vb.net generalized write of data to excel - vb.net

I need to create an excel file from scratch in VB.NET given a DataTable from asp.net.
I can do this for a specific file, but I don't know how to do it for a general database.
That is, where I use the "CREATE TABLE ..." I don't know how to tell it what types to use for the data in the table.
The DataTable is derived from a FoxPro database. (I don't know if that matters.)
I invoke the table similar to as follows:
<%
return_value = make_excel( sql_table, excel_filename)
%>
make_excel is defined as
Option Explicit On
'Option Strict On
Imports System
Imports System.Web
Imports System.Web.UI
Imports System.Web.UI.Page
Imports System.IO
Imports Microsoft.VisualBasic
Imports System.Diagnostics
Imports System.Data
Imports System.Data.OleDb
Public Class clsCommon
Inherits Page
' buncha other stuff defined in here.
Public Shared Function make_excel(ByVal sqlTable As DataTable, ByVal xls_fn As String) As Boolean
Dim conn As System.Data.OleDb.OleDbConnection
Dim ds As System.Data.DataSet
Dim cmd As New System.Data.OleDb.OleDbCommand()
conn = New System.Data.OleDb.OleDbConnection("provider=Microsoft.Jet.OLEDB.4.0;Data Source='" & xls_fn & "';Extended Properties=Excel 8.0;")
conn.Open()
cmd.Connection = conn
cmd.CommandText = "CREATE TABLE MyTable ( Admin char(20), first_name char(20));"
cmd.ExecuteNonQuery()
cmd.CommandText = "INSERT INTO MyTable ( Admin, first_name ) VALUES ('true', 'Bob')"
cmd.ExecuteNonQuery()
conn.Close()
Return True
End Function
End Class
What I need to be able to do is run through the values in sqlTable above, check their type and then build the sql to write them. Pointers?

Have you looked into the copyfromrecordset function? You'll need to do a bit of work and its a bit of a change of approach but it might be something you can look into. An MS article is available here (Sorry, the article is based around VBA, but it should help as a guide).

I have a solution to the problem. I'm not happy about it as a general solution, but it works well enough for the cases I'm currently dealing with.
In this solution, I create a template of the excel file that has the column headings I want to use. When I do the select in the forward code, I change the name of the fields as appropriate (or drop whatever fields I don't want).
Public Shared Function TestXL(ByVal resp As HttpResponse, ByVal sqlTable As DataTable, ByVal xls_template_fn As String, ByVal xls_fn As String) As Boolean
Dim conn As System.Data.OleDb.OleDbConnection
Dim ds As System.Data.DataSet
Dim cmd As New System.Data.OleDb.OleDbCommand()
Dim r As DataRow
Dim c As DataColumn
Dim i As Integer
Dim sql As String
dim str as string
If File.Exists(xls_template_fn) Then
try
If File.Exists(xls_fn) Then
File.Delete(xls_fn)
Else
File.Copy(xls_template_fn, xls_fn)
End If
catch ex1 as Exception
File.Copy(xls_template_fn, xls_fn)
End Try
Else
resp.Write("Unable to locate template file: " & xls_template_fn)
Return False
End If
conn = New System.Data.OleDb.OleDbConnection("provider=Microsoft.Jet.OLEDB.4.0;Data Source='" & xls_fn & "';Extended Properties=Excel 8.0;")
conn.Open()
cmd.Connection = conn
cmd.CommandText = sql
For Each r In sqlTable.Rows
sql = "INSERT INTO MyTable ("
For i = 0 To sqlTable.Columns.Count - 1
sql = sql & " " & sqlTable.Columns(i).ColumnName & ","
Next
sql = Left(sql, sql.Length - 1) & " ) VALUES ( "
For i = 0 To sqlTable.Columns.Count - 1
str = r(i).toString()
dim str2 as string = str.replace("'", "''")
sql = sql & " '" & str2 & "',"
Next
sql = Left(sql, sql.Length - 1) & " );"
'resp.Write(sql & "<br/>")
cmd.CommandText = sql
cmd.ExecuteNonQuery()
Next
conn.Close()
Return True
End Function
Note the name of the the worksheet is the name of the table for the oledb call.
There's a link to other ways of doing this:
http://blogs.msdn.com/b/erikaehrli/archive/2009/01/30/how-to-export-data-to-excel-from-an-asp-net-application-avoid-the-file-format-differ-prompt.aspx
If I have to revisit this problem I'll probably start there.

