• Ado.Net Helper


    SQLHelper.cs
    //===============================================================================
    // Microsoft Data Access Application Block for .NET
    // http://msdn.microsoft.com/library/en-us/dnbda/html/daab-rm.asp
    //
    // SQLHelper.cs
    //
    // This file contains the implementations of the SqlHelper and SqlHelperParameterCache
    // classes.
    //
    // For more information see the Data Access Application Block Implementation Overview. 
    // 
    //===============================================================================
    // Copyright (C) 2000-2001 Microsoft Corporation
    // All rights reserved.
    // THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY
    // OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
    // LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR
    // FITNESS FOR A PARTICULAR PURPOSE.
    //==============================================================================
    
    using System;
    using System.Data;
    using System.Xml;
    using System.Data.SqlClient;
    using System.Collections;
    
    namespace SGSGHome.Web
    {
        /// <summary>
        /// The SqlHelper class is intended to encapsulate high performance, scalable best practices for 
        /// common uses of SqlClient.
        /// </summary>
    
        public sealed class SqlHelper
        {
    
            #region private utility methods & constructors
    
            //Since this class provides only static methods, make the default constructor private to prevent 
            //instances from being created with "new SqlHelper()".
            private SqlHelper(){}
    
            /// <summary>
            /// This method is used to attach array of SqlParameters to a SqlCommand.
            /// 
            /// This method will assign a value of DbNull to any parameter with a direction of
            /// InputOutput and a value of null.  
            /// 
            /// This behavior will prevent default values from being used, but
            /// this will be the less common case than an intended pure output parameter (derived as InputOutput)
            /// where the user provided no input value.
            /// </summary>
            /// <param name="command">The command to which the parameters will be added</param>
            /// <param name="commandParameters">an array of SqlParameters tho be added to command</param>
            private static void AttachParameters(SqlCommand command, SqlParameter[] commandParameters)
            {
                foreach (SqlParameter p in commandParameters)
                {
                    //check for derived output value with no value assigned
                    if ((p.Direction == ParameterDirection.InputOutput) && (p.Value == null))
                    {
                        p.Value = DBNull.Value;
                    }
                    
                    command.Parameters.Add(p);
                }
            }
    
            /// <summary>
            /// This method assigns an array of values to an array of SqlParameters.
            /// </summary>
            /// <param name="commandParameters">array of SqlParameters to be assigned values</param>
            /// <param name="parameterValues">array of objects holding the values to be assigned</param>
            private static void AssignParameterValues(SqlParameter[] commandParameters, object[] parameterValues)
            {
                if ((commandParameters == null) || (parameterValues == null)) 
                {
                    //do nothing if we get no data
                    return;
                }
    
                // we must have the same number of values as we pave parameters to put them in
                if (commandParameters.Length != parameterValues.Length)
                {
                    throw new ArgumentException("Parameter count does not match Parameter Value count.");
                }
    
                //iterate through the SqlParameters, assigning the values from the corresponding position in the 
                //value array
                for (int i = 0, j = commandParameters.Length; i < j; i++)
                {
                    commandParameters[i].Value = parameterValues[i];
                }
            }
    
            /// <summary>
            /// This method opens (if necessary) and assigns a connection, transaction, command type and parameters 
            /// to the provided command.
            /// </summary>
            /// <param name="command">the SqlCommand to be prepared</param>
            /// <param name="connection">a valid SqlConnection, on which to execute this command</param>
            /// <param name="transaction">a valid SqlTransaction, or 'null'</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParameters to be associated with the command or 'null' if no parameters are required</param>
            private static void PrepareCommand(SqlCommand command, SqlConnection connection, SqlTransaction transaction, CommandType commandType, string commandText, SqlParameter[] commandParameters)
            {
                //if the provided connection is not open, we will open it
                if (connection.State != ConnectionState.Open)
                {
                    connection.Open();
                }
    
                //associate the connection with the command
                command.Connection = connection;
    
                //set the command text (stored procedure name or SQL statement)
                command.CommandText = commandText;
    
                //if we were provided a transaction, assign it.
                if (transaction != null)
                {
                    command.Transaction = transaction;
                }
    
