0

Here is the code which is working for Insert - I just need help to convert it into Update with the values and the where clause syntax.

 ADODB.Command cmdInsert = new ADODB.Command();
 cmdInsert.ActiveConnection = conn;

 cmdInsert.CommandText = "INSERT INTO ExchangeTypes(MarketSelectionId) VALUES (?)";

 //Update statement to be modelled:
 //cmdUpdate.CommandText = "Update ExchangeTypes SET
 //LayOdds = '" & layOdds & "'" & ", 
 //Size='" & laySize & "' WHERE
 //MarketId='" & marketid & "'" and SelectionId='" & selectionid & "'"

 cmdInsert.CommandType = ADODB.CommandTypeEnum.adCmdText;

// Append the parameters 
ADODB.Parameter paramMS = cmdInsert.CreateParameter(
           "MarketSelectionId",                         // Parameter name 
           ADODB.DataTypeEnum.adVarChar,                // Parameter type (adVarChar) 
           ADODB.ParameterDirectionEnum.adParamInput,   // Parameter direction 
           200,                                         // Max size 
           umarketiduselectionid);                      // Parameter value 

           cmdInsert.Parameters.Append(paramMS);

           object nRecordsAffected = Type.Missing;
           object oParams = Type.Missing;
           cmdInsert.Execute(out nRecordsAffected, ref oParams,
           (int)ADODB.ExecuteOptionEnum.adExecuteNoRecords);
Improve this question
1
  • This looks like you're starting to build something that will be crazy-vulnerable to sql injection attacks. Commented Sep 16, 2016 at 22:18

2 Answers 2

Reset to default
1

ADODB is ancient and deprecated. It exists solely for backwards compatibility with old vb6-era code as you port it forward. It should NEVER be used for new code.

Try this using ADO.Net for your insert instead:

using (var conn As new SqlConnection("connection string here"))
using (var cmd As new SqlCommand("INSERT INTO ExchangeTypes(MarketSelectionId) VALUES (@MarketSelectionId)", conn)
{
    cmd.Parameters.Add("@MarketSelectionId", SqlDbType.VarChar, 200).Value = umarketiduselectionid;

    conn.Open();
    cmd.ExecuteNonQuery();
}

and then the UPDATE query would look like this:

using (var conn As new SqlConnection("connection string here"))
using (var cmd As new SqlCommand("Update ExchangeTypes SET LayOdds = @LayOdds, Size = @LaySize WHERE MarketId= @MarketId AND SelectionId = @SelectionID ", conn)
{
    //Guessing at your column types/lengths here
    cmd.Parameters.Add("@LayOdds", SqlDbType.VarChar, 200).Value = layOdds;
    cmd.Parameters.Add("@LaySize", SqlDbType.Int).Value = laySize;
    cmd.Parameters.Add("@MarketId", SqlDbType.Int).Value = marketid;
    cmd.Parameters.Add("@SelectionId", SqlDbType.Int).Value = selectionid;

    conn.Open();
    cmd.ExecuteNonQuery();
}
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank you very much indeed Joel. You can tell the last time I programmed was 15 years ago and not even then on these technologies. I will change my connection to ADO.Net further to your recommendation. Much appreciated.
What I am actually trying to do is to loop through a table and build up a JSON string with a list of ID's and after every 40 iterations send the JSON request and process the 40 JSON items returned using an update with a where clause with details contained in the 40 returned JSON requests. And repeat that every 40 records read. I know I need 2 queries - one is just a select distinct for the loop and the other an update where. Can you possibly provide the basic outline like you've done with the select - I'm getting syntax errors with your code. Hence using ADODB being more familiar.
You're likely missing some imports (ie: system.data, system.data.sqlclient).
1

You caan update your table as follow :

Syntax: MSDN

Update YourTable
Set Column = Value
Where Condition

cmdInsert.CommandText = "Update ExchangeTypes Set MarketSelectionId =  VALUE 
Where MarketSelectionId = '?' ";
Improve this answer

1 Comment

Thank you Sami. I got it working which is a great step forward. However looks like my inexperience in choice of connection has been exposed and i need to change to more modern options.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.