Related

Can't INSERT INTO access database

I can select the data from an Access database, but I tried many ways to INSERT INTO database. There is no error message, but it didn't insert the data.
Code:
Dim conn As New OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" & CurDir() & "\fsDB1.accdb")
Dim cmd As OleDbCommand
Dim dr As OleDbDataReader
conn.Open()
Dim CommandString As String = "INSERT INTO tblfile(stdUname,filePw,filePath,status) VALUES('" & userName & "','" & filePw & "','" & filePath & "','A')"
Dim command As New OleDbCommand(CommandString, conn)
Command.Connection = conn
Command.ExecuteNonQuery()
I just want a simple easy way to INSERT INTO an Access database. Is it possible because of the problem of Access database? I can insert this query by running query directly in Access.
Firstly I would check the database settings. If your app copies a new copy of the database each time you run it that would explain why you can select existing data and why your new data is not being saved (Well it is being saved, but the database keeps getting replaced with the old one). Rather set it up to COPY IF NEWER.
Further, you should ALWAYS use parameterized queries to protect your data. It is also is less error prone than string concatenated commands ans is much easier to debug.
Also, I recommend using a USING block to handle database connections so that your code automatically disposes of resources no longer needed, just in case you forget to dispose of your connection when you are done. Here is an example:
Using con As New OleDbConnection
con.ConnectionString = "Provider = Microsoft.ACE.OLEDB.12.0; " & _
"Data Source = "
Dim sql_insert As String = "INSERT INTO Tbl (Code) " & _
"VALUES " & _
"(#code);"
Dim sql_insert_entry As New OleDbCommand
con.Open()
With sql_insert_entry
.Parameters.AddWithValue("#code", txtCode.Text)
.CommandText = sql_insert
.Connection = con
.ExecuteNonQuery()
End With
con.Close()
End Using
Here is an example where data operations are in a separate class from form code.
Calling from a form
Dim ops As New Operations1
Dim newIdentifier As Integer = 0
If ops.AddNewRow("O'brien and company", "Jim O'brien", newIdentifier) Then
MessageBox.Show($"New Id for Jim {newIdentifier}")
End If
Back-end class where the new primary key is set for the last argument to AddNewRow which can be used if AddNewRow returns true.
Public Class Operations1
Private Builder As New OleDbConnectionStringBuilder With
{
.Provider = "Microsoft.ACE.OLEDB.12.0",
.DataSource = IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Database1.accdb")
}
Public Function AddNewRow(
ByVal CompanyName As String,
ByVal ContactName As String,
ByRef Identfier As Integer) As Boolean
Dim Success As Boolean = True
Dim Affected As Integer = 0
Try
Using cn As New OleDbConnection With {.ConnectionString = Builder.ConnectionString}
Using cmd As New OleDbCommand With {.Connection = cn}
cmd.CommandText = "INSERT INTO Customer (CompanyName,ContactName) VALUES (#CompanyName, #ContactName)"
cmd.Parameters.AddWithValue("#CompanyName", CompanyName)
cmd.Parameters.AddWithValue("#ContactName", ContactName)
cn.Open()
Affected = cmd.ExecuteNonQuery()
If Affected = 1 Then
cmd.CommandText = "Select ##Identity"
Identfier = CInt(cmd.ExecuteScalar)
Success = True
End If
End Using
End Using
Catch ex As Exception
Success = False
End Try
Return Success
End Function
End Class