                //set the command type
                command.CommandType = commandType;
    
                //attach the command parameters if they are provided
                if (commandParameters != null)
                {
                    AttachParameters(command, commandParameters);
                }
    
                return;
            }
    
    
            #endregion private utility methods & constructors
    
            #region ExecuteNonQuery
    
            /// <summary>
            /// Execute a SqlCommand (that returns no resultset and takes no parameters) against the database specified in 
            /// the connection string. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders");
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(string connectionString, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteNonQuery(connectionString, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns no resultset) against the database specified in the connection string 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create & open a SqlConnection, and dispose of it after we are done.
                using (SqlConnection cn = new SqlConnection(connectionString))
                {
                    cn.Open();
    
                    //call the overload that takes a connection in place of the connection string
                    return ExecuteNonQuery(cn, commandType, commandText, commandParameters);
                }
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns no resultset) against the database specified in 
            /// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  int result = ExecuteNonQuery(connString, "PublishOrders", 24, 36);
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored prcedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(string connectionString, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteNonQuery(connectionString, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteNonQuery(connectionString, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns no resultset and takes no parameters) against the provided SqlConnection. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int result = ExecuteNonQuery(conn, CommandType.StoredProcedure, "PublishOrders");
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(SqlConnection connection, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteNonQuery(connection, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns no resultset) against the specified SqlConnection 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int result = ExecuteNonQuery(conn, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {    
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
                
                //finally, execute the command.
                int retval = cmd.ExecuteNonQuery();
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                return retval;
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns no resultset) against the specified SqlConnection 
            /// using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  int result = ExecuteNonQuery(conn, "PublishOrders", 24, 36);
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(SqlConnection connection, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteNonQuery(connection, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteNonQuery(connection, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns no resultset and takes no parameters) against the provided SqlTransaction. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int result = ExecuteNonQuery(trans, CommandType.StoredProcedure, "PublishOrders");
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(SqlTransaction transaction, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteNonQuery(transaction, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns no resultset) against the specified SqlTransaction
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int result = ExecuteNonQuery(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
                
                //finally, execute the command.
                int retval = cmd.ExecuteNonQuery();
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                return retval;
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns no resultset) against the specified 
            /// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  int result = ExecuteNonQuery(conn, trans, "PublishOrders", 24, 36);
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an int representing the number of rows affected by the command</returns>
            public static int ExecuteNonQuery(SqlTransaction transaction, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteNonQuery(transaction, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteNonQuery(transaction, CommandType.StoredProcedure, spName);
                }
            }
    
    
            #endregion ExecuteNonQuery
    
            #region ExecuteDataSet
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the database specified in 
            /// the connection string. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(connString, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(string connectionString, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteDataset(connectionString, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the database specified in the connection string 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(connString, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create & open a SqlConnection, and dispose of it after we are done.
                using (SqlConnection cn = new SqlConnection(connectionString))
                {
                    cn.Open();
    
                    //call the overload that takes a connection in place of the connection string
                    return ExecuteDataset(cn, commandType, commandText, commandParameters);
                }
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the database specified in 
            /// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(connString, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(string connectionString, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteDataset(connectionString, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteDataset(connectionString, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlConnection. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(conn, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(SqlConnection connection, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteDataset(connection, commandType, commandText, (SqlParameter[])null);
            }
            
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the specified SqlConnection 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(conn, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
                
                //create the DataAdapter & DataSet
                SqlDataAdapter da = new SqlDataAdapter(cmd);
                DataSet ds = new DataSet();
    
                //fill the DataSet using default values for DataTable names, etc.
                da.Fill(ds);
                
                // detach the SqlParameters from the command object, so they can be used again.            
                cmd.Parameters.Clear();
                
                //return the dataset
                return ds;                        
            }
            
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified SqlConnection 
            /// using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(conn, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(SqlConnection connection, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteDataset(connection, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteDataset(connection, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlTransaction. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(trans, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(SqlTransaction transaction, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteDataset(transaction, commandType, commandText, (SqlParameter[])null);
            }
            
