Hi im trying to create a function called SQLExecute that takes an SQL query, executes it and returns the resultant dataset in dsetResponse and if an error in strError, however i am unsure if whether im on the right track or not, where would i put the sql query and what else needs to be done, my code is as follows;
publicstaticDataSet SQLExecute(string strSQL,string strError){
DataSet dsetResponse =newDataSet();try
{
using (SqlConnection conn =newSqlConnection(DHOC.clsDHOC.GetConnString())){
SqlCommand cmd =newSqlCommand();cmd.CommandType =CommandType.Text;}
}
catch (ThreadAbortException thEx){
throw;}
catch (Exception ex){
string strError
}
return dsetResponse;}
At least I can point out two things:
1). You don't need to pass string error into your function because the error should be caught inside your function;
2). In your two catch blocks, you should throw the error like throw thEx and ex. In my practice, I usually just do error throw in development phase. Before I move to product, I will LOG the error, and return null for the DataSet if error is caught, so that client will not be able to see ugly error.
|||
Hi thanks for responding, i have adjusted it but i dont think what i have done so far is correct;
publicstaticDataSet SQLExecute(string strSQL)
{
string strData ="";string strTableName ="";
DataSet dsetResponse =newDataSet();
try
{
using (SqlConnection conn =newSqlConnection(DHOC.clsDHOC.GetConnString())){
SqlCommand cmd =newSqlCommand("SELECT ColumnName FROM TableName WHERE ColumnName = 'ColumnValue'", conn);
cmd.CommandType =CommandType.Text;
cmd.Parameters["@.ColumnName"].Value = strData;cmd.Parameters["@.TableName"].Value = strTableName;
cmd.Parameters["@.ColumnValue"].Value = strData;cmd.ExecuteNonQuery;
}
}
catch (ThreadAbortException thEx){
throw;}
catch (Exception ex){
clsDHOC objDHOC =newclsDHOC();objDHOC.Write2ErrorLogTable(ex1.Message,"GetDataSetByID","clsDHOC", System.Web.HttpContext.Current.Session["UserFullName"].ToString());
}
return dsetResponse;}
|||Hi,
SqlCommand cmd = new SqlCommand("SELECT ColumnName FROM TableName WHERE ColumnName = 'ColumnValue'", conn);
cmd.CommandType = CommandType.Text;
cmd.Parameters["@.ColumnName"].Value = strData;
cmd.Parameters["@.TableName"].Value = strTableName;
cmd.Parameters["@.ColumnValue"].Value = strData;
cmd.ExecuteNonQuery;
From the code you provided, I think there should be something wrong while you are using Parameters. As you have modify your select command, "SELECT ColumnName FROM TableName WHERE ColumnName = 'ColumnValue'"".
There's no parameter holders for ColumnName,TableName and ColumnValue. All the parameter you want to bind should be declared with a "@." prefix which indicates that it's a parameter in your select command.
Besides, only values in condition part can be the parameter. Such value like TableName cannot be the parameter, if you want to select dynamical tables, you may create your select command manually by string.Format() method.
Thanks.
No comments:
Post a Comment