I've downloaded Glimpse and the Glimpse.ADO extension and installed it on my test instance.
I thought I'd get a capture of any sql that was executed, but it seems like it doesn't capture commands with the way our code is written.
using (var conn = new SqlConnection(cString))
{
conn.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = "Select count(*) from table";
cmd.CommandType = CommandType.Text;
txtResult2.Text = cmd.ExecuteScalar().ToString();
conn.Close();
}
I CAN get it to provide information from a test page with the sql code written like so:
var factory =DbProviderFactories.GetFactory(cString.ProviderName);
using (var connection = factory.CreateConnection())
{
connection.ConnectionString = connectionString.ConnectionString;
connection.Open();
using (var command = connection.CreateCommand())
{
command.CommandText = "SELECT COUNT(*) FROM table";
command.CommandType = CommandType.Text;
txtResult1.Text = command.ExecuteScalar().ToString();
}
}
However I have too many places in my code to change if I can only capture data using this dbProviderFactories method.
Is there a way to get Glimpse.ADO to work with the System.Data.SqlClient.SqlConnection class? Is there another Glimpse extension that works with this namespace?
Is there another way to tackle this problem?
I agree with #StriplingWarrior, leveraging the provider factories will make your code more DRY and follow best practices. DbProviderFactories really is the best way to do this and your code won't explicitly rely on Glimpse.
However, if you really want to just move forward with your existing app code, Glimpse will support you with the following changes:
using (var conn = new GlimpseDbConnection(new SqlConnection(cString))
{
conn.Open();
DbCommand cmd = conn.CreateCommand();
cmd.CommandText = "Select count(*) from table";
cmd.CommandType = CommandType.Text;
txtResult2.Text = cmd.ExecuteScalar().ToString();
conn.Close();
}
In the example above, the command is created with the CreateCommand() method, which removes the need to associate the command and the connection.
Alternatively, you could also still explicitly create the command like so:
conn.Open();
DbCommand cmd = new GlimpseDbCommand(new SqlCommand());
cmd.Connection = conn;
cmd.CommandText = "Select count(*) from table";
cmd.CommandType = CommandType.Text;
Finally, more documentation about the SQL tab is available by clicking the ? icon in the Glimpse UI when you have the tab selected, or by going to our SQL documentation on getGlimpse.com. (I'll be adding this info to that page for future reference.)
In problems section on Glimpse site...
Getting Glimpse to work with manual created SQL Connections/Commands
http://getglimpse.com/Docs/Manual-ADO-Integration
Related
I created the application in ASP.NET core which needs to get details from SQL Server through a stored procedure.
Here is my code
SqlConnection connection = new SqlConnection(connectionString);
connection.Open();
SqlCommand cmd = connection.CreateCommand();
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("#lat", "31.77987");
cmd.Parameters.AddWithValue("#lng", "-106.4119");
cmd.Connection = connection;
cmd.CommandText = "sp_Procedure";
var r = cmd.ExecuteNonQuery();
When I run this code, I got an error
The server is attempting to use a feature that is not supported on this platform
If I missed out anything please correct me.
con.Open();
cmd2 = new SqlCommand("insert into dailyWorkout('"+RadioButton1.Text+"', '"+RadioButton2.Text+"', '"+RadioButton3.Text+"', '"+RadioButton4.Text+"', '"+RadioButton5.Text+"', '"+Label1.Text+"')", con);
cmd2.ExecuteNonQuery();
Hey guys, been working on this website for a while, but I get an error when putting data into the database saying
Incorrect syntax near ')'.
With other stuff that I'm putting same way it works and this does not.
You should really really REALLY use parametrized queries to avoid SQL injection (and to boost performance; and avoid issues with type conversions etc.)
So I would recommend using code something like this:
// define your *parametrized* SQL statement
string insertStmt = "INSERT INTO dbo.YourTable(Col1, Col2, Col3) VALUES(#Val1, #Val2, #Val3);";
// put SqlConnection and SqlCommand into "using" blocks to ensure proper disposal
using(SqlConnection conn = new SqlConnection("-your-connection-string-here-"))
using(SqlCommand cmd = new SqlCommand(insertStmt, conn))
{
// set the parameters to the values you need
cmd.Parameters.AddWithValue("#Val1", "Some String here");
cmd.Parameters.AddWithValue("#Val2", 42);
cmd.Parameters.AddWithValue("#Val3", DateTime.Today.AddDays(-7));
// open connection, execute query, close connection right away
conn.Open();
int rowsAffected = cmd.ExecuteNonQuery();
conn.Close();
}
Points to remember:
ALWAYS use parametrized queries - do NOT concatenate together your SQL statements!
