I have created Restful API (JSON based API) for android application by using asp.net and SQL server. I am succeed in performing the CURD operations from android app to sql server database via Restful web service by following this link:
http://www.tutecentral.com/restful-api-for-android-part-1/
Now what I want is to create single web method for 2 or more related sql select queries and add the results in single datatable i.e. add the values in remaining columns of datatable rows on executing the second query. but my application crashes when I'm trying to do so:
Web Service method for the above scenario is:
public DataTable GetStaffProfile(string userid)
{
String faculty_id="";
DataTable staffProfile = new DataTable();
//Adding data to these columns on executing 1st sql query
staffProfile.Columns.Add(new DataColumn("eid", typeof(String)));
staffProfile.Columns.Add(new DataColumn("empid", typeof(String)));
staffProfile.Columns.Add(new DataColumn("userid", typeof(String)));
staffProfile.Columns.Add(new DataColumn("fname", typeof(String)));
staffProfile.Columns.Add(new DataColumn("lname", typeof(String)));
staffProfile.Columns.Add(new DataColumn("fathername", typeof(String)));
staffProfile.Columns.Add(new DataColumn("dob", typeof(String)));
staffProfile.Columns.Add(new DataColumn("nationality", typeof(String)));
staffProfile.Columns.Add(new DataColumn("religion", typeof(String)));
staffProfile.Columns.Add(new DataColumn("cnic", typeof(String)));
staffProfile.Columns.Add(new DataColumn("gender", typeof(String)));
staffProfile.Columns.Add(new DataColumn("domicile", typeof(String)));
staffProfile.Columns.Add(new DataColumn("designame", typeof(String)));
staffProfile.Columns.Add(new DataColumn("dname", typeof(String)));
staffProfile.Columns.Add(new DataColumn("employmentdate", typeof(String)));
//Adding data to these columns on executing 2nd sql query
staffProfile.Columns.Add(new DataColumn("qualification", typeof(String)));
staffProfile.Columns.Add(new DataColumn("university", typeof(String)));
staffProfile.Columns.Add(new DataColumn("majors", typeof(String)));
staffProfile.Columns.Add(new DataColumn("year", typeof(String)));
staffProfile.Columns.Add(new DataColumn("city", typeof(String)));
staffProfile.Columns.Add(new DataColumn("country", typeof(String)));
if (dbConnection.State.ToString() == "Closed")
{
dbConnection.Open();
}
string query = "SELECT eid, empid, userid, fname,lname, fathername, dob, nationality, religion, cnic, gender, domicile,(select title from uw_designation where desigid=uw_employee.desigid) as designame,(select dname from uw_department where "
+"deptid=uw_employee.deptid) as dname, employmentdate FROM uw_employee where userid='"+userid+"'";
SqlCommand command = new SqlCommand(query, dbConnection);
SqlDataReader reader = command.ExecuteReader();
if (reader.HasRows)
{
while (reader.Read())
{
faculty_id = reader["eid"] as string;
staffProfile.Rows.Add(reader["eid"], reader["empid"], reader["userid"], reader["fname"], reader["lname"], reader["fathername"], reader["dob"], reader["nationality"],
reader["religion"], reader["cnic"], reader["gender"], reader["domicile"], reader["designame"], reader["dname"],
reader["employmentdate"]);
}
}
reader.Close();
//getting staff qualification
string query2 = "SELECT TOP(1) eid, qualification, university, majors, year,city,country " +
"FROM uw_employee_education where eid='"+faculty_id+"'";
SqlCommand command2 = new SqlCommand(query2, dbConnection);
SqlDataReader reader1 = command2.ExecuteReader();
if (reader1.HasRows)
{
while (reader1.Read())
{
staffProfile.Rows[0]["qualification"]=reader1["qualification"] as string;
staffProfile.Rows[0]["university"] = reader1["university"]as string;
staffProfile.Rows[0]["majors"] = reader1["majors"] as string;
staffProfile.Rows[0]["year"] = reader1["year"] as string;
staffProfile.Rows[0]["city"] = reader1["city"] as string;
staffProfile.Rows[0]["country"] = reader1["country"] as string;
}
}
reader1.Close();
dbConnection.Close();
return staffProfile;
}
both queries return only one result. Every kind of help is appreciated. Thanks in advance.
Would you try to change existing
SqlCommand
for second query.Also, please consider the SQL injection while creating the SQL queries. I suggest you to use
SqlParameter
.