How to Implement Store Procedure in Asp.net

How to Implement Store Procedure in Asp.net

In Previous post,I told how to make Store Procedure so in this post we will study how to implement it

Store Procedure Click this link to know how to make Store Procedure

# Implementing Stored Procedure

File> new> new project>visual c#>asp.net > empty

* Open Web.config

Add connection String

<configuration>   <connectionStrings>     <add name = "cn" connectionString="server=DESKTOP-I3R20OL\SQLEXPRESS; database=dbemployee; integrated security=true"/>   </connectionStrings>

Add webform and click on design

Double click on webform

using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Data; using System.Data.SqlClient; using System.Configuration; namespace WebApplication5 {     public partial class WebForm1 : System.Web.UI.Page     {         SqlConnection con = new SqlConnection();         protected void Page_Load(object sender, EventArgs e)         {             con.ConnectionString = ConfigurationManager.ConnectionStrings["cn"].ConnectionString;             if (con.State==ConnectionState.Closed)             {                 con.Open();             }

# How to read connection string and assign sql connection

{             con.ConnectionString = ConfigurationManager.ConnectionStrings["cn"].ConnectionString;             if (con.State==ConnectionState.Closed)             {                 con.Open();             }

ConfigurationManager = class to read data from web.config

ConnectionState.Closed = ConnectionState is enumeration and closed is used if connection is closed then open it

#Double Click Save

protected void Button1_Click(object sender, EventArgs e)         {             SqlCommand cmd = new SqlCommand();             cmd.CommandText = "insemp";             cmd.CommandType = CommandType.StoredProcedure;             cmd.Connection = con;             cmd.Parameters.Add("@eno", SqlDbType.Int).Value = Convert.ToInt32(TextBox1.Text);             cmd.Parameters.Add("@en", SqlDbType.VarChar, 50).Value = TextBox2.Text;             cmd.Parameters.Add("@ed", SqlDbType.VarChar, 50).Value = TextBox3.Text;             cmd.Parameters.Add("@es", SqlDbType.Int).Value = Convert.ToInt32(TextBox4.Text);             cmd.ExecuteNonQuery();             cmd.Dispose();             Clear_Rec();         }         private void Clear_Rec()         {             TextBox1.Text = String.Empty;             TextBox2.Text = String.Empty;             TextBox3.Text = String.Empty;             TextBox4.Text = String.Empty;             TextBox1.Focus();         }     }

# Display button

protected void Button4_Click(object sender, EventArgs e)         {             SqlCommand cmd = Disp_Rec();             cmd.Dispose();         }         private SqlCommand Disp_Rec()         {             SqlCommand cmd = new SqlCommand();             cmd.CommandText = "dispemp";             cmd.CommandType = CommandType.StoredProcedure;             cmd.Connection = con;             SqlDataReader dr = cmd.ExecuteReader();             ListBox1.DataTextField = "ename";             ListBox1.DataValueField = "empno";             ListBox1.DataSource = dr;             ListBox1.DataBind();             dr.Close();             return cmd;         }     } }

ExecuteReader(); - To store reference

ListBox1.DataTextField = "ename";- To display

ListBox1.DataValueField = "empno"; - To use internally but not displaying

Dr.read(); - Skip 1st record because its forward approach and when used 2 times it skips 2 record.

# In Page load event

protected void Page_Load(object sender, EventArgs e)         {             con.ConnectionString = ConfigurationManager.ConnectionStrings["cn"].ConnectionString;             if (con.State==ConnectionState.Closed)             {                 con.Open();             }             if (Page.IsPostBack==false)             {                 Disp_Rec();             }

# Double Click on Save button

Add Disp_Rec();

# To retrieve data by clicking in Name in Listbox

Click in Listbox> enable autopostback

Double click on listbox

protected void ListBox1_SelectedIndexChanged(object sender, EventArgs e)         {             SqlCommand cmd = new SqlCommand();             cmd.CommandText = "findemp";             cmd.CommandType = CommandType.StoredProcedure;             cmd.Connection = con;             cmd.Parameters.Add("@eno", SqlDbType.Int).Value = Convert.ToInt32(ListBox1.SelectedValue);             SqlDataReader dr = cmd.ExecuteReader();             if (dr.HasRows)             {                 dr.Read();                 TextBox1.Text = dr[0].ToString();                 TextBox2.Text = dr[1].ToString();                 TextBox3.Text = dr[2].ToString();                 TextBox4.Text = dr[3].ToString();             }             dr.Close();             cmd.Dispose();         }

