Newbie: Updating database using XML data

  • Thread starter Thread starter susan
  • Start date Start date
S

susan

Hi All,

I've created a webservice which receives XML data and then in turn
updates a database with the received data. This is my web method:

[WebMethod]
public void submitClientInfo(string sXML)
{
string XmlName="";
string XmlAge= "";
string XmlPlace="";

SqlCommand cmd=new SqlCommand("Insert into table1 (name, age, place)
values ('" + XmlName + "'," + XmlAge + ",'" + XmlPlace + "')");

XmlDataDocument XmlDoc= new XmlDataDocument();
XmlDoc.LoadXml(sXML);
DataSet ds=XmlDoc.DataSet;

foreach (DataRow Demo in ds.Tables[0].Rows)
{
XmlName=Demo["name"].ToString();
XmlAge= Demo["age"].ToString();
XmlPlace=Demo["place"].ToString();
cmd.ExecuteNonQuery();
}
}

Looks pretty simple..but I'm getting an Internal server error: error
500. Could someone pls help me.

Thanks
Susan
 
(e-mail address removed) (susan) wrote in
Hi All,

I've created a webservice which receives XML data and then in turn
updates a database with the received data. This is my web method:

[WebMethod]
public void submitClientInfo(string sXML)
{
string XmlName="";
string XmlAge= "";
string XmlPlace="";

SqlCommand cmd=new SqlCommand("Insert into table1 (name, age, place)
values ('" + XmlName + "'," + XmlAge + ",'" + XmlPlace + "')");

XmlDataDocument XmlDoc= new XmlDataDocument();
XmlDoc.LoadXml(sXML);
DataSet ds=XmlDoc.DataSet;

foreach (DataRow Demo in ds.Tables[0].Rows)
{
XmlName=Demo["name"].ToString();
XmlAge= Demo["age"].ToString();
XmlPlace=Demo["place"].ToString();
cmd.ExecuteNonQuery();
}
}

Looks pretty simple..but I'm getting an Internal server error: error
500. Could someone pls help me.

Thanks
Susan

You're going about the SqlCommand incorrectly.

For one, do NOT "hardcode" variable values directly into your
commandText. You open yourself to SQL injections that way. Instead use
parameters in the command.

SqlCommand cmd=new SqlCommand("Insert into table1 (name, age, place)"
" values (@name, @Age, @Place)");
SqlParameter prmName = cmd.Parameters.Add("@name");
prmName.SourceColumn = "name";

Second, you didn't specify a SqlConnection for the command, so how does
it know what database to run against?

The other problem is that you are setting the values after the blank
values were being added to the commandtext of the command. Changing the
variable values does not automagically update any other string that was
concatenated with that string. Go back to programming 101 to understand
that concept.

However, you can change the Value property of the Parameter and do
another update. Here is the code you need...

[WebMethod]
public void submitClientInfo(string sXML)
{
SqlConnection myConnection = new SqlConnection(_conString);
//_conString must be a valid database connection string!

DataSet ds = new DataSet("clientInfo");
ds.ReadXml(sXml, XmlReadMode.ReadSchema);

SqlCommand cmd=new SqlCommand("Insert into table1 "
"(name, age, place) values (@name, @Age, @Place)"
, myConnection);
SqlParameter prmName = cmd.Parameters.Add("@name");
prmName .DataType = SqlDbType.NVarChar;
prmName.SourceColumn = "name";
SqlParameter prmName = cmd.Parameters.Add("@Age");
prmName .DataType = SqlDbType.NVarChar;
prmName.SourceColumn = "age";
SqlParameter prmName = cmd.Parameters.Add("@Place");
prmName .DataType = SqlDbType.NVarChar;
prmName.SourceColumn = "place";

foreach (DataRow Demo in ds.Tables[0].Rows)
{
prmName.Value = Demo["name"]; //no ToString()
prmAge.Value = Demo["age"];
prmPlace.Value = Demo["place"];
cmd.ExecuteNonQuery();
}
}

I don't know your Db schema. You may have to change the parameter
datatypes to a different SqlDbType type. As long as the Schema of the
XMl file and the Sql database of of compatible types you don't need to
convert the datatype from each DataRow "ToString" or any other conversion
method.

(This sample provided as is to demonstrate concepts, with no expressed or
implied warranty. It was written directly into the newsreader without
testing in VS)
--
Michael Lang, MCSD
See my .NET open source projects
http://sourceforge.net/projects/colcodegen (simple code generator)
http://sourceforge.net/projects/dbobjecter (database app code generator)
http://sourceforge.net/projects/genadonet ("generic" ADO.NET)
 
Hi Michael,
Thanks a lot helping me out. I made the changes you suggested.The Xml
string i'm using for the time being goes as follows:

<?xml version="1.0" encoding="utf-8"
<NewDataSet><table1><name>Jack</name><age>12</age><place>xyz</place></table1></NewDataSet>

Is this valid input for my web method? Coz I'm getting the following
error:

