Netframwork 2.0 (phần 7) doc

Lesson 2: Working with Parameters in SQL Commands 275 The following code creates an Output parameter: Adding Parameters to Command Objects Command objects have a Parameters property th

Trang 1

Lesson 2: Working with Parameters in SQL Commands 275

The following code creates an Output parameter:

Adding Parameters to Command Objects

Command objects have a Parameters property that represents a collection of parame

ters for that command (for example, the SqlParameter.Parameters property) After you create a parameter, you must add it to the Parameters collection of the Command object

that will execute the SQL statement or stored procedure that uses the parameter

The following code illustrates how to add a parameter to a Command object (assuming the GetCostCommand already exists):

' VB

GetCostCommand.Parameters.Add(TotalCostParameter)

// C#

GetCostCommand.Parameters.Add(TotalCostParameter);

Lab: Working with Parameters

In this lab you practice using parameters in Command objects You will pass parame

ters to stored procedures as well as SQL statements

� Exercise 1: Creating and Executing a Parameterized SQL Statement

For this exercise, create a form that executes a parameterized query by allowing the user to enter a value into a TextBox that will be passed to the database as the parameter in a query

1 Create a new Windows application and name it ParameterizedQueries

2 Add a TextBox to the form and set the following properties:

Trang 2

4 Add a button and set the following properties Now, the form should resemble

Figure 6-3:

❑ Name = ExecuteSqlButton

❑ Text = Execute SQL

Figure 6-3 Form with controls in preparation for executing the parameterized SQL statement

5 Double-click the Execute SQL button to create the button-click event handler

and switch the form to code view

6 Add references to the System.Data and System.Data.SqlClient namespaces

7 Add code to create a connection on the form

At this point, your form code should look like the following (substitute a valid

connection string for the NorthwindConnection):

' VB

Private Sub ExecuteSqlButton_Click _ (ByVal sender As System.Object, ByVal e As System.EventArgs) _ Handles ExecuteSqlButton.Click

End Sub End Class

// C#

Trang 3

8 Add the following code to the ExecuteSqlButton_Click method to create a new

command object and set it to the parameterized query:

' VB

// C#

"FROM Customers " + "WHERE City = @City";

Trang 4

9 Add the following code below the previous code (but still within the event han

dler) to create the parameter and assign it to the command:

' VB

// C#

10 Now add the following code that will set the value of the parameter to whatever

is typed into the text box, set the code to run the query, and display the results

in the ResultsTextBox (Add this code below the previously added code but continue to keep it within the event handler.)

' VB

' Create a StringBuilder to store the results of the query

Dim results As New System.Text.StringBuilder

' You must open the connection before executing the command

CustomersByCityCommand.Connection.Open()

Trang 5

11 Run the application and click the Execute SQL button As shown in Figure 6-4,

the application displays the command results

Trang 6

Figure 6-4 Form displaying data after executing the parameterized SQL statement

12 Type Madrid and rerun the query (click the Execute SQL button)

13 Verify that the results show only customers from the City value passed in to the

parameter

� Exercise 2: Creating and Executing a Parameterized Stored Procedure

1 Create a new Windows application and name it ParameterizedStoredProcedure

Trang 7

Figure 6-5 Form with controls in preparation for executing the parameterized stored procedure

6 Double-click the Execute Stored Procedure button to create the button-click event

handler and switch the form to code view

' VB

// C#

Trang 8

using System.Data.SqlClient;

namespace ParameterizedStoredProcedureCS

InitializeComponent();

} private SqlConnection NorthwindConnection = new SqlConnection ("Data Source=<ValidServerName>;Initial Catalog=Northwind;" + "Integrated Security=True");

private void ExecuteStoredProcedureButton_Click(object sender, EventArgs e) {

9 Add the following code to the ExecuteStoredProcedureButton_Click method to cre

ate a new Command object and set it to the SalesByCategory stored procedure:

' VB

// C#

10 This stored procedure takes two parameters, so add the following code below

the previous code to create the parameters and assign them to the command:

' VB

Trang 9

// C#

11 Now add the code that will set the value of the parameters to whatever is typed

into the two text boxes, set the code to run the query, and display the results in the ResultsTextBox

' VB

End While

Trang 10

ResultsTextBox.Text = results.ToString

// C#

// Create a StringBuilder to store the results of the query

System.Text.StringBuilder results = new System.Text.StringBuilder();

// Assign the results of the SQL statement to a data reader

SqlDataReader reader = SalesByCategoryCommand.ExecuteReader();

Trang 11

13 Now try typing another category name and executing the stored procedure, ver

ifying that the results are now displaying a list of products from the selected category (For example, type Condiments, Seafood, or Produce.)