Query SQL Database and Store Results in a Variable VB.Net

I am trying to query a SQL DB using a textbox field and retreive a column from the DB and store it in a variable so I can use it in other places within my site. My web form requires the user to enter a few items such as name and zip code.
My database has 3 columns; email address, zip code, and id. I need the input form to query the database and return the "email address" that matches the user's inputted "zip code"
I understand the SQL SELECT statement and the connection string is correct. My queries are working, I just can't seem to figure out how to get the returned "email address" to store in a variable. Any help would be appreciated.
Dim strconnection As String, strSQL As String, strZipCheck As String
Dim objconnection As OleDbConnection = Nothing
Dim objcmd As OleDbCommand = Nothing
Dim RREmail As String = Nothing
Dim zipQuery As String = zipCodeBox.Text
'connection string
strconnection = "provider=SQLOLEDB;Data Source=XXX.XXX.XXX.XXX;Initial Catalog=XXXXXXX;User ID=XXXX;Password=XXXXXXXX;"
objconnection = New OleDbConnection(strconnection)
objconnection.ConnectionString = strconnection
'opens connection to database
objconnection.Open()
strSQL = "SELECT [EMAIL ADDRESS] FROM ZIPCODEDATA WHERE [ZIP CODE] = #ZIP CODE "
objcmd = New OleDbCommand(strSQL, objconnection)
RREmail = CType(objcmd.ExecuteScalar(), String)
lblRREmail.Text = RREmail
objconnection.Close()
While the other comments do point out particular deficiencies with your syntax, I would like to address the question of storing a variable and take it a bit further. I generally do not use parameterized connections unless I am calling stored procedures and need an output parameter. Instead, here is what I often do to create a database connection and get my results.
First I create a public class called dbConn so I dont have to write it out a million times.
Imports System.Data.SqlClient
Public Class dbConn
Public Property strSQL As String
Private objConn As SqlClient.SqlConnection = _
New SqlClient.SqlConnection("Data Source=(local)\dev;Initial Catalog=testDataBase;Persist Security Info=False;Integrated Security = true;")
Public Function getDt() As DataTable
Dim Conn As New SqlClient.SqlConnection
Dim da As SqlClient.SqlDataAdapter
Dim dt As New DataTable
Try
objConn.Open()
da = New SqlClient.SqlDataAdapter(strSQL, objConn)
da.Fill(dt)
da = Nothing
objConn.Close()
objConn = Nothing
Catch ex As Exception
objConn.Close()
objConn = Nothing
End Try
Return dt
End Function
End Class
Then from another class (lets assume its form1) I call up that function to get a datatable returned to me. In this case I select TOP 1 to save your sanity in case by chance there is more than one email address per zip code.
Public sub getdata()
Dim strEmailAddress As String = Nothing
Dim dt As New DataTable
Dim da As New dbConn
da.strSQL = " select top 1 [email address] from [zipcode] " _
& " where [zip code] = '" & strZipCode & "'" _
& " order by [email address] asc"
dt = da.getDt
If dt.Rows.Count > 0 Then
If Not IsDBNull(dt.Rows(0)(0).ToString) Then
strEmailAddress = dt.Rows(0)(0).ToString
End If
End If
End Sub
From there you can use strEmailAddress within the sub after it is set, or you can move the string declaration outside of the sub as a public string declaration to use it elsewhere, or you can create other classes like an email class with a public property for strEmailAddress to pass it off to, etc.
I hope something in there helps you understand how to deal with your problem.

