Reputation: 926
How to pass parameter value to SqlDataSource
I'm using SqlDataSource to populate a GridView. Here is my code that does that :
private void DataCall()
{
//Object gets created for use from the class(clsDataConduit)
clsDataDictionary AnOrder = new clsDataDictionary();
//Declaring a new SqlDataSource from the inbuilt class library
SqlDataSource sqlDS_ItemTable = new SqlDataSource();
//Using our datasource object being cast onto our objects connectionstring
sqlDS_ItemTable.ConnectionString = AnOrder.ConnectionString;
//Our sql statement being passed through to our .SelectCommand method
sqlDS_ItemTable.SelectCommand = "Select tblOrders.OrderId, tblItem.ItemName, tblOrders.DateOrdered from tblItem, tblOrders where tblItem.ItemId = tblOrders.ItemId AND tblOrders.AuthId = 5";
//Adding controls to our SqlDataSource object
this.Controls.Add(sqlDS_ItemTable);
//Declares the DataSource for our gridview !
grdOrder.DataSource = sqlDS_ItemTable;
//Binds the data to refresh every time it's used
grdOrder.DataBind();
}
As you can see in the SQL statement at the end i'm doing this tblOrders.AuthId = 5 . However I want to do something like this tblOrders.AuthId = SessionAuthId .
I read some posts about doing something alone the lines of command.Parameters.Add(new SqlParameter("Name", dogName)); but I don't know how I apply this to my code.
I'm doing this in an assignment using someone elses code (professors) but I want to edit it slightly because i'm going to be developping a login system etc.
Could someone take a look at that method and see how I would change it to pass the parameter to it. Also here is the full code behind : http://pastebin.com/sdrvW5Zn
Upvotes: 3
Views: 6677
Answers (5)
Reputation: 839
Use the the "SelectParameters"
sqlDS_ItemTable.SelectParameters.Clear();
sqlDS_ItemTable.SelectCommand = "Select tblOrders.OrderId, tblItem.ItemName, tblOrders.DateOrdered from tblItem, tblOrders where tblItem.ItemId = tblOrders.ItemId AND tblOrders.AuthId = @authID";
sqlDS_ItemTable.SelectParameters.Add("authID", SessionAuthID);
// sqlDS_ItemTable.SelectParameters.Add("stringParam", TypeCode.String, stringParam); //like so for string validation
Upvotes: 0
Reputation: 179
The string.format method suggested by TheGreatCO looks like it would work well for your current implementation where you pass the SQL query as a string.
Otherwise you could create a stored procedure from your SQL snippet and set that up to take parameter.
I am assuming that the sessionAuthId is an int.
CREATE PROCEDURE SP_SAMPLEPROCEDURENAME
(
@p1 int -- here the input parameter is declared
)
AS
BEGIN
Select
tblOrders.OrderId,
tblItem.ItemName,
tblOrders.DateOrdered
from tblItem, tblOrders
where tblItem.ItemId = tblOrders.ItemId
AND tblOrders.AuthId = @p1 -- here the input parameter is used
END
To call the stored proc from c# you need a method like this:
public YOURReturnObject PopulateGridView(int sessionid)
{
SqlConnection conn = new SqlConnection("YourDBConnectionString);
SqlCommand comm = new SqlCommand("SP_SAMPLEPROCEDURENAME", conn);
comm.CommandType = CommandType.StoredProcedure;
comm.Parameters.AddWithValue("@p1",sessionid);
YOURReturnObject o = new YOURReturnObject();
using (comm.Connection)
{
comm.Connection.Open();
while (reader.Read())
{
//read the results into return object
}
}
return o;
}
Upvotes: 0
Reputation: 475
String authId = SessionAuthID;//pass your session ID to the variable or directly you can pass this value as the parameter value:
string strSQL = "Select tblOrders.OrderId, tblItem.ItemName, tblOrders.DateOrdered from tblItem, tblOrders where tblItem.ItemId = tblOrders.ItemId AND tblOrders.AuthId = @ID";
SqlCommand cmdItem = new SqlCommand(strSQL, clsMain_Connection.openConn());
cmdItem.Parameters.AddWithValue("@ID", authId);
Upvotes: 0
Reputation: 25793
You can use the SelectParameters property to do a parameterized query.
sqlDS_ItemTable.SelectCommand = "Select tblOrders.OrderId, tblItem.ItemName, tblOrders.DateOrdered from tblItem, tblOrders where tblItem.ItemId = tblOrders.ItemId AND tblOrders.AuthId = @authID";
sqlDS_ItemTable.SelectParameters.Add(new SqlParameter("@authID", SessionAuthID));
Upvotes: 11
Reputation: 4923
Use string.Format() http://msdn.microsoft.com/en-us/library/system.string.format.aspx
Do something like:
sqlDS_ItemTable.SelectCommand = string.Format("Select tblOrders.OrderId, tblItem.ItemName, tblOrders.DateOrdered from tblItem, tblOrders where tblItem.ItemId = tblOrders.ItemId AND tblOrders.AuthId = {0}", SessionAuthId);
To answer your second question, you would change the signature of the method to include a parameter.
private void DataCall(string SessionAuthId)
{
// your method here...
}
Upvotes: -5
Related Questions
- How to pass dynamic value in SqlDataSource?
- How to pass a value into a SqlDataSource Query?
- Sending variables to sqldatasource
- SQLDatasource parameters
- How to use a custom Parameter with SqlDataSource
- Passing Parameters for SqlDataSource from code behind
- How to Pass parameter to SQlDataSource from gridview?
- Problem with sqldatasource when passing parameters
- Pass string parameter to SqlDataSource in asp.net
- Adding parameter to sqldatasource, How should i pass them to execute my stored procedure in asp.net