� Exercise 3: Using InputOutput and Output Parameters

1 Create a new Windows application and name it InputOutputParameters

❑ Name = OrderIDTextBox

❑ Text = 10250

3 Add a second TextBox and set its Name property to FreightCostTextBox

4 Add a button and set the following properties:

❑ Name = GetFreightCostButton

❑ Text = Get Freight Cost

Below the button, add a second set of controls

5 Add a TextBox and set the following properties:

❑ Name = CompanyNameTextBox

❑ Text = Alfreds Futterkiste

6 Add another TextBox and set its Name property to ContactNameTextBox

7 Add a button and set the following properties The form should now resemble

Figure 6-7:

❑ Name = GetContactNameButton

❑ Text = Get Contact Name

Figure 6-7 Form with controls in preparation for demonstrating InputOutput parameters

8 Double-click the Get Freight Cost button to create an event handler

Trang 12

' VB

Public Class Form1

Private NorthwindConnection As New SqlConnection _ ("Data Source=<ValidServerName>;Initial Catalog=Northwind;Integrated Security=True")

Private Sub GetFreightCostButton_Click _ (ByVal sender As System.Object, ByVal e As System.EventArgs) _ Handles GetFreightCostButton.Click

// C#

namespace InputOutputParametersCS

private SqlConnection NorthwindConnection = new SqlConnection ("Data Source=<ValidServerName>;Initial Catalog=Northwind;" + "Integrated Security=True");

private void GetFreightCostButton_Click(object sender, EventArgs e) {

Trang 13

11 Add the following code to the GetFreightCostButton event handler:

' VB

// C#

Trang 14

12 Run the application and click the Get Freight Cost button

The Freight Cost TextBox displays 65.83, the cost of freight for order number

10250 Type other valid OrderID numbers into the Order Id TextBox and run the stored procedure to verify that the output parameter contains the correct freight cost for those orders

Now that you’ve seen how to use output parameters that return data from the database, let’s implement the Get Contact name functionality and see how to use

InputOutput parameters to both send data into the database as well as return

data from the database

13 Double-click the GetContactName button to create an event handler

14 Add the following code to the GetContactName handler:

' Create the InputOutput parameter to send and receive data

Dim NameParameter As New SqlParameter

NameParameter.Direction = ParameterDirection.InputOutput

' Add the parameters to the Commmand object

Trang 15

15 Run the application and click the Get Contact Name button

The Contact name TextBox displays the contact name record for Alfreds Futterkiste, Maria Anders Type other valid company names from the Customers table and the Contact name TextBox will display their contacts

Lesson Summary

■ Command objects contain collections of Parameter objects that move data back

and forth between the application and the database

■ Parameters can be Input parameters, Output parameters, or Input/Output

parameters

Trang 16

■ Parameters are assigned data types consistent with the database data types (as opposed to the NET Framework data types)

■ To facilitate passing user input to a SQL statement using parameters, a parameter can be assigned the value in a control at run time, such as a TextBox

Lesson Review

The following questions are intended to reinforce key information presented in this lesson The questions are also available on the companion CD if you prefer to review them in electronic form

NOTE Answers

Answers to these questions and explanations of why each choice is correct or incorrect are located

in the “Answers” section at the end of the book

1 When would you typically use an Input parameter? (Choose all that apply.)

A When the parameter value is created based on user input

B When the parameter is used to send data from the application to the database

C When the command is set to execute a statement with a Where clause

D When the parameter value is passed to an Insert statement

2 Where are the three primary kinds of parameters?

A Input, Integer, String

B Integer, String, DateTime

C int, varchar, nvarchar

D Input, Output, InputOutput

3 How do you determine the actual SQL datatype of a SqlParameter (the type

expected by the SQL Server)?

