Couple of comments.
Firstly, ADO.NET uses DataSets and not RecordSets. Have you looked at
any of the ADO.NET tutorials and documentation? For example, you might
Secondly, I hope you don't really construct SQL queries in the way you
set out in your example. It's incredibly insecure to do stuff like
that. It's also really bad practice to have hard-coded values in your
One excellent reason for using stored procedures is that you can pass in
your user input as parameters. Stored procedure parameters are
guaranteed to be treated as strings by the database, and not as commands
(unless you do something silly like creating another string in your sp
that includes the parameter by concatentation).
So, in short, if you adopt good coding practices, you have to store all
your query strings somewhere in order not to hard-code them into your
application. If you're going to do that, you'd might as well store them
in SPs and get all the security advantages of SPs as well.
Just my 2c. YMMV.
Sent: 15 June 2006 09:23
To: DotNetDevelopment, VB.NET, C# .NET, ADO.NET, ASP.NET, XML, XML Web
Subject: [DotNetDevelopment] Help - New to VB.NET - selecting data
I have developed several complicated applications in VB 6.0 and I am
struggling with some of the concepts in VB.NET. If anyone could point
me in the right direction I would really appreciate it. I have an SQL
server and an application with about a million SELECT statements. The
books I have bought on VB.NET all seem to want to use stored procedures
- this kind of feels wrong as many of the SELECT statements are unique
and it would amazingly time consuming creating stored procedures for
every SELECT, UPDATE, DELETE, etc.
The kind of thing I'm trying to replicate is something as simeple as
this in VB 6.0....
Dim prasSYSusers As New ADODB.Recordset
gstrSQL = "SELECT code, active FROM PhoenixUsers WHERE
password = '" & Trim(Password) & "'"
prasSYSusers.Open gstrSQL, gconSqlDB, adOpenStatic,
If prasSYSusers.RecordCount = 1 Then
prasSYSusers!Active = 1
gconSqlDB is a global variable holding the connection strin and the
vairable Password is collected from the form. Security isn't an issue
here - I just want to understand the basic concepts. As you may have
gathered I'm really struggling to get off the ground with VB.NET