I apologize in advance if the question is too noobish. I am new to the ASP and SQL server world (i've been using PHP and MySQL up to this point) (I've read other topics here, but none seemed to give me a clear answer)
I want to connect my ASP website to my SQL database (using sql server 2005 currently), how would i do that? I've been trying to use numerous connection strings, but everything seems confusing to me right now (too many varieties)
Also, how do i execute queries after making a succesful connection?
I believe an answer to those two would get me started on, i hope i'm not asking for much or something. Thanks in advance!
Dim objDbCon
Dim dataCount
Dim sqlQuery
Set objDbCon = Server.CreateObject("ADODB.Connection")
'Change the parameters with your own environment'
objDbCon.ConnectionString = "Provider=SQLOLEDB; Data Source=120.120.120.120; Initial Catalog=Database name; User Id=user1; Password=1234;"
objDbCon.Open
'Put sql script which you want to get result set'
sqlQuery = "SELECT COUNT(*) AS CNT FROM TABLE_NAME"
'This is how you execute sql script and bind the result set to dataset object'
Set Rs = objDbCon.Execute(sqlQuery)
dataCount = Rs("CNT")
Rs.Close
To add sql connection to a asp.net webpage, First we have to get the connection string.
For that open server explorer ->Data connections ->add connection.
Give the servername and database name in the given popup box.
After adding the connection take the property window of added connection, From there we will get the connection string.
After that write the following code:
using System.Data;
using System.Data.SqlClient;
public void dbconnection
{
SqlConnection con;
con = new SqlConnection("connectionstring");
con.Open();
SqlCommand cmd=new SqlCommand("Your sql query",con);
cmd.ExecuteNonQuery();
con.close();
}
for insert,update and delete queries we use ExecuteNonQuery().
for select queries we use
SqlDataReader dr = cmd.ExecuteReader();
Related
I have a stored procedure that I'm calling from asp.net and I'm adding 47 parameters mostly from values selected on drop downs and radio buttons and text boxes from a form. I also have (for some reason beyond my pay grade) some parameters that are set to Null..these are also a source of some hair pulling and I don't know if these are the problems or not.
Dim Parameter As SqlParameter = New SqlParameter("#type", "u")
Dim Parameter1 As SqlParameter = New SqlParameter("#user", User)
Dim Parameter2 As SqlParameter = New SqlParameter("#term", terminal)
Dim Parameter3 As SqlParameter = New SqlParameter("#url", accesslevel)
Dim Parameter4 As SqlParameter = New SqlParameter("#name", firstname & " " & lastname)
Dim Parameter5 As SqlParameter = New SqlParameter("#mgr", mgr)
Dim Parameter6 As SqlParameter = New SqlParameter("#mgrEmail", mgr)
Dim Parameter7 As SqlParameter = New SqlParameter("#phone", mgr)
Dim Parameter8 As SqlParameter = New SqlParameter("#title", titletitle)`
... and on and on until Parameter48...
Dim myCommand As New SqlCommand("dbo.proc_vsSpacAccess", conn)
myCommand.CommandType = CommandType.StoredProcedure
myCommand.Parameters.Add(Parameter)
myCommand.Parameters.Add(Parameter1)
myCommand.Parameters.Add(Parameter2)
myCommand.Parameters.Add(Parameter3)
myCommand.Parameters.Add(Parameter4)
... and on until Parameter48... and then finally I run the stored proc..
myCommand.ExecuteNonQuery()
end of subroutine...
I run this and get nothing, no feedback, nothing. How do I know what's wrong if things aren't working? do I debug from SQL Server (I can't change the stored procedure it's not mine to change btw) or try to debug the stored procedure from Visual Studio?
I REPEAT, I CANNOT CHANGE THE STORED PROCEDURE IT IS READ ONLY FOR ME..
ExecuteNonQuery won't return anything unless you explicitly catch the return value.
If you want to know how query is executing, you can view using SQL Server Profiler.
Set a break point right after ExecuteNonQuery
Let SQL Server Profiler run at the background
See the executed query
You can even copy the query from Profiler, and run it in SSMS to make sure it even works.