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the specified SqlTransaction
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
                
                //create the DataAdapter & DataSet
                SqlDataAdapter da = new SqlDataAdapter(cmd);
                DataSet ds = new DataSet();
    
                //fill the DataSet using default values for DataTable names, etc.
                da.Fill(ds);
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                
                //return the dataset
                return ds;
            }
            
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified 
            /// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  DataSet ds = ExecuteDataset(trans, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static DataSet ExecuteDataset(SqlTransaction transaction, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteDataset(transaction, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteDataset(transaction, CommandType.StoredProcedure, spName);
                }
            }
    
            #endregion ExecuteDataSet
            
            #region ExecuteReader
    
            /// <summary>
            /// this enum is used to indicate whether the connection was provided by the caller, or created by SqlHelper, so that
            /// we can set the appropriate CommandBehavior when calling ExecuteReader()
            /// </summary>
            private enum SqlConnectionOwnership    
            {
                /// <summary>Connection is owned and managed by SqlHelper</summary>
                Internal, 
                /// <summary>Connection is owned and managed by the caller</summary>
                External
            }
    
            /// <summary>
            /// Create and prepare a SqlCommand, and call ExecuteReader with the appropriate CommandBehavior.
            /// </summary>
            /// <remarks>
            /// If we created and opened the connection, we want the connection to be closed when the DataReader is closed.
            /// 
            /// If the caller provided the connection, we want to leave it to them to manage.
            /// </remarks>
            /// <param name="connection">a valid SqlConnection, on which to execute this command</param>
            /// <param name="transaction">a valid SqlTransaction, or 'null'</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParameters to be associated with the command or 'null' if no parameters are required</param>
            /// <param name="connectionOwnership">indicates whether the connection parameter was provided by the caller, or created by SqlHelper</param>
            /// <returns>SqlDataReader containing the results of the command</returns>
            private static SqlDataReader ExecuteReader(SqlConnection connection, SqlTransaction transaction, CommandType commandType, string commandText, SqlParameter[] commandParameters, SqlConnectionOwnership connectionOwnership)
            {    
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, connection, transaction, commandType, commandText, commandParameters);
                
                //create a reader
                SqlDataReader dr;
    
                // call ExecuteReader with the appropriate CommandBehavior
                if (connectionOwnership == SqlConnectionOwnership.External)
                {
                    dr = cmd.ExecuteReader();
                }
                else
                {
                    dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
                }
                
                // detach the SqlParameters from the command object, so they can be used again.
                /*----------------------------------------------------------------------------*/
                //cmd.Parameters.Clear();--if clear can not get the output parameter value
                /*----------------------------------------------------------------------------*/
                
                return dr;
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the database specified in 
            /// the connection string. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(connString, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(string connectionString, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteReader(connectionString, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the database specified in the connection string 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(connString, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create & open a SqlConnection
                SqlConnection cn = new SqlConnection(connectionString);
                cn.Open();
    
                try
                {
                    //call the private overload that takes an internally owned connection in place of the connection string
                    return ExecuteReader(cn, null, commandType, commandText, commandParameters,SqlConnectionOwnership.Internal);
                }
                catch
                {
                    //if we fail to return the SqlDatReader, we need to close the connection ourselves
                    cn.Close();
                    throw;
                }
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the database specified in 
            /// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(connString, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(string connectionString, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteReader(connectionString, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteReader(connectionString, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlConnection. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(conn, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(SqlConnection connection, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteReader(connection, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the specified SqlConnection 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(conn, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //pass through the call to the private overload using a null transaction value and an externally owned connection
                return ExecuteReader(connection, (SqlTransaction)null, commandType, commandText, commandParameters, SqlConnectionOwnership.External);
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified SqlConnection 
            /// using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(conn, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(SqlConnection connection, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);
    
