Results 1 to 5 of 5

Thread: Calling stored procedure in asp - question

  1. Jun 19th, 2009, 12:20 PM #1
    WarrenW
    WarrenW is offline

    Thread Starter
    Frenzied Member
    Join Date
    Oct 2000
    Posts
    1,463

    Question Calling stored procedure in asp - question

    Hi Everyone,

    I've seen a couple ways to do this from an asp page. One is appending the parameters and setting their values. Then I came across another web page that showed it like this:

    Code:
    
'Connection Execute Method String

set connection = server.createobject("adodb.connection")
connection.open someDSN 
Connection.Execute "procname varvalue1, varvalue2"

'Close all objects and set to nothing
connection.close
set connection = nothing

**********************************
'Using Recordset Method
set connection = server.createobject("adodb.connection")
connection.open someDSN 
set rs = server.createobject("adodb.recordset")
rs.Open "Exec procname varvalue1, varvalue2",connection

'Close all objects and set to nothing
rs.close
connection.close
set rs = nothing
set connection = nothing
    In this routine above they are just adding the parameters after the sproc name. And I assume they must be in order as the parameters are defined in the sproc. Is it fine to do it this way? I'm sure others prefer the other way because it looks must more stable by defining each @param name and value.

    Thanks!
    Reply With Quote Reply With Quote
  2. Jun 19th, 2009, 01:59 PM #2
    MarkT
    MarkT is offline
    PowerPoster
    Join Date
    Jun 2001
    Location
    Trafalgar, IN
    Posts
    4,141

    Re: Calling stored procedure in asp - question

    I've never seen it done that way. Does it work?
    Reply With Quote Reply With Quote
  3. Jun 19th, 2009, 02:01 PM #3
    WarrenW
    WarrenW is offline

    Thread Starter
    Frenzied Member
    Join Date
    Oct 2000
    Posts
    1,463

    Re: Calling stored procedure in asp - question

    I'll know tonight and let you know.

    Warren
    Reply With Quote Reply With Quote
  4. Jun 19th, 2009, 03:44 PM #4
    techgnome
    techgnome is offline
    PowerPoster techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,687

    Re: Calling stored procedure in asp - question

    1) Yes it does work
    2) Is it a fine way to do this? Maybe... if you have something that runs with the same parameters all the time, it's probably OK to hardcode them like that... if you are using user input values as the parameters I DO NOT SUGGEST THIS method.... it's basically the same as concatenating a SQL string and running it blindly. And it is prone to SQL Injection attacks... and can make it harder to track down problems (most common of which is "Why does it take smith but breaks on o'connel"?
    It's better and safer, MUCH SAFER, to use parameters. Did I mention that it's safer to use parameters?

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *
    Reply With Quote Reply With Quote
  6. Jun 19th, 2009, 03:46 PM #5
    WarrenW
    WarrenW is offline

    Thread Starter
    Frenzied Member
    Join Date
    Oct 2000
    Posts
    1,463

    Re: Calling stored procedure in asp - question

    Thanks - I knew someone would say this which is a good thing. I'll go the other route and set the parameters rather than passing them in like the example shown.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width