Reputation: 12560
Insert Parameterized Query ASP.NET MS SQL
Here is my SQLCommand object:
oCommand.CommandText =
"INSERT INTO hits (id,client_id,client_ip,page,vars) VALUES _
(@@IDENTITY,@client_id,@ip,@page,@vars)"
oCommand.Parameters.Count = 4
>> oCommand.Parameters.Item(0).ParameterName = "@client_id"
>> oCommand.Parameters.Item(0).Value = "123456"
>> oCommand.Parameters.Item(1).ParameterName = "@ip"
>> oCommand.Parameters.Item(1).Value = "127.0.0.1"
>> oCommand.Parameters.Item(2).ParameterName = "@page"
>> oCommand.Parameters.Item(2).Value = "default.aspx"
>> oCommand.Parameters.Item(3).ParameterName = "@vars"
>> oCommand.Parameters.Item(3).Value = Nothing
This is the error I get:
"The parameterized query '(@ip nvarchar(9),@client_id nvarchar(4000),@page nvarchar(12),@v' expects the parameter '@client_id', which was not supplied."
And here are the functions:
Public Shared Function insertIntoHitTable(ByVal oData As gsTrack) As Boolean
Dim oObj As New List(Of Object())
oObj.Add(New Object() {"@client_id", cV(oData.ClientID)})
oObj.Add(New Object() {"@ip", cV(oData.IP)})
oObj.Add(New Object() {"@page", cV(oData.Page)})
oObj.Add(New Object() {"@vars", oData.Vars})
Dim oCommand As SqlCommand = InsertIntoHitTableSQL(oObj)
oCommand.Connection.Open()
oCommand.ExecuteNonQuery()
oCommand.Connection.Close()
End Function
Public Shared Function createSQLCommand(ByVal oCmdTxt As String, ByVal oParams As List(Of Object())) As SqlCommand
Dim oCommand As SqlCommand = Nothing
Dim oBuilder As New StringBuilder
Dim oParam As SqlParameter
oCommand = New SqlCommand(oCmdTxt, New SqlConnection(csString))
Try
For i As Integer = 0 To oParams.Count - 1
oParam = New SqlParameter
oParam.ParameterName = oParams(i)(0)
oParam.Value = oParams(i)(1)
oCommand.Parameters.Add(oParam)
oParam = Nothing
Next
Return oCommand
Catch ex As Exception
Return Nothing
End Try
End Function
Any pointers on how to resolve this parametrized query error? thanks!
EDIT
I should note that cV() just a scrubbing function, it checks to see if the passed variable is nothing.
Upvotes: 1
Views: 7414
Answers (3)
Reputation: 96552
You should NEVER use @@identity. If the column is an identity, simply do not specify it in the values list. If you are using it anywhere to get the value you just inserted, then use scope_identity() instead unless you like data integrity problems.
Upvotes: 0
Reputation: 29725
I believe the parameter count and index is getting slightly offset since you specify @@IDENTIDY in the insert statement. I typically follow the following syntax when doing a parameterized query:
oCommand = New SqlCommand("INSERT INTO hits (id,client_id,client_ip,page,vars) VALUES (@@IDENTITY,@client_id,@ip,@page,@vars)", CONNECTION OBJECT)
oCommand.CommandType = CommandType.StoredProcedure
oCommand.Parameters.Add("@client_id", SqlDbType.Integer, 10)
oCommand.Parameters("@client_id").Direction = ParameterDirection.Input
oCommand.Parameters("@client_id").Value = cV(oData.ClientID)
oCommand.Parameters.Add("@ip", SqlDbType.VarChar, 15)
oCommand.Parameters("@ip").Direction = ParameterDirection.Input
oCommand.Parameters("@ip").Value = cV(oData.IP)
oCommand.Connection.Open()
oCommand.ExecuteNonQuery()
oCommand.Connection.Close()
...and you can see how the rest would follow for the rest of your parameters.
Upvotes: 3
Reputation: 25197
In the CV function are you checking to see if the value is null? One of the sites I see documents that you need to pass a value of DBNull.value instead of null.
Upvotes: 1
Related Questions
- Insert Query in C# using Parameters
- Adding value to parameter in C# (asp.net) to be saved in SQL Server
- How to use value from SQL Server in C#
- Passing values from variables to Insert query in C#, ASP.NET for SQL Server database
- SQL server: insert into using select and other parameter
- Inserting Into a table using Parameters
- How to use a INSERT INTO SQL Query with Dynamic parameters in C#?
- SQL Server Insert query
- passing parameters to insert query
- Inserting Parameters, C#, T-Sql