A It is the NET Framework data type in your application that the parameter

represents

B It is the type of column or data in SQL Server that the command expects

C It is the type of column in a DataTable that it represents

D It is any type defined in the SqlDbDataType enumeration

Trang 17

Lesson 3: Saving and Retrieving BLOB Values in a Database 291

Lesson 3: Saving and Retrieving BLOB Values in a

Database

This lesson describes how to work with BLOBs (binary large objects) using Command

objects BLOBs in a database are more complex than simple strings containing names and addresses or numeric values containing integers or money values BLOBs are things like graphics and photos, documents saved in binary formats, and even complete assemblies or executables that you want to store in a database Unlike running queries or stored procedures that return “simple” data types, working with binary objects is a little more complex

After this lesson, you will be able to:

■ Obtain BLOB values from a database using a DataReader object

Estimated lesson time: 45 minutes

Working with BLOBs

Saving and fetching binary data presents interesting problems that are typically not encountered when querying standard rows of data The problems arise because you will probably not want to move the entire BLOB in one piece but will likely need to break it up into smaller portions For example, consider having to move a large binary that is several megabytes in size Loading the entire BLOB into a variable consumes a lot of memory and can seriously affect the performance of your application Having to work with a table of these BLOBs, you can quickly see the dilemma

The good thing is that the NET Framework provides classes that are specifically designed for moving large amounts of binary data Specifically, access to these

classes—for example, the BinaryReader and BinaryWriter classes, the FileStream and

MemoryStream classes, and so on—is enabled in the System.IO namespace Although

this lesson does not use all the available stream objects, it should provide enough of

a starting point to understand the basics of saving and fetching binary data from a database

BLOBs and the DataReader

In previous lessons, you have seen that the main ADO.NET object for accessing

retrieved data is the DataReader Although the DataReader provides an easy model for

working with records where the number of columns and layout of the data are known,

Trang 18

(meaning you have been able to easily iterate through the reader and display the data),

it also provides a means for returning BLOB data By setting its CommandBehavior to

SequentialAccess, you can then call the GetBytes method, which allows you to read the

data in smaller, user-definable amounts The bytes that make up a BLOB are transported in and out of the database to your application using byte arrays

The following exercise demonstrates how to read and write binary data to the database, providing two distinctly different models In the first model, you know how big

your data is and you save it in one action This is illustrated in the SaveBlobToDatabase method In the FetchBlobFromDatabase method, you read the bits into a file, but you

do it in small chunks defined by the BufferSize variable

� Exercise 1: Saving and Retrieving BLOB Values

This sample application demonstrates several of the concepts explained in this chapter In addition to just saving and fetching BLOB values, it also sets up some infra

structure for the application that uses Command objects to create a new table in the

database (to hold the BLOB values) and executes parameterized queries to populate the list of available BLOBs and retrieve the BLOB value The code has been compartmentalized, so it should be very easy to parse the routines that are important to you

1 Create a new Windows application and name it BLOBSample

2 Add a ComboBox to the form and set its Name property to BlobList

3 Add a button below the ComboBox and set the following properties:

❑ Name = RefreshBlobListButton

❑ Text = Refresh List

4 Add a second button and set the following properties:

❑ Name = SaveBlobButton

❑ Text = Save BLOB to Database

5 Add a third button and set the following properties (see Figure 6-8):

❑ Name = FetchBlobButton

❑ Text = Fetch BLOB from Database

Trang 19

Figure 6-8 Form with controls in preparation for manipulating BLOB data

6 Double-click the form to create a Form_Load event handler

Because this lesson’s objective is to explain working with BLOB values, let’s just add all the infrastructure code at once and get the form set up You can analyze this code at your leisure!

