Using Stored Procedures with ASP.NET

Introduction

Stored procedures (sprocs) are generally an ordered series of Transact-SQL statements bundled into a single logical unit. They allow for variables and parameters, as well as selection and looping constructs. A key point is that sprocs are stored in the database rather than in a separate file.

Advantages over simply sending individual statements to the server include:

  1. Referred to using short names rather than a long string of text; therefore, less network traffiic is required to run the code within the sproc.
  2. Pre-optimized and precompiled, so they save an incremental amount of time with each sproc call/execution.
  3. Encapsulate a process for added security or to simply hide the complexity of the database.
  4. Can be called from other sprocs, making them reusable and reducing code size.

Parameterization

A stored procedure gives us some procedural capability, and also gives us a performance boost by using mainly two types of parameters:

  • Input parameters
  • Output parameters

From outside the sproc, parameters can be passed in either by position or reference.

Declaring Parameters

  1. The name
  2. The datatype
  3. The default value
  4. The direction

The syntax is :

@parameter_name [AS] datatype [= default|NULL] [VARYING] [OUTPUT|OUT]

Let's now create a stored procedure named "Submitrecord".

First open Microsoft SQL Server -> Enterprise Manager, then navigate to the database in which you want to create the stored procedure and select New Stored Procedure.

@1.gif

See the below Stored Procedure Properties for what to enter, then click OK.

2.gif

Now create an application named Store Procedure in .net to use the above sprocs.

Stored Procedure.aspx page code

 

 
  1. <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>  
  2.     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1transitional.dtd">  
  3.     <html xmlns="http://www.w3.org/1999/xhtml">  
  4.   
  5.     <head runat="server">  
  6.         <title>Store Procedure</title>  
  7.     </head>  
  8.   
  9.     <body>  
  10.         <form id="form1" runat="server">  
  11.             <div>  
  12.                 <asp:Label ID="Label1" runat="server" Text="ID"></asp:Label>  
  13.                 <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox><br /><br />  
  14.                 <asp:Label ID="Label2" runat="server" Text="Password"></asp:Label>  
  15.                 <asp:TextBox ID="TextBox2" runat="server"></asp:TextBox><br /><br />  
  16.                 <asp:Label ID="Label3" runat="server" Text="Confirm Password"></asp:Label>  
  17.                 <asp:TextBox ID="TextBox3" runat="server"></asp:TextBox><br /><br />  
  18.                 <asp:Label ID="Label4" runat="server" Text="Email ID"></asp:Label>  
  19.                 <asp:TextBox ID="TextBox4" runat="server"></asp:TextBox><br /><br /><br />  
  20.                 <asp:Button ID="Button1" runat="server" Text="Submit Record" OnClick="Button1_Click" /> </div>  
  21.         </form>  
  22.     </body>  
  23.   
  24.     </html>  

 

Stored Procedure.aspx.cs page code

 

 

 
  1. using System;  
  2. using System.Data;  
  3. using System.Configuration;  
  4. using System.Web;  
  5. using System.Web.Security;  
  6. using System.Web.UI;  
  7. using System.Web.UI.WebControls;  
  8. using System.Web.UI.WebControls.WebParts;  
  9. using System.Web.UI.HtmlControls;  
  10. using System.Data.SqlClient;  
  11. public partial class _Default: System.Web.UI.Page {  
  12.     DataSet ds = new DataSet();  
  13.     SqlConnection con;  
  14.     //Here we declare the parameter which we have to use in our application  
  15.     SqlCommand cmd = new SqlCommand();  
  16.     SqlParameter sp1 = new SqlParameter();  
  17.     SqlParameter sp2 = new SqlParameter();  
  18.     SqlParameter sp3 = new SqlParameter();  
  19.     SqlParameter sp4 = new SqlParameter();  
  20.     protected void Page_Load(object sender, EventArgs e) {}  
  21.     protected void Button1_Click(object sender, EventArgs e) {  
  22.         con = new SqlConnection("server=(local); database= gaurav;uid=sa;pwd=");  
  23.         cmd.Parameters.Add("@ID", SqlDbType.VarChar).Value = TextBox1.Text;  
  24.         cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = TextBox2.Text;  
  25.         cmd.Parameters.Add("@ConfirmPassword", SqlDbType.VarChar).Value = TextBox3.Text;  
  26.         cmd.Parameters.Add("@EmailID", SqlDbType.VarChar).Value = TextBox4.Text;  
  27.         cmd = new SqlCommand("submitrecord", con);  
  28.         cmd.CommandType = CommandType.StoredProcedure;  
  29.         con.Open();  
  30.         cmd.ExecuteNonQuery();  
  31.         con.Close();  
  32.     }  
  33. }  

When we run the application, the window will look like this:

3.gif

After clicking the submit button the data is appended to the database as seen below in the SQL Server table record:

4.gif

Up Next
    Ebook Download
    View all
    Learn
    View all