using System; using System.Data; using System.Data.

SqlClient; class Program { static void Main() { string connectionString = "Data Source=(local);Initial Catalog=Northwind;" + "Integrated Security=true"; // Provide the query string with a parameter placeholder. string queryString = "SELECT ProductID, UnitPrice, ProductName from dbo.products " + "WHERE UnitPrice > @pricePoint " + "ORDER BY UnitPrice DESC;"; // Specify the parameter value. int paramValue = 5; // Create and open the connection in a using block. This // ensures that all resources will be closed and disposed // when the code exits. using (SqlConnection connection = new SqlConnection(connectionString)) { // Create the Command and Parameter objects. SqlCommand command = new SqlCommand(queryString, connection); command.Parameters.AddWithValue("@pricePoint", paramValue); // Open the connection in a try/catch block. // Create and execute the DataReader, writing the result // set to the console window. try { connection.Open(); SqlDataReader reader = command.ExecuteReader(); while (reader.Read()) { Console.WriteLine("\t{0}\t{1}\t{2}", reader[0], reader[1], reader[2]); } reader.Close(); } catch (Exception ex) { Console.WriteLine(ex.Message); } Console.ReadLine(); } }

string ConnString = "Data Source=(local);Initial Catalog=Northwind;" + "Integrated Security=true"; string SqlString = "Select * From Contacts Where FirstName = @FirstName"; using (SqlConnection conn = new SqlConnection(ConnString)) { using (SqlCommand cmd = new SqlCommand(SqlString, conn)) { cmd.CommandType = CommandType.Text; cmd.Parameters.AddWithValue("FirstName", txtFirstName.Text); conn.Open(); using (SqlDataReader reader = cmd.ExecuteReader()) { GridView1.DataSource = reader; GridView1.DataBind(); } } }

public string GetConnectionString() { return System.Configuration.ConfigurationManager.ConnectionStrings["ConnStringName"].ConnectionString; //sets the connection string from your web config file "ConnString" is the name of your Connection String }

private void InsertInfo() { SqlConnection conn = new SqlConnection(GetConnectionString()); string sql = "INSERT INTO connect_com (name,E_mail,School ) VALUES (@Val1,@Val2,@Val3)"; try { conn.Open(); SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@Val1", txtName.Text); cmd.Parameters.AddWithValue("@Val2", txtEmail.Text); cmd.Parameters.AddWithValue("@Val3", txtSchool.Text); cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); } catch (System.Data.SqlClient.SqlException ex) { string msg = "Insert Error:"; msg += ex.Message; throw new Exception(msg); } finally { conn.Close(); } }

public static string GetConnectionString() { //return System.Configuration.ConfigurationManager.ConnectionStrings["ConnStringName"].ConnectionS tring; return "Data Source=F23DBT01\\F23TEST;Initial Catalog=Objetos;user id=sa;password=sis23ros"; } public static void InsertInfo(Curso C) { SqlConnection conn = new SqlConnection(GetConnectionString()); string sql = "INSERT INTO curso (comision, facultad) VALUES (@comision,@facultad)"; try { conn.Open(); SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@comision", C.comision); cmd.Parameters.AddWithValue("@facultad", C.facultad); cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); } catch (System.Data.SqlClient.SqlException ex) { string msg = "Insert Error:"; msg += ex.Message; throw new Exception(msg); } finally { conn.Close(); } }

public static void insert_Producto(Producto oProd) { // instancia de la conexion SqlConnection conn = dbDataAccess.GetSQLConnection(); // objeto transaccional --- TRANSACCIN SqlTransaction tran = null; string query_prod = " INSERT INTO Producto... // objeto command para ejecucion del query SqlCommand cmd_producto = new SqlCommand(query_prod, conn); // seteo de atributos del command cmd_producto.CommandType = CommandType.Text; // Para valores que NO admiten NULL !! cmd_producto.Parameters.AddWithValue("@codProducto", oProd.codProducto); // Para valores que ADMITEN NULL !! if (oProd.tituloProd != "") cmd_producto.Parameters.AddWithValue("@tituloProd", oProd.tituloProd); else cmd_producto.Parameters.AddWithValue("@tituloProd", DBNull.Value); try { // abrir la conexion if (conn.State != ConnectionState.Open) conn.Open(); // comenzamos la transaccion TRANSACCIN tran = conn.BeginTransaction(); // asignamos transaccion al command cmd_producto.Transaction = tran; // ejecutamos la suma de la query !! oProd.idProducto = (int)cmd_producto.ExecuteScalar(); // reasignamos el string sql al command string query_precio = "INSERT INTO [Precio]... cmd_producto.CommandText = query_precio; // reasignamos los parametros para la nueva query cmd_producto.Parameters.AddWithValue("@idProducto", oProd.idProducto); if (oProd.precio.desc1 != 0 ) cmd_producto.Parameters.AddWithValue("@desc1", oProd.precio.desc1); else cmd_producto.Parameters.AddWithValue("@desc1", DBNull.Value); // ejecutamos la tarea nueva oProd.precio.idPrecio = (int)cmd_producto.ExecuteScalar(); // si todo salio bien commiteamos los cambios tran.Commit(); } catch (SqlException ex) { //return ex; } finally { conn.Close(); } }