Menu
Many posts about Parameters in SQL with C# but I am still missing something. I am not getting an error message but no data is inserted. What is missing? I have text boxes named fname, lname, address, city, state and zip.
private void enter_button_Click(object sender, EventArgs e)
{
string first, last, addy, city1, stat, zippy;
first = fname.Text;
SqlParameter firstparam;
firstparam = new SqlParameter();
firstparam.ParameterName = "@first";
firstparam.Value = first;
last = lname.Text;
SqlParameter lastparam;
lastparam = new SqlParameter();
lastparam.ParameterName = "@last";
lastparam.Value = last;
addy = address.Text;
SqlParameter addressparam;
addressparam = new SqlParameter();
addressparam.ParameterName = "@addy";
addressparam.Value = addy;
city1 = city.Text;
SqlParameter cityparam;
cityparam = new SqlParameter();
cityparam.ParameterName = "@city1";
cityparam.Value = city1;
stat = state.Text;
SqlParameter stateparam;
stateparam = new SqlParameter();
stateparam.ParameterName = "@stat";
stateparam.Value = stat;
zippy = zip.Text;
SqlParameter zipparam;
zipparam = new SqlParameter();
zipparam.ParameterName = "@zippy";
zipparam.Value = zippy;
try
{
Validate(fname);
Validate(lname);
Validate(city);
Validate(state);
}
catch (Exception ex)
{
throw new Exception(ex.ToString(), ex);
}
try
{
exValidate(address);
}
catch (Exception ex1)
{
throw new Exception(ex1.ToString(), ex1);
}
try
{
numValidate(zip);
}
catch (Exception ex2)
{
throw new Exception(ex2.ToString(), ex2);
}
string connection = "Data Source=TX-MANAGER;Initial Catalog=Contacts;Integrated Security=True";
var sqlstring = string.Format("INSERT INTO Contacts ([First] ,[Last] ,[Address] ,[City] ,[State],[ZIP]) VALUES {0}, {1}, {2}, {3}, {4}, {5})", @first, @last, @addy, @city1, @stat, @zippy);
SqlConnection conn = new SqlConnection(connection);
SqlCommand comm = new SqlCommand();
comm.CommandText = sqlstring;
try
{
conn.Open();
//SqlTransaction trans = conn.BeginTransaction();
//comm.Transaction = trans;
comm.Parameters.Add("@first", SqlDbType.Text);
comm.Parameters.Add("@last", SqlDbType.Text);
comm.Parameters.Add("@addy", SqlDbType.Text);
comm.Parameters.Add("@city1", SqlDbType.Text);
comm.Parameters.Add("@stat", SqlDbType.Text);
comm.Parameters.Add("@zippy", SqlDbType.SmallInt);
}
catch (Exception commex)
{
throw new Exception(commex.ToString(), commex);
}
conn.Close();
}
So I changed to this and still nothing happens.
string connection = "Data Source=TX-MANAGER;Initial Catalog=Contacts;Integrated Security=True";
var sqlstring = string.Format("INSERT INTO Contacts ([First] ,[Last] ,[Address] ,[City] ,[State],[ZIP]) VALUES {0}, {1}, {2}, {3}, {4}, {5})", @first, @last, @addy, @city1, @stat, @zippy);
SqlConnection conn = new SqlConnection(connection);
SqlCommand comm = conn.CreateCommand();
comm.CommandText = sqlstring;
try
{
conn.Open();
//SqlTransaction trans = conn.BeginTransaction();
//comm.Transaction = trans;
comm.Parameters.AddWithValue("@first", first);
comm.Parameters.AddWithValue("@last", last);
comm.Parameters.AddWithValue("@addy", addy);
comm.Parameters.AddWithValue("@city1", city1);
comm.Parameters.AddWithValue("@stat", stat);
comm.Parameters.AddWithValue("@zippy", zippy);
comm.ExecuteNonQuery();
582
You forgot to execute the command ;)
EDIT: you also didn't use the parameters that you created at the beginning of the method.
...
try
{
conn.Open();
//SqlTransaction trans = conn.BeginTransaction();
//comm.Transaction = trans;
comm.Parameters.Add(firstparam);
comm.Parameters.Add(lastparam);
comm.Parameters.Add(addressparam);
comm.Parameters.Add(cityparam);
comm.Parameters.Add(stateparam);
comm.Parameters.Add(zipparam);
// This is what you forgot:
comm.ExecuteNonQuery();
}
...
BTW, don't do things like that:
catch (Exception ex1)
{
throw new Exception(ex1.ToString(), ex1);
}
It's useless, it just adds a new level of exception without adding anything useful. Just let the exception bubble up the stack until it reaches a catch block that actually does something useful.
76
The key issues in the provided sample are:
sqlstring should have the parameter definitions in the stringSqlConnection and SqlCommand object are not begin disposed correctly (for example, the conn.Close() call is not part of the Finally section of the exception handler. Value of the SqlParameters are not being setExecute xx method on the SqlCommand object is not begin called varchar type, not Text. Text is the deprecated SQL Server datatype to store blob.I would Refactor the code as follows:
private void enter_button_Click(object sender, EventArgs e)
{
var first = fname.Text;
var last = lname.Text;
var addy = address.Text;
var city1 = city.Text;
var stat = state.Text;
var zippy = zip.Text;
Validate(fname);
Validate(lname);
Validate(city);
Validate(state);
exValidate(address);
numValidate(zip);
using (var conn = new SqlConnection("Data Source=TX-MANAGER;Initial Catalog=Contacts;Integrated Security=True"))
using (var cmd = new SqlCommand(@"INSERT INTO Contacts ([First], [Last], [Address], [City], [State], [ZIP]) VALUES (@first, @last, @addy, @city1, @stat, @zippy)", conn))
{
cmd.Parameters.AddRange(
new[]
{
new SqlParameter(@"first", SqlDbType.VarChar).Value = first,
new SqlParameter(@"last", SqlDbType.VarChar).Value = last,
new SqlParameter(@"addy", SqlDbType.VarChar).Value = addy,
new SqlParameter(@"city1", SqlDbType.VarChar).Value = city1,
new SqlParameter(@"state", SqlDbType.VarChar).Value = stat,
new SqlParameter(@"zippy", SqlDbType.SmallInt).Value = zippy
});
conn.Open();
cmd.ExecuteNonQuery();
}
}
Note: I prefer supplying the datatype of parameters since SqlCE does not always work correctly when no type is supplied.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