Let me give you some advice on debugging. First run profiler when you run your application (on dev!) and grab the SQL that is generated.
Next open up SSMS and put that SQL in it and see if it generated valid sql. Sometimes you qwill find it did not. Then the problem is in how you are building the sql. If the SQL is valid, either it ran but didn't give you a return message or the problem is the proc itself or the data in the parameters.
Then open up the stored proc to see what it does; if it is inserting to a table or updating a table, check that table in the db to see if the data was inserted or updated based on teh variables you sent. You should always have unit tests built to check the results of an action stored proc, if you do not, then write them now, so the next time you test, you know what you should see in the database as a result of running the proc.
If you did not get the action you expected, try running the proc from SSMS with the profiled data. If the data still doesn't insert or update, you may need to ask the people responsible for the proc to track down what the problem is. Likely in this case, soemthing is wrong with the particular parameters you are sending although it could bea genuiine bug of a case taht was not expected. For instance you may be sending a null for a reuired field. Not all procs are built to properly handle errors, so it may not be sending one up the chain to you.
Lets start from the point that when it comes to executing stored procedures, you need to design it to return some feedback. Just the fact that you have stored procedure, doesn't mean that you will have any feedback. For example (pseudo-code)
Create procedure MyProc()
Begin
Try
-- Do something
-- And it happens to error here
Catch
' do nothing
End Try
End
Now, this one, will never give you any info of what happened, success or failure because error is handled within
Lets look at this one now, again, pseudo-code
Create procedure MyProc(#retVal int out)
Begin
set #retVal = -1 -- assume it failed
Try
-- Do something
set #retVal = 0 -- a flag that it is success
Catch
' do nothing
End Try
End
Now, with this you can go to your vb code and test
myCommand.ExecuteNonQuery()
Dim val as Object = myCommand.Parameters(0).Value
If CInt(val) = 0 Then
' success route
Else
' error route
End If
Basically, this is the example of one of the few methods how to obtain info about state of execution of your stored procedure. But again, you need to code for this.
Now, if you want to know in details, what is your SP doing while it is executing, again, you need to code for this. You can create a log table, in which you will store data that you scrape within your SP. I've seen designs where each SP had one parameter #debug. And, when called in debug mode, it would post logs about its execution data.
I have following code on page load event:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
con = New SqlConnection("Data Source=14GRAFICALI\\SQLEXPRESS;Initial Catalog=sagar;Integrated Security=True")
'-----------------------fill name ddl------------------------------'
Try
da = New SqlDataAdapter("select EmpName from empMaster_VB", con)
ds = New DataSet()
da.Fill(ds)
For i As Integer = 0 To ds.Tables(0).Rows.Count
ddlName.Items.Add(ds.Tables(0).Rows(i)(0).ToString())
Next
Catch ex As Exception
End Try
'--------------------------------------------------------------------'
'----------------fill expence-------------------------------------'
Try
da = New SqlDataAdapter("select ExpName from expenceType_VB", con)
ds = New DataSet()
da.Fill(ds)
For i As Integer = 0 To ds.Tables(0).Rows.Count
ddlExpence.Items.Add(ds.Tables(0).Rows(i)(0).ToString())
Next
Catch ex As Exception
End Try
'---------------------------------------------------------------'
End Sub
This code is to fill drop downs with names and expence values in database tables.
I am getting 'instance failure' error while executing the code.
I checked one of the answers on stack and checked my connection string. But, my connection string is also correct.
Please help me if anything else is missing in this code.
As you got the error "instance failure", that might be the error with your SQL Server instance..
Make sure your SQL Server instance(MSSQLSERVER) is running, where you can check in: Services list. TO get into services list: open run dialog box and type: "services.msc" (without quotes) and hit Enter. That takes you to services management console, where you can check whether your instance in running or not..