System.ArgumentException: The path contains illegal characters.
at System.IO.Path.nGetFullPathHelper(String path, Char[]
invalidPathChars, Char[] whitespaceChars, Char directorySeparator,
Char altDirectorySeparator, Char volumeSeparator, Boolean fullCheck,
String& newPath)
at System.IO.Path.GetFullPathInternal(String path)
at System.IO.Path.GetFullPath(String path)
at System.Xml.XmlResolver.ResolveUri(Uri baseUri, String
relativeUri)
at System.Xml.XmlTextReader..ctor(String url, XmlNameTable nt)
at System.Xml.XmlTextReader..ctor(String url)
at System.Data.DataSet.ReadXml(String fileName, XmlReadMode mode)
at Susanswebservice.Service1.submitClientInfo(String sXML) in
c:\inetpub\wwwroot\Susanswebservice\service1.asmx.cs:line 172

Hope u'll help again.
Thanks
Susan
 
Hi Michael,
Thanks for replying. I changed my web method the way you suggested.
I'm still not able to insert into the database. I want to know if the
following can be taken as a valid xml input string:

<?xml version="1.0" encoding="utf-8"
?><NewDataSet><table1><name>jill</name><age>34</age><place>Southernwood</place></table1></NewDataSet>

I used the above string for the time being but its not
working..getting the following error:

System.ArgumentException: The path contains illegal characters.
at System.IO.Path.nGetFullPathHelper(String path, Char[]
invalidPathChars, Char[] whitespaceChars, Char directorySeparator,
Char altDirectorySeparator, Char volumeSeparator, Boolean fullCheck,
String& newPath)
at System.IO.Path.GetFullPathInternal(String path)
at System.IO.Path.GetFullPath(String path)
at System.Xml.XmlResolver.ResolveUri(Uri baseUri, String
relativeUri)
at System.Xml.XmlTextReader..ctor(String url, XmlNameTable nt)
at System.Xml.XmlTextReader..ctor(String url)
at System.Data.DataSet.ReadXml(String fileName, XmlReadMode mode)
at Susanswebservice.Service1.submitClientInfo(String sXML) in
c:\inetpub\wwwroot\Susanswebservice\service1.asmx.cs:line 168

pls help once more.
Thanks
Susan
 
(e-mail address removed) (susan) wrote in
Hi Michael,
Thanks for replying. I changed my web method the way you suggested.
I'm still not able to insert into the database. I want to know if the
following can be taken as a valid xml input string:

<?xml version="1.0" encoding="utf-8"
?><NewDataSet><table1><name>jill</name><age>34</age><place>Southernwood
</place></table1></NewDataSet>

I used the above string for the time being but its not
working..getting the following error:

System.ArgumentException: The path contains illegal characters.
at System.IO.Path.nGetFullPathHelper(String path, Char[]
invalidPathChars, Char[] whitespaceChars, Char directorySeparator,
Char altDirectorySeparator, Char volumeSeparator, Boolean fullCheck,
String& newPath)
at System.IO.Path.GetFullPathInternal(String path)
at System.IO.Path.GetFullPath(String path)
at System.Xml.XmlResolver.ResolveUri(Uri baseUri, String
relativeUri)
at System.Xml.XmlTextReader..ctor(String url, XmlNameTable nt)
at System.Xml.XmlTextReader..ctor(String url)
at System.Data.DataSet.ReadXml(String fileName, XmlReadMode mode)
at Susanswebservice.Service1.submitClientInfo(String sXML) in
c:\inetpub\wwwroot\Susanswebservice\service1.asmx.cs:line 168

pls help once more.
Thanks
Susan

I am unsure. I'm not an XML guru. I usually create XML files using
DataSet.WriteXML(). Then I know the data in it is the correct format.

It may be the XmlReadMode you are using. The Xml snippet you show does
not have any schema, and In my example I demonstrated
XmlReadMode.ReadSchema. For that mode the XMl file must contain schema.
Here is what my Xml file looks like, which was written by
DataSet.WriteXML() to include schema.

======================================================================
<?xml version="1.0" standalone="yes"?>
<SPData>
<xs:schema id="SPData" xmlns=""
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-
microsoft-com:xml-msdata">
<xs:element name="SPData" msdata:IsDataSet="true">
<xs:complexType>
<xs:choice maxOccurs="unbounded">
<xs:element name="District">
<xs:complexType>
<xs:sequence>
<xs:element name="DistrictID"
msdata:DataType="System.Guid, mscorlib, Version=1.0.3300.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089" type="xs:string"
minOccurs="0" />
<xs:element name="DistCode" type="xs:string"
minOccurs="0" />
<xs:element name="Name" type="xs:string" minOccurs="0" />
<xs:element name="Mask" type="xs:string" minOccurs="0" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:choice>
</xs:complexType>
</xs:element>
</xs:schema>
<District>
<DistrictID>0494ca41-2318-405b-8ee3-a6dd90c69e3a</DistrictID>
<DistCode>FI</DistCode>
<Name>Filene's (Old)</Name>
<Mask>(D|ALL)</Mask>
</District>
</SPData>
======================================================================

Maybe you can use XmlReadMode.InferSchema instead?

"Ignores any inline schema, infers schema from the data and loads the
data. If the DataSet already contains a schema, the current schema is
extended by adding new tables or adding columns to existing tables. An
exception is thrown if the inferred table already exists but with a
different namespace, or if any of the inferred columns conflict with
existing columns."
 
Thanks a lot Michael.
I got it working. Instead of using all that XmlDataDocument code..I
used:

DataSet ds = new DataSet();
System.IO.StringReader oReader = new System.IO.StringReader(sXML);
ds.ReadXml(oReader);

Then I used the code u first gave me..SqlParameter etc..to insert into
the database.

Thanks
Susan
 
Back
Top