Parametrize Queries to prevent SQL Injection

I know that I need to Parametrize my queries, mainly for safety reasons, and I need help doing so. I'm using VB in visual studio 2012 and SQL Server 2012. I have never done this before and everything I find on the web seems unsuited to my particular code. The bit that I think needs work is the following:
objconnection.Open()
strSQL = "insert into dbo.Event(ID, Name, Summary, Date) values (NEWID(), '" & strName & "','" & strSummary & "','" & strLocation & "','" & strDate & "')"
objcmd = New OleDbCommand(strSQL, objconnection)
objcmd.ExecuteNonQuery()
objconnection.Close()
MsgBox("Event Created", vbMsgBoxSetForeground)
Any pointers greatly appreciated. If you need more of the code let me know!
From comments:
I did look at that and tried it but I had problems. At this part:
.add(new SqlParameter("#strname", '"& strName &"'))
the , between the "#streventname" and '"strName"' is underlined and it says Expression expected.
Also
Dim cmd As SqlCommand = New SqlCommand(cmdText, objconnection)
objconnection gets an error "Value of type 'System.Data.OleDb.OleDbConnection' cannot be converted to 'System.Data.SqlClient.SqlConnection'.
Probably something stupid I've missed out.
You are mixing your SQL-Objects with your OLEDB-Objects. Looks like you are using an OLEDB connection, so that means you have to use OLEDB-Objects, so use OleDbCommand instead of SqlCommand, etc.
Your parameter line should look something like this:
.add(new OleDbParameter("#strname", strName))
For OleDB queries, it is important to realize that the parameters are actually ignoring the name #strname and just updating the parameter information in index order. So the order in which the parameters appear in the sql statement have to be in the same order you supply the parameters.
Thanks you for all the help. I managed to solve it. This is what I now have if anyone is interested.
Imports System
Imports System.Data
Imports System.Data.OleDb
Imports System.Data.SqlClient
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim strName As String = Request.Form("txtName")
Dim strSummary As String = Request.Form("txtSummary")
Dim strDate As String = Request.Form("txtDate")
Dim objconnection As OleDbConnection = Nothing
Dim objcmd As OleDbCommand = Nothing
Dim strconnection As String, strSQL As String
strconnection = "provider=SQLOLEDB;data source=XXX;database=Events;uid=XXX;pwd=XXX;"
objconnection = New OleDbConnection(strconnection)
objconnection.ConnectionString = strconnection
objconnection.Open()
strSQL = "insert into dbo.CreateApp(ID, Name, Summary, Date)values(NEWID(), ?, ?, ?)"
objcmd = New OleDbCommand(strSQL, objconnection)
objcmd.Parameters.Add(New System.Data.OleDb.OleDbParameter("#Name", strName))
objcmd.Parameters.Add(New System.Data.OleDb.OleDbParameter("#Summary", strSummary))
objcmd.Parameters.Add(New System.Data.OleDb.OleDbParameter("#Date", strDate))
objcmd.ExecuteNonQuery()
objconnection.Close()
End Sub
End Class
The key was putting in ?s.
I agree with Lars except you are missing the fact that the sql is wrong. Here is a more complete example.
Dim sql = <value>insert into dbo.Event(ID, Name, Summary, Date) values (NEWID(),#Name,#Summary,#Date)</value>
Using connection As OleDb.OleDbConnection(connectionString)
Using command As New OleDb.OleDbCommand(sql.Value, connection)
command.Parameters.AddWithValue("#Name", nameValue)
command.Parameters.AddWithValue("#Summary", summaryValue)
command.Parameters.AddWithValue("#Date", DateValue)
command.ExecuteNonQuery()
End Using
End Using
If you want to not bother with ADO and are looking for something simpler I recommend using Simple.Data http://simplefx.org/simpledata/docs/. It is by far one of the simplest ways to interact with a database without having to now SQL or ADO but it certainly does help.
Good Luck

"Could not find installable ISAM" error in VB.NET

Im new to visual basic.. I would like to ask on how to fixed the problem "Could not find installable ISAM.". I used Visual Basic as programming language. I used MS access as the database. My program is to fetch data from access. This would be my code.
Imports System.Data.OleDb
Module Main
Dim mDataPath As String
Sub Main()
GetPupils()
Console.ReadLine()
End Sub
Private Function GetConnection() As OleDb.OleDbConnection
'return a new connection to the database5
Return New OleDb.OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;" _
& "Database Password=oNer00FooR3n0 " & "Data Source=" & "C:\Users\ERICO YAN\Desktop\MSaccessDB\MSaccessDB\oneroofccp.mdb")
End Function
Public Function GetPupils() As DataSet
Dim conn As OleDb.OleDbConnection = GetConnection()
Try
Dim ds As New DataSet 'temporary storage
Dim sql As String = "select * from SESSIONS" 'query
Dim da As OleDb.OleDbDataAdapter = New OleDb.OleDbDataAdapter(sql, conn) 'connection
Try
da.Fill(ds, "SESSIONS") 'fetch data from db
Finally
da.Dispose() 'in case something goes wrong
End Try
Dim startVal = 0 'first record
Dim endVal = ds.Tables(0).Rows.Count 'total number records
For var = startVal To endVal - 1 'display records
Console.WriteLine(ds.Tables(0).Rows(var).Item(0).ToString() + " " + ds.Tables(0).Rows(var).Item(1).ToString() + " " + ds.Tables(0).Rows(var).Item(3).ToString() + " " + ds.Tables(0).Rows(var).Item(3).ToString()) 'code for display id and name
Next
Return ds
Finally
conn.Close()
conn.Dispose()
End Try
End Function
End Module
I would like to know what is the cause of the error so that I can proceed to my program.. Thank you so much for the feedback..
You seem to be missing a delimiter after your password attribute.
I think you also need to use Jet OLEDB:Database Password=... instead (if indeed you have an access database protected with a password):
"Provider=Microsoft.Jet.OLEDB.4.0;" _
& "Data Source=" & "C:\Users\ERICO YAN\Desktop\MSaccessDB\MSaccessDB\oneroofccp.mdb;" _
& "Jet OLEDB:Database Password=oNer00FooR3n0;"
Missing ; delimiter here:
...Password=oNer00FooR3n0 " & "Data Sourc...
Needs to be
...Password=oNer00FooR3n0 " & ";Data Sourc...
Also just Password instead of Database Password.
Initially, i too got this sort of error, but when i wrote the connection string in a single line (i mean without using [& _] or breaking in 2 lines, then this worked properly.
"Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Users\USER1\Desktop\MSaccessDB\MSaccessDB\my_database_file.mdb;Database Password=MyPassword"
Hope this helps.
Mukesh L.

