tags:

views:

147

answers:

1
Q: 

Binding parameters to OLEDB command throws error.

Hello fellows, I am using AS 400 OLEDB with .NET. It uses '?' instead of '@param to bind parameters with a command Now there is a situation where the command is like

SELECT ...
FROM
   (SELECT ... 
         ROW_NUMBER() OVER(ORDER BY ColumnName) as RowNum
    FROM Employees e
   ) as DerivedTableName
WHERE RowNum BETWEEN @startRowIndex AND (@startRowIndex + @maximumRows) - 1

Now my command becomes 

    SELECT ...
FROM
   (SELECT ... 
         ROW_NUMBER() OVER(ORDER BY ColumnName) as RowNum
    FROM Employees e
   ) as DerivedTableName
WHERE RowNum BETWEEN ? AND (? + ?) - 1

Now when I bind parameters like

myCommand.Parameters.Add(new OleDbParameter("?",startRowIndex));
myCommand.Parameters.Add(new OleDbParameter("?", startRowIndex));
myCommand.Parameters.Add(new OleDbParameter("?", MaximumRows));

It throws error

SQL0417: Combination of parameter markers not valid.
Cause . . . . . :   The statement string specified as the object of a PREPARE statement contains a predicate or expression where parameter markers have been used as operands of the same operator.  The following restrictions apply to the use of parameter markers: -- Both the operands in a predicate cannot be parameter markers. For example, specifying predicates of the form:    ? = ?      or    ? = ( SELECT ? FROM x ) are not valid.

How do I bind parameters in this situation ? I want to avoid sql injection :)

+1  A: 

Try changing the names of the parameters

myCommand.Parameters.Add(new OleDbParameter("@startRowIndex",startRowIndex));
myCommand.Parameters.Add(new OleDbParameter("@startRowIndex2", startRowIndex));
myCommand.Parameters.Add(new OleDbParameter("@MaximumRows", MaximumRows));

but leave the SQL as is.

Chris Diver  2010-07-09 06:55:24
Thanks for the reply Chris. In OLEDB the parameters go with index and symbol '?' and not with name '@param'. That works on SQLServer. Any clue?
Popo  2010-07-09 07:00:49
chris is right, even if i use access, i use ? as param
Amit Ranjan  2010-07-09 12:22:01
He is, but problem is still there because of two parameters inside a single block (?+?). What do you do in access to get away with that ? Check my error description above.
Popo  2010-07-09 14:44:13
Bump, anybody with OLEDB experience ?
Popo  2010-07-15 06:51:54
"Both the operands in a expression cannot be parameter markers. For example, specifying an expression of the form: ? + ? is not valid." Can't you add the two values instead of doing it in SQL?
Chris Diver  2010-07-15 07:03:05
hey I can, but that would require me to concatenate the values with query like where '+(parameter1+parameter2)+'Problem being, I want to bind the parameters in form of parametrized query.
Popo  2010-07-15 16:43:12
thanks, got what you meant.
Popo  2010-08-02 14:38:42

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?