put the SqlConnection and SqlCommand into using(...) { ... } blocks to ensure proper disposal
always explicitly define the list of columns you want to use in a SELECT and also an INSERT statement
open connection as late as possible, execute query, close connection again right away
That will do the job but I strongly advice using Parameters.
con.Open();
cmd2 = new SqlCommand("insert into dailyWorkout values ('"+RadioButton1.Text+"', '"+RadioButton2.Text+"', '"+RadioButton3.Text+"', '"+RadioButton4.Text+"', '"+RadioButton5.Text+"', '"+Label1.Text+"')", con);
cmd2.ExecuteNonQuery();
Instead of the code above you'd better to use
cmd2 = new SqlCommand("insert into dailyWorkout values (#val1, #val2, #val3,#val4,#val5,#val6)", con);
cmd2.Parameters.AddWithValue("#val1",RadioButton1.Text);
cmd2.Parameters.AddWithValue("#val2",RadioButton2.Text);
cmd2.Parameters.AddWithValue("#val3",RadioButton3.Text);
cmd2.Parameters.AddWithValue("#val4",RadioButton4.Text);
cmd2.Parameters.AddWithValue("#val5",RadioButton5.Text);
cmd2.Parameters.AddWithValue("#val6",Label1.Text)
cmd2.ExecuteNonQuery();
Ok its already been mentioned, don't inject parameters like that.
But if you must, the problem is that your final sql string looks like:
insert into dailyWorkout('string1', 'string2', 'string3', 'string4', 'string5', 'string6')
when it should be
insert into dailyWorkout(columnName1,columnName2,columnName3,columnName4,columnName5,columnName6)
values('string1', 'string2', 'string3', 'string4', 'string5', 'string6')
But you should really consider:
var sqlCmd = new SqlCommand("insert into dailyWorkout(columnName1,columnName2,columnName3,columnName4,columnName5,columnName6) values(#v1, #v2, #v3, #v4, #v5, #v6)", default(SqlConnection));
sqlCmd.Parameters.Add("#v1", SqlDbType.NVarChar).Value = RadioButton1.Text;
sqlCmd.Parameters.Add("#v2", SqlDbType.NVarChar).Value = RadioButton2.Text;
sqlCmd.Parameters.Add("#v3", SqlDbType.NVarChar).Value = RadioButton3.Text;
sqlCmd.Parameters.Add("#v4", SqlDbType.NVarChar).Value = RadioButton4.Text;
sqlCmd.Parameters.Add("#v5", SqlDbType.NVarChar).Value = RadioButton5.Text;
sqlCmd.Parameters.Add("#v6", SqlDbType.NVarChar).Value = Label1.Text;
sqlCmd.ExecuteNonQuery();
This c# code just doesn't want to change Password on the server (UserID and PW will obviously be a strings for some purpose, but this is just to get it working):
SqlConnection conn = new SqlConnection ("Data Source=ServerIP;Persist Security Info=False;User ID=UserID;Password=UserPW");
SqlCommand cmd = new SqlCommand ("ALTER LOGIN UserID WITH PASSWORD='NewPW' OLD_PASSWORD='UserPW'", conn);
cmd.CommandType = CommandType.Text;
conn.Open();
conn.Close();
Changing Password using the same command ALTER LOGIN UserID WITH PASSWORD='NewPW' OLD_PASSWORD='UserPW' with a Server Management studio works like a charm, so there is no problem within command line or/and permissions for this particular User.
I guess I miss something in Sql Connection line.
Already tried combinations of:
Initial Catalog=master;
Initial Catalog=;
Integrated Security=SSPI;
Persist Security Info=True;
Changing command type, using ExecuteNonQuery();, and many other things, but nothing seems to work.
"Google" doesn't give any valuable result, hopefully I will find my answer here, thanks for taking your time in advance.
Try the following, works a treat for me:
SqlConnection conn = new SqlConnection ("Data Source=ServerIP;Persist Security Info=False;User ID=UserID;Password=UserPW");
SqlCommand cmd = new SqlCommand ("ALTER LOGIN UserID WITH PASSWORD='NewPW' OLD_PASSWORD='UserPW'", conn);
cmd.CommandType = CommandType.Text;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
You forgot to put cmd.ExecuteNonQuery() after you opened the connection. I just tested this and it successfully changed the password on my local database.
string queryString = #"DECLARE #sql NVARCHAR(500)
SET #sql = 'ALTER LOGIN ' + QuoteName(#loginName) +
' WITH PASSWORD= ' + QuoteName(#password, '''')
EXEC #sql ";
using (var connection = new SqlConnection(connectionString))
{
var command = new SqlCommand(queryString, connection);
command.Parameters.AddWithValue("#loginName", loginName);
command.Parameters.AddWithValue("#password", password);
connection.Open();
command.ExecuteNonQuery()
}
UPDATE
With DDL (data definition language) statements (as ALTER LOGIN) you cannot use parameters directly. That's why I'm using a dynamic SQL.