If the problem still persists, then try using: Data Source=.\SQLEXPRESS instead.. :)
Happy Coding... :)
I have connection:
Data Source=MyComputerName\SQL2012ENTERPRS;Initial Catalog=RESTFUL; User Id=myuser; Password=mypass123;
My server is : MyComputerName\SQL2012ENTERPRS
But since I use string, I add more \ so, at my code It will be:
public string connectionString = "Data Source=DAFWKN409C67Q\\SQL2012ENTERPRS;Initial Catalog=RESTFUL; User Id=rest_user; Password=rest_pwd_01;";
I have forgoten that I must remove one of \ since I am not use default string block, I use XML file to save my connection string. Then everything is ok. So, my suggestion is your instance name is not correct.
This is my connection string sample it I use local pc using SQL express:
string servername = #"Data Source=.\SQLExpress;Initial Catalog=Workshop;Integrated Security=True";
You should modify with your server name, and instance name by yourself, make sure it correct.
I had this issue because I got the connection string from appsettings.Development.json:
"Server=msi\\DataBaseName;Database=Super25;Trusted_Connection=True;"
but when I changed to
"Data Source=msi\DataBaseName;Initial Catalog=Super25;Integrated Security=True;"
solved!
in my case just kick up the double \\ to one slush \
:=)
The root cause is Regular literal ("Backslash: \") and Verbatim literal ("#"Backslash: \"") .
Reference https://csharpindepth.com/Articles/Strings
Use the wildcard "#" before "Data Source" declaration. someting like this:
connetionString = #"Data Source=...
So you'll be able to use only a back slash. Like this: #"Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\jcabarros...
I know this is an old thread, but perhaps a good update. I couldn't find a good answer on the web search.
I got the same 'Instance Failed' error when trying to reference a DbContext from another project in the same solution. The 1st project had a DbContext and the connection string, and the 2nd project in the solution was trying to reference it. The 1st app ran ok on its own, issue only occurred when running the 2nd app.
The issue was that the app.config file that had the connection string from the 1st project was not in view/scope of the 2nd project. So the connection string wasn't assembled.
My solution was to copy the app.config from the first project to the second project.
This was on VS 2019.
Hope this helps
Your answer lies in the connected services. edit provider and select the three dots once you find your database select advanced in the advanced you will see your connection string which looks like below.
Data Source=Server\ServerInstance;Initial Catalog=yourDatabaseName;Integrated Security=True
You can add more services and configure more there.
I am using ASP javascript to select from a MySQL database using a parameter passed by the user.
I would like to do this using a prepared statement. I have seen examples in VB script but can't figure it out in ASP JS.
I would normally do it in the following way:
var adoConnection = Server.CreateObject("ADODB.Connection");
adoConnection.Open("dsn=my-dsn;uid=userid;pwd=password;");
var getAdmin = "SELECT * FROM users WHERE username = '"+String(Request.QueryString("username"))+"'";
var rsAdmin = adoConnection.Execute(getAdmin);
I would like to change this to pass the user data in a safer way, can anyone help?
to parametrize correctly in ASP your Queries, you need to use "ADODB.Command" to execute your queries instead of using ADODB.Connection directly. ADODB.Command has method named ".CreateParameter()" that permits that you want.
Example code
'-------------------------------------------------------------------'
var oCmd = Server.CreateObject("ADODB.Command")
var sSQL = "SELECT username, action FROM userlog WHERE event_date < ? ;";
oCmd.CommandText = sSQL
oCmd.ActiveConnection= oConn
'-------------------------------------------------------------------'
var oPar = oCmd.CreateParameter("event_date",7,1,,dDate); 'Date
oCmd.Parameters.Append(oPar);
'-------------------------------------------------------------------'
.... do this until you have all the parameters appended and ....
var oRS = oCmd.Execute();
and you manipule the recordset as you wish
Aditional resources
ADODB Documentation
MSDN Example
ASP javascript is usually reffered to as JScript. If you search for '[jscript] [mysql]' on stackoverflow it will show you a question which will probably answer your question:
ADODB Command failing Execute with parameterised SQL query
You could also google 'msdn jscript ado' for additional samples.
Although calling into a database directly from browser-side code isn't a preferred method of retrieving data into the page (most folks prefer AJAX/JSON requests these days...), you could definitely improve the security of your code by converting the SQL statement to a stored procedure call.
