Insert into two tables in code behind (VB.net)

Question

The solution that works for me is:

         sqlstr = "declare "
            sqlstr &= "@returnId int "
            sqlstr &= " BEGIN TRANSACTION " & _
                    " INSERT INTO sales ([user_name],[password],[full_Name],[email]) " & _
                    " VALUES (@user_name,@password,@full_Name,@email) " & _
                    " set @returnId = (select SCOPE_IDENTITY()) " & _
                    " INSERT INTO Sales_trade ([id_s],[trade]) " & _
                    " VALUES (@returnId,@trade) " & _
                    "IF (@@error <> 0) " & _
                    " ROLLBACK TRANSACTION " & _
                    " ELSE COMMIT TRANSACTION "

            cmd = New SqlCommand(sqlstr, myConn)
            Dim par1 As New SqlParameter
            par1.ParameterName = "@user_name"
            par1.Value = unam
            cmd.Parameters.Add(par1)

            'Do the same for all other parameters

            cmd.ExecuteNonQuery()

    myConn.Close()

This is how it worked for me, the code I did for parameter (par1) is the same all for the rest..

Answer 1

Initially i suggest you to parametrized your query to avoid sql injection. Create a transaction and use the sql statement something like the above:

sqlstr = " BEGIN TRANSACTION " & _
" INSERT INTO sales ([user_name],[password],[full_Name],[email]) " & _
" VALUES (@user_name,@password,@full_Name,@email) " & _
" set @returnId = (select SCOPE_IDENTITY()) " & _
" INSERT INTO Sales_trade ([id_s],[trade]) " & _
" VALUES (@returnId,@trade) " & _
"IF (@@error <> 0) " & _
" ROLLBACK TRANSACTION " & _
" ELSE COMMIT TRANSACTION "
dim par as new SqlParameter
par.Name = "@user_name"
par.Value = "test"
.... do this for all parameters
cmd.Parameters.Add(par)