The QuoteName will do proper quoting in the SQL, simply doubles any [ characters (first call) or ' characters (second call).
I am using ado.net to access sql server I have costum Stored Procedure I am executing it using ado.net :
SqlCommand command = new SqlCommand("Custom",con);
and i am sending the parameters like this :
command.Parameters.Add(new SqlParameter("#Parm1",SqlDbType.Int,0,"Parm1"));
command.Parameters.Add(new SqlParameter("#Parm2",SqlDbType.Int,0,"Parm2"))
it dose not work and it did not give me an error as well it is the first time to work without DAL generator
Please, use this pattern:
SqlCommand command = new SqlCommand("nameOfMyStoredProcedure", mySqlConnectionObject);
command.CommandType = CommandType.StoredProcedure;
command.Parameters.Add("#ID", SqlDbType.Int);
command.Parameters["#ID"].Value = customerID;
to make it work add this line before set the params :
command.CommandType = CommandType.StoredProcedure;
and set the params using :
command.Parameters[0].Value=4;
command.Parameters[1].Value=2;
:)
How to Run two Update Sql Queries using this Sql Snippet ?
The code mentioned below is updating values only in one table .... i want to update data in two different tables using the code mentioned below :
can anybody reedit this code ?
Try
Using conn = New SqlConnection(constr)
Using cmd = conn.CreateCommand()
conn.Open()
Dim sql As String =
"UPDATE a1_ticket
SET Ticket_no =#ticketNo,
BANK = #bank,
PAID = #paid,
BID = #bid
WHERE ITC = #ticketNo"
cmd.CommandText = sql
cmd.Parameters.AddWithValue("#bank", Literal20.Text)
cmd.Parameters.AddWithValue("#paid", Label1.Text)
cmd.Parameters.AddWithValue("#bid", Literal21.Text)
cmd.Parameters.AddWithValue("#ticketNo", Literal3.Text)
cmd.ExecuteNonQuery()
End Using
End Using
Catch ex As Exception
Response.Write(ex.Message)
End Try
Create a Stored Procedure that updates the two tables and execute it using a StoredProcedure Command...
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "UpdateTheTwoTables";
....
Modify the SQL statement to update the two tables.
Using a Stored Procedure is the cleanest way code wise. If you don't feel comfortable doing it like that, I'm sure you can do it like this:
Try
Using conn = New SqlConnection(constr)
Using cmd = conn.CreateCommand()
conn.Open()
Dim sql As String = "UPDATE a1_ticket SET Ticket_no =#ticketNo, BANK = #bank, PAID = #paid, BID = #bid WHERE ITC = #ticketNo"
cmd.CommandText = sql
cmd.Parameters.AddWithValue("#bank", Literal20.Text)
cmd.Parameters.AddWithValue("#paid", Label1.Text)
cmd.Parameters.AddWithValue("#bid", Literal21.Text)
cmd.Parameters.AddWithValue("#ticketNo", Literal3.Text)
cmd.ExecuteNonQuery()
End Using
//
Using cmd = conn.CreateCommand()
conn.Open()
Dim sql As String = "UPDATE a2_ticket SET Ticket_no =#ticketNo, BANK = #bank, PAID = #paid, BID = #bid WHERE ITC = #ticketNo"
cmd.CommandText = sql
cmd.Parameters.AddWithValue("#bank", Literal20.Text)
cmd.Parameters.AddWithValue("#paid", Label1.Text)
cmd.Parameters.AddWithValue("#bid", Literal21.Text)
cmd.Parameters.AddWithValue("#ticketNo", Literal3.Text)
cmd.ExecuteNonQuery()
End Using
End Using
Catch ex As Exception
Response.Write(ex.Message)
End Try
It's a sketch of what I'm trying to say, you may want to change a few things here and there, but the point is you can just update your two tables one after the other. It's not possible in one update statement afaik.
you can also use
Dim sql As String = # "Query for first update;
Query for second update;";
Well as you havent said anything about the second table, or the data you're sending it. I havent put this through the compiler to verify it, but the concept I'd suggest would be
You could do:
void UpdateDB(String sql, String[][] params)
{
Try
{
SqlConnection conn = New SqlConnection(constr);
SqlCommand cmd = conn.CreateCommand();
conn.Open();
cmd.CommandText = sql;
for(int i=0; i<params.length; i++)
{
cmd.Parameters.AddWithValue(params[i,0] params[i,1]);
}
cmd.ExecuteNonQuery();
}
Catch (Exception ex)
{
Response.Write(ex.Message);
}
}
eg send the SQL and the parameters to the function and have it do all the work..