store procedure

Question

0.00/5 (No votes)

See more:

SQL

cmd = new SqlCommand("SELECT PrivillegesName, PrivillegesGroup from tblPrivilleges where PrivillegesID in ( " + privillege + " ) ", cn);
            SqlDataReader dr = cmd.ExecuteReader();

i want to write store procedure for this...my problem is that how to pass ( " + privillege + " ) as @ parameter

Posted 5-May-10 0:50am

tejasvee

Updated 5-May-10 1:04am

#realJSOP

v2

Add a Solution

4 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Answer 1 · 2010-05-05T01:08:00

First, the idea of a parameter is completely out of context here. You're passing a query string to your reader, so you have to build it BEFORE passing it to your reader.

Second, checking to see if a value is in a set requires that you specify the set. In your case, it means formatting a string in such a way as to allow the sql to execute, such as "1,2,3,4".

Lastly, you misspelled "privilege"...

Rod Kemp · Answer 2 · 2010-05-05T01:09:00

You add a parameter to the SqlCommand object like so;

cmd.Parameters.AddWithValue("@privillege", privillege);

also don't forget to change the SqlCommand.CommandType to stored procedure e.g.

cmd.CommandType = CommandType.StoredProcedure;

However in your case with the query as specified you can't use parameters as you are using IN as part of the WHERE clause you can't pass parameters for use in this case.

Pranay Rana · Answer 3 · 2010-05-05T01:26:00

pass "privillege" as varchar parameter and in your procedure use sp_executesql to execute statement

SQL

create proceudre getitems 
@privilleg varchar(max)
as 
begin


SET @SQLString = "SELECT *
    FROM table1
    WHERE  items in (@item)";


DECLARE @SQLString nvarchar(500);
DECLARE @ParmDefinition nvarchar(500);

SET @ParmDefinition = "@item varchar(max)";


EXECUTE sp_executesql
    @SQLString
    ,@ParmDefinition
    ,@item = @privilleg

end

dineshmehra1 · Answer 4 · 2010-05-05T19:58:00

u can pass this way the parameters to proc

SqlConnection con = new SqlConnection(conStr);
SqlCommand cmd = new SqlCommand("SP_SAVE_EMP", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@EMPCODE", code);
cmd.Parameters.AddWithValue("@NAME",name);
cmd.Parameters.AddWithValue("@AGE", age);
cmd.Parameters.AddWithValue("@DOB", name);
cmd.Parameters.AddWithValue("@EMAIL", email);
cmd.Parameters.AddWithValue("@IMAGE", image);
con.Open();
status = (int)cmd.ExecuteNonQuery();

store procedure

4 solutions

Solution 1

Solution 2

Solution 3

Solution 4

Add your solution here

Preview 0