Click here to Skip to main content
15,508,577 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
in my application am insert a new a record to my table without using sp
can any one tell me coding .....thanks in advance
Posted
Comments
AmitGajjar 27-Aug-12 22:09pm    
why you don't want to use SP? any specific reason ?
mahesh202 28-Aug-12 0:20am    
no reason
AmitGajjar 28-Aug-12 0:22am    
if you have not added validation in your project for insert query then sql injection could be possible.using Stored procedure prevents sql injection.
Swinkaran 27-Aug-12 22:50pm    
Do you want to insert the record to database -> table and then refresh & display in gridview. Am I correct?

1 solution

hello friend you can use this methods for SELECT/INSERT/UPDATE/DELETE



C#
//Basic SELECT method to populate a DataSet from a SqlDataAdapter
SqlConnection sqlConn = new SqlConnection(connection string here);
SqlDataAdapter sqlAdapt = new SqlDataAdapter(@"SELECT * FROM tableName WHERE conditionColumn='False'", sqlConn);
SqlCommandBuilder sqlCmdBuilder = new SqlCommandBuilder(sqlAdapt);
DataSet sqlSet = new DataSet();
feedbackAdapt.Fill(sqlSet, "dataSetTableName");
feedbackConn.Close();


//Basic INSERT method with Parameters
SqlConnection sqlConn = new SqlConnection(connection string here);
SqlCommand sqlComm = new SqlCommand();
sqlComm = sqlConn.CreateCommand();
sqlComm.CommandText = @"INSERT INTO tableName (paramColum) VALUES (@paramName)";
sqlComm.Parameters.Add("@paramName", SqlDbType.VarChar);
sqlComm.Parameters["@paramName"].Value = paramSource;
sqlConn.Open();
sqlComm.ExecuteNonQuery();
sqlConn.Close();


//Basic UPDATE method with Parameters
SqlConnection sqlConn = new SqlConnection(connection string here);
SqlCommand sqlComm = new SqlCommand();
sqlComm = sqlConn.CreateCommand();
sqlComm.CommandText = @"UPDATE tableName SET paramColumn='@paramName' WHERE conditionColumn='@conditionName'";
sqlComm.Parameters.Add("@paramName", SqlDbType.VarChar);
sqlComm.Parameters["@paramName"].Value = paramSource;
sqlComm.Parameters.Add("@conditionName", SqlDbType.VarChar);
sqlComm.Parameters["@conditionName"].Value = conditionSource;
sqlConn.Open();
sqlComm.ExecuteNonQuery();
sqlConn.Close();


//Basic DELETE method with Parameters
SqlConnection sqlConn = new SqlConnection(connection string here);
SqlCommand sqlComm = new SqlCommand();
sqlComm = sqlConn.CreateCommand();
sqlComm.CommandText = @"DELETE FROM tableName WHERE conditionColumn='@conditionName'";
sqlComm.Parameters.Add("@conditionName", SqlDbType.VarChar);
sqlComm.Parameters["@conditionName"].Value = conditionSource;
sqlConn.Open();
sqlComm.ExecuteNonQuery();
sqlConn.Close();



you can write your code using this basic methods for database handling.
 
Share this answer
 
Comments
RevathySanthanam 6-May-15 9:14am    
HI,
when i use the above code, I get an error saying: The name 'paramSource' does not exist in the current context.! could you please help me why that's the case?
Thank you.
Tejas Vaishnav 7-May-15 1:13am    
Hi, "paramSource" source is variable holding value to insert or update or anything... this code is just sample to under stand how you can write code for insert/update/delete and select using ado.net. You need to modify this code according to your application and logic. There will be @ParamName or @Codition is also there it's just used to demonstrate that you can send paramter value and also set condition in your sql query.

Finally you need to set all your logic using this sample code

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900