                    AssignParameterValues(commandParameters, parameterValues);
    
                    return ExecuteReader(connection, CommandType.StoredProcedure, spName, commandParameters);
                }
                //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteReader(connection, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlTransaction. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(trans, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(SqlTransaction transaction, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteReader(transaction, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the specified SqlTransaction
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///   SqlDataReader dr = ExecuteReader(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //pass through to private overload, indicating that the connection is owned by the caller
                return ExecuteReader(transaction.Connection, transaction, commandType, commandText, commandParameters, SqlConnectionOwnership.External);
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified
            /// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  SqlDataReader dr = ExecuteReader(trans, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a SqlDataReader containing the resultset generated by the command</returns>
            public static SqlDataReader ExecuteReader(SqlTransaction transaction, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);
    
                    AssignParameterValues(commandParameters, parameterValues);
    
                    return ExecuteReader(transaction, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteReader(transaction, CommandType.StoredProcedure, spName);
                }
            }
    
            #endregion ExecuteReader
    
            #region ExecuteScalar
            
            /// <summary>
            /// Execute a SqlCommand (that returns a 1x1 resultset and takes no parameters) against the database specified in 
            /// the connection string. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(connString, CommandType.StoredProcedure, "GetOrderCount");
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(string connectionString, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteScalar(connectionString, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a 1x1 resultset) against the database specified in the connection string 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(connString, CommandType.StoredProcedure, "GetOrderCount", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create & open a SqlConnection, and dispose of it after we are done.
                using (SqlConnection cn = new SqlConnection(connectionString))
                {
                    cn.Open();
    
                    //call the overload that takes a connection in place of the connection string
                    return ExecuteScalar(cn, commandType, commandText, commandParameters);
                }
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a 1x1 resultset) against the database specified in 
            /// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(connString, "GetOrderCount", 24, 36);
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(string connectionString, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteScalar(connectionString, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteScalar(connectionString, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a 1x1 resultset and takes no parameters) against the provided SqlConnection. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(conn, CommandType.StoredProcedure, "GetOrderCount");
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(SqlConnection connection, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteScalar(connection, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a 1x1 resultset) against the specified SqlConnection 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(conn, CommandType.StoredProcedure, "GetOrderCount", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
                
                //execute the command & return the results
                object retval = cmd.ExecuteScalar();
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                return retval;
                
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a 1x1 resultset) against the specified SqlConnection 
            /// using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(conn, "GetOrderCount", 24, 36);
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(SqlConnection connection, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteScalar(connection, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteScalar(connection, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a 1x1 resultset and takes no parameters) against the provided SqlTransaction. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(trans, CommandType.StoredProcedure, "GetOrderCount");
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(SqlTransaction transaction, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteScalar(transaction, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a 1x1 resultset) against the specified SqlTransaction
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(trans, CommandType.StoredProcedure, "GetOrderCount", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
                
                //execute the command & return the results
                object retval = cmd.ExecuteScalar();
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                return retval;
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a 1x1 resultset) against the specified
            /// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  int orderCount = (int)ExecuteScalar(trans, "GetOrderCount", 24, 36);
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
            public static object ExecuteScalar(SqlTransaction transaction, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteScalar(transaction, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteScalar(transaction, CommandType.StoredProcedure, spName);
                }
            }
    
            #endregion ExecuteScalar    
    
            #region ExecuteXmlReader
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlConnection. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  XmlReader r = ExecuteXmlReader(conn, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
            /// <returns>an XmlReader containing the resultset generated by the command</returns>
            public static XmlReader ExecuteXmlReader(SqlConnection connection, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteXmlReader(connection, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the specified SqlConnection 
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  XmlReader r = ExecuteXmlReader(conn, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an XmlReader containing the resultset generated by the command</returns>
            public static XmlReader ExecuteXmlReader(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
                
                //create the DataAdapter & DataSet
                XmlReader retval = cmd.ExecuteXmlReader();
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                return retval;
                
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified SqlConnection 
            /// using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  XmlReader r = ExecuteXmlReader(conn, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="connection">a valid SqlConnection</param>
            /// <param name="spName">the name of the stored procedure using "FOR XML AUTO"</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>an XmlReader containing the resultset generated by the command</returns>
            public static XmlReader ExecuteXmlReader(SqlConnection connection, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteXmlReader(connection, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteXmlReader(connection, CommandType.StoredProcedure, spName);
                }
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlTransaction. 
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  XmlReader r = ExecuteXmlReader(trans, CommandType.StoredProcedure, "GetOrders");
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
            /// <returns>an XmlReader containing the resultset generated by the command</returns>
            public static XmlReader ExecuteXmlReader(SqlTransaction transaction, CommandType commandType, string commandText)
            {
                //pass through the call providing null for the set of SqlParameters
                return ExecuteXmlReader(transaction, commandType, commandText, (SqlParameter[])null);
            }
    
