John Queen

John Queen

  • NA
  • 73
  • 685

Using parameters and textbox input for new record entry::: c# and sql

Oct 17 2021 4:39 PM

I have seen several questions about parameters and text boxes fo input.. Try this, it works for me  !!!! Using visual studio sqlserver and visual basic also in c# with minor 

Syntax adjustments ::old fashioned, but works !!!!!!!

Private Sub btnSave_Click(sender As Object, e As EventArgs) Handles btnSave.Click
'//
Dim conStr As String = ""
conStr = ("SERVER = JXQ\EXPSQL; Data Source= JXQ\EXPSQL;Initial Catalog = myDebts; Integrated Security = true")
'//
Dim cnn As SqlClient.SqlConnection
cnn = New SqlClient.SqlConnection(conStr)
'//
Dim insStr As String = ""
insStr = ("USE myDebts;INSERT INTO myDebtors(Accts,AcctNum,AcctAmtDue,AcctDateDue,AcctID,AcctPwd,AcctCurr,AcctTele) Values (@Accts,@AcctNum,@AcctAmtDue,@AcctDateDue,@AcctID,@AcctPwd,@AcctCurr,@AcctTele)")
'//
Dim cmd As SqlClient.SqlCommand
cmd = New SqlClient.SqlCommand(conStr, cnn)
cmd.CommandType = CommandType.Text
cmd.CommandText = insStr
cmd.Connection = cnn
'//
cnn.Open()
'//
Dim Param0 As SqlClient.SqlParameter
Param0 = New SqlClient.SqlParameter()
Param0.SqlDbType = SqlDbType.NChar
Param0.ParameterName = "@Accts"
Param0.Value = TextBoxAcct.Text
cmd.Parameters.Add(Param0) '//ok
'//
Dim Param1 As SqlClient.SqlParameter
Param1 = New SqlClient.SqlParameter()
Param1.SqlDbType = SqlDbType.NChar
Param1.ParameterName = "@AcctNum"
Param1.Value = TextBoxAcctNum.Text
cmd.Parameters.Add(Param1) '//ok
'//
Dim Param2 As SqlClient.SqlParameter
Param2 = New SqlClient.SqlParameter()
Param2.SqlDbType = SqlDbType.NChar
Param2.ParameterName = "@AcctAmtDue"
Param2.Value = TextBoxAcctAmtDue.Text
cmd.Parameters.Add(Param2) '//ok
'//
Dim Param3 As SqlClient.SqlParameter
Param3 = New SqlClient.SqlParameter()
Param3.SqlDbType = SqlDbType.NChar
Param3.ParameterName = "@AcctDateDue"
Param3.Value = TextBoxAcctDateDue.Text
cmd.Parameters.Add(Param3) '//ok
'//
Dim Param4 As SqlClient.SqlParameter
Param4 = New SqlClient.SqlParameter()
Param4.SqlDbType = SqlDbType.NChar
Param4.ParameterName = "@AcctID"
Param4.Value = TextBoxAcctID.Text
cmd.Parameters.Add(Param4) '//ok
'//
Dim Param5 As SqlClient.SqlParameter
Param5 = New SqlClient.SqlParameter()
Param5.SqlDbType = SqlDbType.NChar
Param5.ParameterName = "@AcctPwd"
Param5.Value = TextBoxAcctPwd.Text
cmd.Parameters.Add(Param5) '//ok
'//
Dim Param6 As SqlClient.SqlParameter
Param6 = New SqlClient.SqlParameter()
Param6.SqlDbType = SqlDbType.NChar
Param6.ParameterName = "@AcctCurr"
Param6.Value = TextBoxAcctPwd.Text
cmd.Parameters.Add(Param6)
'//
Dim Param7 As SqlClient.SqlParameter
Param7 = New SqlClient.SqlParameter()
Param7.SqlDbType = SqlDbType.NChar
Param7.ParameterName = "@AcctTele"
Param7.Value = TextBoxAcctTele.Text
cmd.Parameters.Add(Param7)
'//
cmd.ExecuteNonQuery()
'//


Answers (2)