new to vb - is this code ok ? - retrieving ID from SQL stored procedure

L

luna_s

i've been playing with this code to return an ID on an insert - it seems a
little dirty/hacky to me

stored proc goes something like this (ive stripped out uneccesary sql code -
the proc works fine) :-

CREATE PROCEDURE uipersonal

declare all the variables here

AS

IF EXISTS (SELECT * database WHERE id=@mainid)

UPDATE

ELSE

INSERT

SELECT SCOPE_IDENTITY()

GO

thats basically the stored proc


my vb code is something like :-

Private Sub putdatain()

mainid = TextBox1.Text.ToString
If mainid = "" Then mainid = "0"

Dim conn As New System.Data.SqlClient.SqlConnection(SQLstrConn)
Dim sql As String = "uipersonal '" all the variables i send
Dim Cmd As New System.Data.SqlClient.SqlCommand(sql, conn)
Dim objDR As System.Data.SqlClient.SqlDataReader

conn.Open()

If mainid = "0" Then
TextBox1.Text = Cmd.ExecuteScalar
ElseIf mainid > "0" Then
objDR =
Cmd.ExecuteReader(System.Data.CommandBehavior.CloseConnection)
End If

conn.Close()

End Sub

this works ok but seems a little messy - and i was wondering if this method
would cause issues in the future
(atm its just test code to play around)

thanks

mark
 
L

luna_s

Cor Ligthert said:
Luna,

Somewhere I miss in your code the setting of the parameter
<>

http://msdn.microsoft.com/library/d...tasqlclientsqlcommandclassparameterstopic.asp
Click to expand...
Dim conn As New System.Data.SqlClient.SqlConnection(SQLstrConn)

sqlstrconn is a variable that just contains a standard connection string
As well do I miss where you tell that the command is a stored procedure
Click to expand...
Dim sql As String = "uipersonal '"
is the stored procedure (i missed out all the variables as theres a few)
http://msdn.microsoft.com/library/d...asqlclientsqlcommandclasscommandtypetopic.asp

<>

I hope this helps?

Cor
Click to expand...

the code itself works fine - i just wasnt sure if it was good code or not -
seems a bit hacky to get the new @@identity out of the stored procedure -
just wondered if i was doing it right!

mark
 
C

Cor Ligthert

Luna,

As usual do I not give answers on security. When you don't use integrated
security, than it i thought that it was the next step as you do it. (I wrote
thought).

However for this I would not only rely for answers for this in this
newsgroup, however on more answers in the newsgroups

microsoft.public.dotnet.framework.adonet
microsoft.public.dotnet.security

I hope that it helps anyway something

Cor
 
N

Nick Malik [Microsoft]

Yes, this works, although I don't know if you need to create the reader for
the update condition. You could, as easily, use ExecuteNonQuery and check
to make sure that you updated one record.

These days, whenever I can, I avoid using identity columns because of
problems like this. I use GUIDs instead that are generated in the
application. (e.g. if the app is creating a new record, the app calls
Guid.NewGuid to create a new Guid and passes that in. The proc still needs
to look for update vs insert, but it never needs to return the new key
value, because the app already has it.

Anyway, your code looks fine.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
 
L

luna_s

Nick Malik said:
Yes, this works, although I don't know if you need to create the reader for
the update condition. You could, as easily, use ExecuteNonQuery and check
to make sure that you updated one record.

These days, whenever I can, I avoid using identity columns because of
problems like this. I use GUIDs instead that are generated in the
application. (e.g. if the app is creating a new record, the app calls
Guid.NewGuid to create a new Guid and passes that in. The proc still needs
to look for update vs insert, but it never needs to return the new key
value, because the app already has it.

Anyway, your code looks fine.
Click to expand...

thanks for easing my mind !, ill look into the guid thing,


mark
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Error converting data type varchar to numeric - stored procedures 1
Get Return value from SQL Stored Procedure. 2
need help populating text boxes with data from sql 3
update / insert button 1
datagridview not populating from stored procedure 1
retrieving a single piece of data from a dataset 1
need some guidance for Record Not Found 3
stored procedure times out after 10 minutes 2

Top