            /// <summary>
            /// Execute a SqlCommand (that returns a resultset) against the specified SqlTransaction
            /// using the provided parameters.
            /// </summary>
            /// <remarks>
            /// e.g.:  
            ///  XmlReader r = ExecuteXmlReader(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
            /// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
            /// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
            /// <returns>an XmlReader containing the resultset generated by the command</returns>
            public static XmlReader ExecuteXmlReader(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                //create a command and prepare it for execution
                SqlCommand cmd = new SqlCommand();
                PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
                
                //create the DataAdapter & DataSet
                XmlReader retval = cmd.ExecuteXmlReader();
                
                // detach the SqlParameters from the command object, so they can be used again.
                cmd.Parameters.Clear();
                return retval;            
            }
    
            /// <summary>
            /// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified 
            /// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
            /// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
            /// </summary>
            /// <remarks>
            /// This method provides no access to output parameters or the stored procedure's return value parameter.
            /// 
            /// e.g.:  
            ///  XmlReader r = ExecuteXmlReader(trans, "GetOrders", 24, 36);
            /// </remarks>
            /// <param name="transaction">a valid SqlTransaction</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
            /// <returns>a dataset containing the resultset generated by the command</returns>
            public static XmlReader ExecuteXmlReader(SqlTransaction transaction, string spName, params object[] parameterValues)
            {
                //if we receive parameter values, we need to figure out where they go
                if ((parameterValues != null) && (parameterValues.Length > 0)) 
                {
                    //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                    SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);
    
                    //assign the provided values to these parameters based on parameter order
                    AssignParameterValues(commandParameters, parameterValues);
    
                    //call the overload that takes an array of SqlParameters
                    return ExecuteXmlReader(transaction, CommandType.StoredProcedure, spName, commandParameters);
                }
                    //otherwise we can just call the SP without params
                else 
                {
                    return ExecuteXmlReader(transaction, CommandType.StoredProcedure, spName);
                }
            }
    
    
            #endregion ExecuteXmlReader
        }
    
        /// <summary>
        /// SqlHelperParameterCache provides functions to leverage a static cache of procedure parameters, and the
        /// ability to discover parameters for stored procedures at run-time.
        /// </summary>
        public sealed class SqlHelperParameterCache
        {
            #region private methods, variables, and constructors
    
            //Since this class provides only static methods, make the default constructor private to prevent 
            //instances from being created with "new SqlHelperParameterCache()".
            private SqlHelperParameterCache() {}
    
            private static Hashtable paramCache = Hashtable.Synchronized(new Hashtable());
    
            /// <summary>
            /// resolve at run time the appropriate set of SqlParameters for a stored procedure
            /// </summary>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="includeReturnValueParameter">whether or not to include their return value parameter</param>
            /// <returns></returns>
            private static SqlParameter[] DiscoverSpParameterSet(string connectionString, string spName, bool includeReturnValueParameter)
            {
                using (SqlConnection cn = new SqlConnection(connectionString)) 
                using (SqlCommand cmd = new SqlCommand(spName,cn))
                {
                    cn.Open();
                    cmd.CommandType = CommandType.StoredProcedure;
    
                    SqlCommandBuilder.DeriveParameters(cmd);
    
                    if (!includeReturnValueParameter) 
                    {
                        cmd.Parameters.RemoveAt(0);
                    }
    