For details, see http://andrewu.co.uk/clj/stored_procedures_with_jscript/
Set rsPlanID = Server.CreateObject("ADODB.Recordset")
rsPlanID.CursorLocation = adUseClient
strSQL = "SELECT PlanID FROM ATTJournals WHERE ATTUserDataID = " & ATTUserDataID
rsPlanID.Open strSQL, m_objConn, adOpenStatic, adLockOptimistic
If Not rsPlanID.EOF Then
response.Write "New PlanID:" & rsPlanID("PlanID")
End If
The above code is in classic asp.
I am getting the following error:
ADODB.Recordset error '800a0bb9'
Arguments are of the wrong type, are out of acceptable range, or are in conflict with one another.
Dows anyone know the cause this error and how to fix it?
The most like cause is that you haven't included "ADOVBS.INC" or the equavalent META:-
<!--METADATA
TYPE="TypeLib"
NAME="Microsoft ActiveX Data Objects 2.6 Library"
UUID="{00000206-0000-0010-8000-00AA006D2EA4}"
VERSION="2.6"
-->
Hence the adxxxx constants do not exist. However your primary mistake is not including Option Explicit at the top your script. This will save you bucket loads of time hunting silly mistakes and typos.
BTW What happens if ATTUserDataID contained "0; DELETE ATTJournals;" ?
Avoid composing SQL using concatenation like the plague. Search for "ASP SQL Injection" to find examples of using parameterised command objects instead.
Unless you need to navigate back and forth in the recordset, just use the default settings:
strSQL = "SELECT PlanID FROM ATTJournals WHERE ATTUserDataID = " & ATTUserDataID
Set rsPlanID = m_objConn.Execute(strSQL)
Also, your code is wide open for SQL Injection attacks - you better learn about it and change your code to use Parameters instead.
I feel like I searched the whole internet and couldn't find the solution to this problem, and just as I was about to give up, I realized that I had declared my connection variable within an "If" statement and because the if statement did not execute neither did my command to the database giving the error as mentioned in your question.
First, when I devoleped application with vbscript I used always the numbers to open a recordset. I recommend following line:
rsPlanID.Open strSQL, m_objConn, 3, 3
Make sure that you include the file adovbs.inc first. The numbers are conntected to the different types of recordset properties. And don't foregt to open the databse connection first.
Second, I think you don't need the line
rsPlanID.CursorLocation = adUseClient
Thrird, see also this thread. Maybe it is a good template for you.
Function SQL_getRecordset(strQuery)
'On Error Resume Next
'Create Database connection object
Set objConnection = CreateObject("ADODB.Connection")
'Create Recordset object
Set objrecordset = CreateObject("ADODB.Recordset")
'Specify the connection string
strConnectionstring = "Provider=SQLOLEDB.1;Data Source=*<Server name>*;Initial Catalog=*<database>*;Integrated Security=SSPI"
objConnection.Open strConnectionstring
'Execute the Query
Set objrecordset = objConnection.Execute(strQuery)
'Return Recordset
Set SQL_getRecordset = objrecordset
'Release objects from the memory
Set objConnection = Nothing
Set objrecordset = Nothing
End Function
I am trying to connect to a database on my local server. The database is called "dbtest." Of course, I have left off my actual password and replaced it with "password."
This is the typical code I see on every tutorial, but it doesn't work at all. Please help.
<%
Dim con, rs
con = Server.CreateObject("ADODB.Connection") 'I think it is something to do with this line
con.Open "Provider=sqloledb;SERVER=localhost;DATABASE=dbtest;UID=administrator; PWD=password;"
rs = Server.CreateObject("ADODB.Recordset")
%>
This is not asp.net. This is classic ASP
You have to read about creating a database driven webapp first.
Read about SqlDataSource and GridView controls. You won't need any code.
here: http://www.asp.net/data-access/tutorials/querying-data-with-the-sqldatasource-control-cs
The tutorials you are following may be a little out of date, .net includes updated classes for SQL data access, have a look here
http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx
Particularly at the SqlConnection class and SqlCommand class.
There is a useful tutorial that can be found here.
The equivalent of the ADODB.Recordset would be the SqlDataReader class.