCommand command = new SqlCommand();
private void maskedTextBox1_MaskInputRejected(object sender, MaskInputRejectedEventArgs e)
{
}
private void button3_Click(object sender, EventArgs e)
{
try
{
using (SqlConnection dbConnection = new SqlConnection()) // the "using" construct will close and dispose of the connection
{
dbConnection.ConnectionString = ("Data Source=Server ;Initial Catalog=Database;Integrated Security=True");
dbConnection.Open();
maskedTextBox1.Clear();
dateTimePicker1.Value = DateTime.Now.AddDays(0);
comboBox1.SelectedIndex = -1;
String username = comboBox2.Text;
using (SqlCommand command = new SqlCommand("INSERT INTO [Table Name] (Column Name) VALUES ([Parm1])", dbConnection))
{
command.Parameters.AddWithValue("Parm1", username);
command.ExecuteNonQuery();
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
private void button1_Click(object sender, EventArgs e)
{
this.Close();
}
private void button2_Click(object sender, EventArgs e)
{
//Close the Window
this.Close();
}
private void label4_Click(object sender, EventArgs e)
{
}
private void comboBox1_DataSourceChanged(object sender, EventArgs e)
{
}
private void button4_Click(object sender, EventArgs e)
{
myConnectionString.Open();
MessageBox.Show("Sql is connected");
myConnectionString.Close();
}
}
}
The VALUES clause should specify a parameter and that parameter should be specified when adding the parameter value. Try substituting the following:
String sqlquery = "INSERT INTO [Man Power] ([Person_Performing_Phase_2]) VALUES ([Parm1])";
SqlCommand command = new SqlCommand(sqlquery, con);
command.Parameters.AddWithValue("Parm1", username);
EDIT
Your connection string is incorrectly formed. I believe the following format is appropriate for your current needs:
String myConnectionString = Server=myServerAddress;Database=myDataBase;Trusted_Connection=True;
I would use the following code for inserting data, which opens and closes the connection for each operation. Note the "command.ExecuteNonQuery" statement - its omission is why your insert failed to work - although I am unsure why opening the connection did not throw an error.
private void button3_Click(object sender, EventArgs e)
{
try
{
using (SqlConnection dbConnection = new SqlConnection()) // the "using" construct will close and dispose of the connection
{
dbConnection.ConnectionString = myConnectionString;
dbConnection.Open();
maskedTextBox1.Clear();
dateTimePicker1.Value = DateTime.Now.AddDays(0);
comboBox1.SelectedIndex = -1;
String username = comboBox2.Text;
using (SqlCommand command = new SqlCommand("INSERT INTO [Man Power] ([Person_Performing_Phase_2]) VALUES ([Parm1])", dbConnection))
{
command.Parameters.AddWithValue("Parm1", username);
command.ExecuteNonQuery();
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
You should also remove all other _Click methods and replace the connection and command statement with the myConnectionString assignement.
I have some problems using OracleDependency.
I've read docs on msdn and oracle and copy some code to try it.
However this is not working, the event on_my_event doesn't fire when the insert is done.
Does anyone know why ?
My user has CHANGE NOTIFICATION rights on the database. Oracle Server is 11.2.0.3.0.
Here is the code :
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using Oracle.DataAccess.Client;
namespace WindowsFormsApplication1
{
public partial class Form1 : Form
{
string connection_string = "Data Source=My_srv;User Id=My_usr;Password=My_pwd;";
OracleConnection connection = null;
OracleDependency dependency = null;
OracleCommand my_select = null;
OracleCommand my_insert = null;
public Form1()
{
InitializeComponent();
}
private void TB_insert_event(object sender, EventArgs e)
{
if (TB_insert.Text == "Name of your insert")
TB_insert.Clear();
}
private void insert(object sender, EventArgs e)
{
connection = new OracleConnection(connection_string);
my_insert = connection.CreateCommand();
my_insert.CommandText = "INSERT INTO USR_DEV_TRUNK.WPARAM (wpa_codeparam) VALUES ('" + TB_insert.Text + "')";
connection.Open();
my_insert.ExecuteNonQuery();
connection.Close();
}
private void Set_dep(object sender, EventArgs e)
{
OracleDependency.Port = 3048;
connection = new OracleConnection(connection_string);
connection.Open();
my_select = connection.CreateCommand();
my_select.CommandText = "SELECT wpa_codeparam FROM USR_DEV_TRUNK.WPARAM";
dependency = new OracleDependency();
dependency.AddCommandDependency(my_select);
my_select.Notification.IsNotifiedOnce = false;
my_select.ExecuteNonQuery();
dependency.OnChange += new OnChangeEventHandler(on_my_event);
TB_dependency.Text = "The dependency is set, do your insert to see if it works";
connection.Close();
}
public void on_my_event(object obj, OracleNotificationEventArgs arg)
{
TB_dependency.Text = "Yay ! It worked !";
}
}
}
I have two buttons :
One to set my dependency (function (on click) : Set_dep)
One to do my insert (function (on click) : insert)
And i have two textboxs :
One to get my insert (name : TB_insert)
One to show the dependency state (name : TB_dependency)
Did you make sure packets on port 3048 are not getting blocked by a firewall?
Also, once your dependency has been set, can you see it by querying the USER_CHANGE_NOTIFICATION_REGS / DBA_CHANGE_NOTIFICATION_REGS views?