7 Replace the Form1 code with the following:

' VB

Public Class Form1

Private NorthwindConnection As New SqlConnection _

("Data Source=.\sqlexpress;Initial Catalog=Northwind;Integrated Security=True") Private CompleteFilePath As String = ""

Private SavePath As String = ""

End Sub

Trang 20

CreateTableCommand.CommandText = "IF OBJECT_ID ( 'DocumentStorage' ) IS NOT NULL " & _

"DROP TABLE DocumentStorage; " & _ "CREATE TABLE DocumentStorage(" & _ "DocumentID int IDENTITY(1,1) NOT NULL, " & _ "FileName nvarchar(255) NOT NULL, " & _ "DocumentFile varbinary(max) NOT NULL)"

Environment.NewLine & "Click Yes to create a new DocumentStorage table Click No

if you already have one!", _

"Create DocumentStorage table", MessageBoxButtons.YesNo, _ MessageBoxIcon.Question, MessageBoxDefaultButton.Button2) Select Case response

Case Is = Windows.Forms.DialogResult.Yes CreateDocumentStorageTable()

Case Is = Windows.Forms.DialogResult.No refreshBlobList()

End Select End Sub

Private Sub refreshBlobList()

Dim GetBlobListCommand As New SqlCommand _ ("SELECT FileName FROM DocumentStorage", NorthwindConnection) Dim reader As SqlDataReader

BlobList.SelectedIndex = 0 End Sub

Trang 21

private SqlConnection NorthwindConnection = new SqlConnection

("Data Source=.\\sqlexpress;Initial Catalog=Northwind;Integrated Security=True"); private String CompleteFilePath = "";

private String SavePath = "";

private void GetCompleteFilePath()

}

private void GetSavePath()

{

FolderBrowserDialog SavePathDialog = new FolderBrowserDialog();

SavePathDialog.Description = "Select a folder to restore BLOB file to"; SavePathDialog.ShowDialog();

Trang 22

private void Form1_Load(object sender, EventArgs e) {

DialogResult response = MessageBox.Show("Create the Document Storage Table?" + Environment.NewLine +

"Click Yes to create a new DocumentStorage table." + "Click No if you already have one!",

"Create DocumentStorage table", MessageBoxButtons.YesNo, MessageBoxIcon.Question,

SqlCommand GetBlobListCommand = new SqlCommand ("SELECT FileName FROM DocumentStorage", NorthwindConnection);

SqlDataReader reader;

BlobList.Items.Add(reader[0]);

} reader.Close();

Trang 23

reader.ReadBytes(CInt(My.Computer.FileSystem.GetFileInfo(CompleteFilePath).Length))

"(FileName, DocumentFile)" & _

"VALUES (@FileName, @DocumentFile)"

CompleteFilePath.Substring(CompleteFilePath.LastIndexOf("\") + 1)

' Execute the command and save the BLOB to the database

" saved to database.", "BLOB Saved!", MessageBoxButtons.OK, _

Trang 24

GetCompleteFilePath();

(CompleteFilePath, System.IO.FileMode.Open, System.IO.FileAccess.Read);

System.IO.FileInfo file = new FileInfo(CompleteFilePath);

BLOB = reader.ReadBytes((int)(file.Length));

"(FileName, DocumentFile)" + "VALUES (@FileName, @DocumentFile)";

(CompleteFilePath.LastIndexOf("\\")+ 1);

Trang 25

"BLOB Saved!", MessageBoxButtons.OK, MessageBoxIcon.Information);

}

catch (Exception ex)

{

MessageBox.Show(ex.Message, "Save Failed", MessageBoxButtons.OK, _

9 Add the following code to retrieve the BLOB from the database and write it back

out as a file:

' VB

Private Sub FetchBlobFromDatabase()

' Verify there is a BLOB selected to retrieve.

End If

' Create the Command object to fetch the selected BLOB

Dim GetBlobCommand As New SqlCommand("SELECT FileName, DocumentFile " & _

"FROM DocumentStorage " & _

"WHERE FileName = @DocName", NorthwindConnection)

GetBlobCommand.Parameters.Add("@DocName", SqlDbType.NVarChar).Value = _

BlobList.Text

Định dạng
Số trang	50
Dung lượng	403,08 KB