                    SqlParameter[] discoveredParameters = new SqlParameter[cmd.Parameters.Count];;
    
                    cmd.Parameters.CopyTo(discoveredParameters, 0);
    
                    return discoveredParameters;
                }
            }
    
            //deep copy of cached SqlParameter array
            private static SqlParameter[] CloneParameters(SqlParameter[] originalParameters)
            {
                SqlParameter[] clonedParameters = new SqlParameter[originalParameters.Length];
    
                for (int i = 0, j = originalParameters.Length; i < j; i++)
                {
                    clonedParameters[i] = (SqlParameter)((ICloneable)originalParameters[i]).Clone();
                }
    
                return clonedParameters;
            }
    
            #endregion private methods, variables, and constructors
    
            #region caching functions
    
            /// <summary>
            /// add parameter array to the cache
            /// </summary>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <param name="commandParameters">an array of SqlParamters to be cached</param>
            public static void CacheParameterSet(string connectionString, string commandText, params SqlParameter[] commandParameters)
            {
                string hashKey = connectionString + ":" + commandText;
    
                paramCache[hashKey] = commandParameters;
            }
    
            /// <summary>
            /// retrieve a parameter array from the cache
            /// </summary>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="commandText">the stored procedure name or T-SQL command</param>
            /// <returns>an array of SqlParamters</returns>
            public static SqlParameter[] GetCachedParameterSet(string connectionString, string commandText)
            {
                string hashKey = connectionString + ":" + commandText;
    
                SqlParameter[] cachedParameters = (SqlParameter[])paramCache[hashKey];
                
                if (cachedParameters == null)
                {            
                    return null;
                }
                else
                {
                    return CloneParameters(cachedParameters);
                }
            }
    
            #endregion caching functions
    
            #region Parameter Discovery Functions
    
            /// <summary>
            /// Retrieves the set of SqlParameters appropriate for the stored procedure
            /// </summary>
            /// <remarks>
            /// This method will query the database for this information, and then store it in a cache for future requests.
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <returns>an array of SqlParameters</returns>
            public static SqlParameter[] GetSpParameterSet(string connectionString, string spName)
            {
                return GetSpParameterSet(connectionString, spName, false);
            }
    
            /// <summary>
            /// Retrieves the set of SqlParameters appropriate for the stored procedure
            /// </summary>
            /// <remarks>
            /// This method will query the database for this information, and then store it in a cache for future requests.
            /// </remarks>
            /// <param name="connectionString">a valid connection string for a SqlConnection</param>
            /// <param name="spName">the name of the stored procedure</param>
            /// <param name="includeReturnValueParameter">a bool value indicating whether the return value parameter should be included in the results</param>
            /// <returns>an array of SqlParameters</returns>
            public static SqlParameter[] GetSpParameterSet(string connectionString, string spName, bool includeReturnValueParameter)
            {
                string hashKey = connectionString + ":" + spName + (includeReturnValueParameter ? ":include ReturnValue Parameter":"");
    
                SqlParameter[] cachedParameters;
                
                cachedParameters = (SqlParameter[])paramCache[hashKey];
    
                if (cachedParameters == null)
                {            
                    cachedParameters = (SqlParameter[])(paramCache[hashKey] = DiscoverSpParameterSet(connectionString, spName, includeReturnValueParameter));
                }
                
                return CloneParameters(cachedParameters);
            }
    
            #endregion Parameter Discovery Functions
    
        }
    }
    DBHelper.cs
    using System;
    using System.Data;
    using System.Configuration;
    using System.Web;
    using System.Xml.Linq;
    using System.Data.SqlClient;
    using System.Web.Configuration;
    
    namespace SGSGHome.Web
    {
        public sealed class DBHelper
        {
            //declare db connection
            public static readonly string connectionString = WebConfigurationManager.AppSettings["db"];
    
            /// <summary>
            /// ExecuteNonQuery
            /// </summary>
            /// <param name="CommandText"></param>
            /// <returns></returns>
            public static int ExecuteNonQuery(string commandText)
            {
                return SqlHelper.ExecuteNonQuery(connectionString, CommandType.Text, commandText);
            }
    
            /// <summary>
            /// ExecuteReader
            /// </summary>
            /// <param name="CommandText"></param>
            /// <returns></returns>
            public static SqlDataReader ExecuteReader(string commandText)
            {
                return SqlHelper.ExecuteReader(connectionString, CommandType.Text, commandText);
            }
    
