c# - Stored procedure is failing when one of the values contains specials characters -
i have problem special character. because when there ' character code fail. how can make work special characters using stored procedure below.
internal bool addrecord() { string sql = "exec sqlinsert "; sql += "'" + _sqlcomputer + "', "; sql += "'" + _lastupdatedby + "', "; sql += "'" + datetime.now + "', "; sql += "'" + _softwarename + "' "; return sqldatabase.overig(sql); }
like this
sqlcommand cmd = new sqlcommand("sqlinsert", sqlcon); cmd.commandtype = commandtype.storedprocedure; cmd.parameters.add("@param1", sqldbtype.varchar, 25).value = _sqlcomputer ; cmd.parameters.add("@param2", sqldbtype.varchar, 50).value = _lastupdatedby ; cmd.parameters.add("@param3", sqldbtype.datetime).value = datetime.now cmd.parameters.add("@param4", sqldbtype.varchar,50).value = _softwarename ; sqlcon.open(); sqldatareader dr = cmd.executereader(); datatable dt = new datatable(); dt.load(dr); sqlcon.close(); dr.dispose(); cmd.dispose(); edit per requirement
instead of passing values like
sqldatabase.overig(sql); do this
sqldatabase.overig(_sqlcomputer,_lastupdatedby,datetime.now,_softwarename); and make changes in overig method like
overig(string sqlcom, string updatedby, datetime dat, string software) { sqlcommand cmd = new sqlcommand("sqlinsert", sqlcon); cmd.commandtype = commandtype.storedprocedure; cmd.parameters.add("@param1", sqldbtype.varchar, 25).value = sqlcom; cmd.parameters.add("@param2", sqldbtype.varchar, 50).value = updatedby; cmd.parameters.add("@param3", sqldbtype.datetime).value = dat cmd.parameters.add("@param4", sqldbtype.varchar,50).value = software; sqlcon.open(); sqldatareader dr = cmd.executereader(); datatable dt = new datatable(); dt.load(dr); sqlcon.close(); dr.dispose(); cmd.dispose(); }
Comments
Post a Comment