Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
SQL STORED PROCEDURES
- Thread starter BFT1303
- Start date
Code:
create proc IHaveParam (@param varchar(1000))
as
begin
select *
from leTable
where leColumn = @param
endThen, from your C# program you can call it using a query like this:
Code:
execute IHaveParam 'parameter value in single quotes'Hope this helps,
ALex
Ignorance of certain subjects is a great part of wisdom
- Thread starter
- #3
CREATE PROCEDURE get_Parts
AS
DECLARE
@partNum varchar(40)
BEGIN
SET @partNum = 'myPart'
SELECT DISTINCT BIN_ID,SUM(BIN_QTY) AS BIN_QTY FROM plm_brad.LEI_WARE WHERE PART_ID = @partNum GROUP BY BIN_ID
END
Sorry, I didnt explain my problem very well. I would like to pull in the value of 'myPart' into this SQL stored procedure from my C# program.
AS
DECLARE
@partNum varchar(40)
BEGIN
SET @partNum = 'myPart'
SELECT DISTINCT BIN_ID,SUM(BIN_QTY) AS BIN_QTY FROM plm_brad.LEI_WARE WHERE PART_ID = @partNum GROUP BY BIN_ID
END
Sorry, I didnt explain my problem very well. I would like to pull in the value of 'myPart' into this SQL stored procedure from my C# program.
You would accomplish this through a Data Access Logic Component, or DALC. The component would consist of methods to connect to the SQL instance, create a command object, append the SP parameter collection to the object, call the SP, and pass the result back to the business logic object.
Google "ADO.NET examples" for, well, examples of how to do this. I'd submit, but my stuff's all in VB.
Good luck.
Phil Hegedusich
Senior Programmer/Analyst
IIMAK
-----------
Not NULL-terminated yet.
Google "ADO.NET examples" for, well, examples of how to do this. I'd submit, but my stuff's all in VB.
Good luck.
Phil Hegedusich
Senior Programmer/Analyst
IIMAK
-----------
Not NULL-terminated yet.
You want to return that value of @partNum for each record returned by the query? If so, then...
-George
Strong and bitter words indicate a weak cause. - Fortune cookie wisdom
Code:
[COLOR=blue]CREATE[/color] [COLOR=blue]PROCEDURE[/color] get_Parts
[COLOR=blue]AS[/color]
[COLOR=blue]DECLARE[/color]
@partNum [COLOR=blue]varchar[/color](40)
[COLOR=blue]BEGIN[/color]
[COLOR=blue]SET[/color] @partNum = [COLOR=red]'myPart'[/color]
[COLOR=blue]SELECT[/color] [COLOR=#FF00FF]DISTINCT[/color] @partNum [COLOR=blue]As[/color] PartNumber,
BIN_ID,
SUM(BIN_QTY) [COLOR=blue]AS[/color] BIN_QTY
[COLOR=blue]FROM[/color] plm_brad.LEI_WARE
[COLOR=blue]WHERE[/color] PART_ID = @partNum
[COLOR=blue]GROUP[/color] [COLOR=blue]BY[/color] BIN_ID
[COLOR=blue]END[/color]-George
Strong and bitter words indicate a weak cause. - Fortune cookie wisdom
- Thread starter
- #6
Code:
[COLOR=blue]CREATE[/color] [COLOR=blue]PROCEDURE[/color] get_Parts
@partNum [COLOR=blue]varchar[/color](40)
[COLOR=blue]AS[/color]
[COLOR=blue]BEGIN[/color]
[COLOR=blue]SELECT[/color] [COLOR=#FF00FF]DISTINCT[/color]
BIN_ID,
SUM(BIN_QTY) [COLOR=blue]AS[/color] BIN_QTY
[COLOR=blue]FROM[/color] plm_brad.LEI_WARE
[COLOR=blue]WHERE[/color] PART_ID = @partNum
[COLOR=blue]GROUP[/color] [COLOR=blue]BY[/color] BIN_ID
[COLOR=blue]END[/color]In your C# program, you'll want to use the command object and also the parameters object. If you don't get a more suitable response, you may be better off posting this question in the C# forum.
-George
Strong and bitter words indicate a weak cause. - Fortune cookie wisdom
- Thread starter
- #8
Yes. That will work. But there are a couple hidden problems with that approach.
First, if the string/part number you are searching for contains the single-quote/apostrophe character, then your query will fail. While this may be unlikely to occur with part numbers, it's best to get in to the 'proper' habits from the beginning. To accomodate single-quotes within the data, you need to double them. In vb, I would write:
[tt][blue]cmdPart = "EXECUTE get_Parts '" & Replace(MyPart, "'", "''") & "'"[/blue][/tt]
There's also security implemications with this method, too. Do a google search on 'SQL Injection'.
The best method to call stored procedures is by using a command object with parameter objects. It takes a little more coding, but it's actually faster, more secure, and less prone to bugs (more stable).
By getting in the habit of using the command object now, you will save yourself from having to deal with problems later.
-George
Strong and bitter words indicate a weak cause. - Fortune cookie wisdom
First, if the string/part number you are searching for contains the single-quote/apostrophe character, then your query will fail. While this may be unlikely to occur with part numbers, it's best to get in to the 'proper' habits from the beginning. To accomodate single-quotes within the data, you need to double them. In vb, I would write:
[tt][blue]cmdPart = "EXECUTE get_Parts '" & Replace(MyPart, "'", "''") & "'"[/blue][/tt]
There's also security implemications with this method, too. Do a google search on 'SQL Injection'.
The best method to call stored procedures is by using a command object with parameter objects. It takes a little more coding, but it's actually faster, more secure, and less prone to bugs (more stable).
By getting in the habit of using the command object now, you will save yourself from having to deal with problems later.
-George
Strong and bitter words indicate a weak cause. - Fortune cookie wisdom
What we've done is create a utility object that returns SP results. All we have to do is instantiate the object and pass the SP name and parameter collection.
Phil Hegedusich
Senior Programmer/Analyst
IIMAK
-----------
Not NULL-terminated yet.
Phil Hegedusich
Senior Programmer/Analyst
IIMAK
-----------
Not NULL-terminated yet.
- Status
Similar threads
- Locked
- Question