vb.net writer to excel function working on one pc but not on another

I have a vb.net function which uses oledb to create a spreadsheet, then treat it like a database, creating tables and inserting values. The function takes in a filename and a dataset, and returns the filename if it worked. The function works beautifully on my dev machine, but not other PCs. Below is my function, is there anything wrong with the code? Any suggestions?
EDIT: There are no errors being thrown, the resulting file doesn't contain any data.
Imports System
Imports System.Configuration
Imports System.Data
Imports System.Data.OleDb
Imports System.Data.SqlClient
Imports System.Drawing
Imports System.IO
Imports System.Net.Mail
Imports System.Text
Imports System.Web
Imports Microsoft.Office.Interop
....
Public Shared Function writeToExcelFile(ByVal template As String, ByVal filename As String, ByVal data As DataSet) As String
If File.Exists(filename) Then
File.Delete(filename)
End If
If template <> String.Empty AndAlso filename <> String.Empty Then
File.Copy(template, filename)
End If
Dim connString As String = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" + filename + ";Extended Properties=""Excel 8.0;HDR=Yes;"""
Dim conn As New OleDbConnection(connString)
Try
conn.Open()
Dim cmd As New OleDbCommand()
For Each table As DataTable In data.Tables
Dim tableName As String = table.TableName.Replace(" ", "")
Dim tableCreate As String = "CREATE TABLE [" + tableName + "] ("
Dim sql As String = "INSERT INTO [" + tableName + "$]("
Dim colName As String = String.Empty
For Each col As DataColumn In table.Columns
colName = col.ColumnName.Replace("#", "num")
If colName.Contains(" ") Then
sql += " [" + colName.Replace("'", "") + "],"
Else
sql += " " + colName.Replace("'", "") + ","
End If
tableCreate += " [" + colName + "] varchar(255),"
Next
If tableCreate.EndsWith(",") Then
tableCreate = tableCreate.TrimEnd(New [Char]() {","c})
End If
tableCreate += ") "
cmd = New OleDbCommand(tableCreate, conn)
cmd.ExecuteNonQuery()
If sql.EndsWith(",") Then
sql = sql.TrimEnd(New [Char]() {","c})
End If
sql += ") "
For Each row As DataRow In table.Rows
Dim values As String = " VALUES("
For Each col As DataColumn In table.Columns
Try
values += "'" + cleanString(row(col).ToString()).Substring(0, 250) + "...',"
Catch e As Exception
values += "'" + cleanString(row(col).ToString()) + "',"
End Try
Next
If values.EndsWith(",") Then
values = values.TrimEnd(New [Char]() {","c})
End If
values += ") "
cmd = New OleDbCommand(sql + values, conn)
cmd.ExecuteNonQuery()
Next
Next
conn.Close()
Return filename
Catch e As Exception
Throw New Exception(e.Message)
Return String.Empty
End Try
End Function
Check your system's Regional Settings vs other machines' Regional Settings.
If they differ, try to match them.
Also, when working with Office Automation you should force the thread's culture to en-US.
Set this just before calling writeToExcelFile() (C# syntax):
System.Threading.Thread.CurrentThread.CultureInfo = new System.Globalization.CultureInfo("en-US");
After calling the method, restore the culture (if needed).
Problem is not with this code. Problem is with the dataset that's being passed in.