We can use empno, ename in place of of 0,1 also(column no)

# For update

protected void Button2_Click(object sender, EventArgs e)         {             SqlCommand cmd = new SqlCommand();             cmd.CommandText = "updemp";             cmd.CommandType = CommandType.StoredProcedure;             cmd.Connection = con;             cmd.Parameters.Add("@eno", SqlDbType.Int).Value = Convert.ToInt32(TextBox1.Text);             cmd.Parameters.Add("@en", SqlDbType.VarChar, 50).Value = TextBox2.Text;             cmd.Parameters.Add("@ed", SqlDbType.VarChar, 50).Value = TextBox3.Text;             cmd.Parameters.Add("@es", SqlDbType.Int).Value = Convert.ToInt32(TextBox4.Text);             cmd.ExecuteNonQuery();             cmd.Dispose();             Clear_Rec();             Disp_Rec();         }

# For Delete

protected void Button3_Click(object sender, EventArgs e)         {             SqlCommand cmd = new SqlCommand();             cmd.CommandText = "delemp";             cmd.CommandType = CommandType.StoredProcedure;             cmd.Connection = con;             cmd.Parameters.Add("@eno", SqlDbType.Int).Value = Convert.ToInt32(TextBox1.Text);             cmd.ExecuteNonQuery();             cmd.Dispose();             Clear_Rec();             Disp_Rec();

How to Make Store Procedure for Save,Update,Delete, Cancel and Login Check

Store Procedure for Save,Update,Delete, Cancel and Login Check

This article explains why we should use store procedure and how to make store procedure

 # Stored procedure

-  Compiled object(bcoz object is compiled before therefore better performance)

-         To store in database (stored in db) less traffic for network

-         To execute in database (stored in db)

-         The stored procedure which is first time complied , it will come in SQl execution plan means sql cache memory (fastest memory)

-         Stored procedure are secure in comparison to inline query because sql injection doesnot apply on it.

-         Sql injection is a hacking technique which can be applied on inline query

# Types of Stored Procedure

1. User defined  Stored Procedure

2. System defined Stored Procedure

3. Extender defined Stored Procedure

# User defined  Stored Procedure – The stored procedure which are made by user.

Its types –

·        T-Sql Stored procedure

·        Clr Stored Procedure

* T-Sql Stored procedure – (Transect)group of sql statement which does not know array, object,connection etc

* Clr Stored procedure – sql+ clr classes

# System defined Stored Procedure – made by inbuilt ms stored procedure. Ex – sp_namedb, sp_helpconstraint, sp_addlogin

# Extended Stored procedure – To access the external component. Ex – in stored procedure we have to access calculator, notepad etc

# T- sql stored procedure

* Can stored procedure be nested

-Yes

* Upto what level

- Nesting can be done up to 31 level

# Stored procedure v/s Function

-         In backend both stored procedure and function returns the value

-         Stored procedures only returns the integer value

-         Function returns different type of data (varchar, string, integer)

-         We can use functions in queries in expressions

-         But we cannot use stored procedure in queries and expression

 
# How to create T- SQL Stored Procedure

Click on view> server explorer

Select your database > Tables>employee

Right click on Stored procedure > Add new stored procedure

# To save

CREATE PROCEDURE insemp       @eno int,       @en varchar(50),       @ed varchar(50),       @es int AS       insert employee values (@eno,@en,@ed,@es)

Click on update > update database

Insemp is stored procedure name

#Types of parameter

1. Input – to pass value

2. Output – to return value

3. InputOutput – parameter which can pass and return value

# By default size of varchar if not mentioned is 1

# For Update

CREATE PROCEDURE updemp       @eno int,       @en varchar(50),       @ed varchar(50),       @es int AS       update employee set ename=@en,eadd=@ed,esal=@es where empno=@eno

# For delete

CREATE PROCEDURE delemp       @eno int AS       delete from employee where empno=@eno

# For display

CREATE PROCEDURE dispemp       AS       select * from employee

 # For Find

CREATE PROCEDURE findemp       @eno int AS       select * from employee where empno=@eno

# Hacking

Make new table

Click on update> update database

Now click on server Explorer > stored procedure> add new stored procedure

CREATE PROCEDURE LoginCheck       @un varchar(50),       @up varchar(50) AS       declare @ap varchar(50)       select @ap=upass from tbuser where uname=@un       if @ap is null       return -1       else       if @ap=@up       return 1       else       return -2

       if @ap is null

      return -1            user name is wrong

      else

      if @ap=@up

      return 1             exact password

      else

      return -2            password wrong