            /// <summary>
            /// ExecuteDataSet
            /// </summary>
            /// <param name="CommandText"></param>
            /// <returns></returns>
            public static DataSet ExecuteDataSet(string commandText)
            {
                return SqlHelper.ExecuteDataset(connectionString, CommandType.Text, commandText);
            }
    
            /// <summary>
            /// ExecuteDataTable
            /// </summary>
            /// <param name="CommandText"></param>
            /// <returns></returns>
            public static DataTable ExecuteDataTable(string commandText)
            {
                return SqlHelper.ExecuteDataset(connectionString, CommandType.Text, commandText).Tables[0];
            }
    
            /// <summary>
            /// ExecuteScalar
            /// </summary>
            /// <param name="CommandText"></param>
            /// <returns></returns>
            public static object ExecuteScalar(string commandText)
            {
                return SqlHelper.ExecuteScalar(connectionString, CommandType.Text, commandText);
            }
    
            /// <summary>
            /// ExecuteScalar(T)
            /// </summary>
            /// <param name="CommandText"></param>
            /// <returns></returns>
            public static T ExecuteScalar<T>(string commandText)
            {
                return (T)SqlHelper.ExecuteScalar(connectionString, CommandType.Text, commandText);
            }
    
            /// <summary>
            /// ExecuteDataTable with sp
            /// </summary>
            /// <param name="spName"></param>
            /// <param name="sqlParameter"></param>
            /// <returns></returns>
            public static DataTable ExecuteDataTable(string spName, SqlParameter[] sqlParameter)
            {
                return SqlHelper.ExecuteDataset(connectionString, CommandType.StoredProcedure, spName, sqlParameter).Tables[0];
            }
    
            /// <summary>
            /// ExecuteDataSet with sp
            /// </summary>
            /// <param name="spName"></param>
            /// <param name="sqlParameter"></param>
            /// <returns></returns>
            public static DataSet ExecuteDataSet(string spName, SqlParameter[] sqlParameter)
            {
                return SqlHelper.ExecuteDataset(connectionString, CommandType.StoredProcedure, spName, sqlParameter);
            }
    
            /// <summary>
            /// ExecuteScalar(T) with sp
            /// </summary>
            /// <typeparam name="T"></typeparam>
            /// <param name="spName"></param>
            /// <param name="sqlParameter"></param>
            /// <returns></returns>
            public static T ExecuteScalar<T>(string spName, SqlParameter[] sqlParameter)
            {
                return (T)SqlHelper.ExecuteDataset(connectionString, CommandType.StoredProcedure, spName, sqlParameter).Tables[0].Rows[0][0];
            }
    
            /// <summary>
            /// ExecuteNonQuery with sp
            /// </summary>
            /// <param name="spName"></param>
            /// <param name="sqlParameter"></param>
            /// <returns></returns>
            public static int ExecuteNonQuery(string spName, SqlParameter[] sqlParameter)
            {
                return SqlHelper.ExecuteNonQuery(connectionString, CommandType.StoredProcedure, spName, sqlParameter);
            }
    
            /// <summary>
            /// ExecuteReader with sp
            /// </summary>
            /// <param name="spName"></param>
            /// <param name="sqlParameter"></param>
            /// <returns></returns>
            public static SqlDataReader ExecuteReader(string spName, SqlParameter[] sqlParameter)
            {
                return SqlHelper.ExecuteReader(connectionString, CommandType.StoredProcedure, spName, sqlParameter);
            }
        }
    }
  • 相关阅读:
    zhaopin001
    js中获取当前时间毫秒数
    td标签设置background属性时,最好选择在style中设置
    只选择年份的下来菜单
    a标签中的href调用js对话框
    VS2010引用Microsoft.Office.Interop生成时出错
    VS调试“附加到进程”时有多个相同w3wp.exe时不知选择哪一个的解决方法
    使用BAT批处理执行sql
    Multiple outputs from T4 made easy revisited (T4 输出多个文件)
    PowerDesigner 反向工程生成ER图
  • 原文地址:https://www.cnblogs.com/ncore/p/2784699.html
Copyright © 2020-2023  润新知