Question : ASP.NET - Database Class

I have posted below my work so far on a new Database Class I am building. My purpose in posting this is to get some feedback on how I am engineering the class. I would greatly appreciate some tips on how I can improve what I'm building. Good comments would include anything that would help me to impove the performance, flexibility or security, or anything that would help make the code cleaner and more error proof.

As can be seen below I have yet to build out my methods that I will use for the returning a DataReader. I feel especially leery about DataReaders and the problems they can cause if they are not used properly. However I recognize how useful they are when performance is desired and I just want some tips on best practices in regard to their use.

Thanks in advance for any tips, advice, example code, etc.

Code Snippet:

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:



using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Configuration;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using System.IO;

namespace BusinessLayer.Helpers
{
    public class Database : IDisposable
    {
        private String strConn;
        private String strSQL;
        private SqlConnection conn = null;
        private SqlCommand cmd = null;
        private SqlDataAdapter da = null;
        private List lstParams = null;

        //Constructors
        public Database()
        {
            strConn = ConfigurationManager.ConnectionStrings["AppConnectionString"].ConnectionString.ToString();
        }

        public Database(String SQL)
        {
            strConn = ConfigurationManager.ConnectionStrings["AppConnectionString"].ConnectionString.ToString();
            strSQL = SQL;
        }

        //AddParam
        public void AddParam(String paramName, String paramValue)
        {
            if (lstParams == null)
            {
                lstParams = new List();
            }

            try
            {
                if (paramName.Substring(0, 1) != "@")
                {
                    paramName = "@" + paramName;
                }
                lstParams.Add(new SqlParameter(paramName, paramValue));
            }
            catch (Exception ex)
            {
                Email.sendErrorEmail(ex, "Error Adding Parameter to Database Object");
                throw new ArgumentException();
            }
        }

        //ResetParams
        public void ResetParams()
        {
            lstParams = null;
        }

        //Data_Table - Stored Procedure
        public DataTable StoredProcedure_DataTable(String StoredProcedureName, out Boolean succeed)
        {
            succeed = false;
            DataTable dt = new DataTable();
            try
            {
                using (conn = new SqlConnection(strConn))
                {
                    using (cmd = new SqlCommand(StoredProcedureName, conn))
                    {
                        cmd.CommandType = CommandType.StoredProcedure;
                        foreach (SqlParameter param in lstParams)
                        {
                            cmd.Parameters.Add(param);
                        }
                        cmd.Connection.Open();
                        using (SqlDataReader sdr = cmd.ExecuteReader())
                        {
                            dt.Load(sdr);
                            succeed = true;
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                String sql = StoredProcedureName + "
";
                foreach(SqlParameter param in lstParams)
                {
                    sql += param.ParameterName + ": " + param.Value.ToString() + "
";
                }
                Email.sendErrorEmail(ex, "Stored Procedure: DataTable - Error", "SQL Passed", sql);
                throw new Exception();
            }
            finally
            {
                cmd.Connection.Close();
                Dispose();
            }

            return dt;
        }

        public DataTable StoredProcedure_DataTable(String StoredProcedureName)
        {
            Boolean Silencer;
            return StoredProcedure_DataTable(StoredProcedureName, out Silencer);
        }

        //DataReader - Stored Procedure
        //? TODO:
        //?
        //?
        //?

        //Scalar - Stored Procedure
        public String StoredProcedure_Scalar(String StoredProcedureName, out Boolean succeed)
        {
            succeed = false;
            String strScalar = "";
            try
            {
                using (conn = new SqlConnection(strConn))
                {
                    using (cmd = new SqlCommand(StoredProcedureName, conn))
                    {
                        cmd.CommandType = CommandType.StoredProcedure;
                        foreach (SqlParameter param in lstParams)
                        {
                            cmd.Parameters.Add(param);
                        }
                        cmd.Connection.Open();
                        strScalar = cmd.ExecuteScalar().ToString();
                        succeed = true;
                    }
                }
            }
            catch (Exception ex)
            {
                String sql = StoredProcedureName + "
";
                foreach (SqlParameter param in lstParams)
                {
                    sql += param.ParameterName + ": " + param.Value.ToString() + "
";
                }
                Email.sendErrorEmail(ex, "Stored Procedure: Scalar - Error", "SQL Passed", sql);
                throw new Exception();
            }
            finally
            {
                cmd.Connection.Close();
                Dispose();
            }
            return strScalar;
        }

        public String StoredProcedure_Scalar(String StoredProcedureName)
        {
            Boolean Silencer;
            return StoredProcedure_Scalar(StoredProcedureName, out Silencer);
        }

        //Non Query - Stored Procedure
        public void StoredProcedure_NonQuery(String StoredProcedureName, out Boolean succeed)
        {
            succeed = false;
            try
            {
                using (conn = new SqlConnection(strConn))
                {
                    using (cmd = new SqlCommand(StoredProcedureName, conn))
                    {
                        cmd.CommandType = CommandType.StoredProcedure;
                        foreach (SqlParameter param in lstParams)
                        {
                            cmd.Parameters.Add(param);
                        }
                        cmd.Connection.Open();
                        cmd.ExecuteNonQuery();
                        succeed = true;
                    }
                }
            }
            catch (Exception ex)
            {
                String sql = StoredProcedureName + "
";
                foreach (SqlParameter param in lstParams)
                {
                    sql += param.ParameterName + ": " + param.Value.ToString() + "
";
                }
                Email.sendErrorEmail(ex, "Stored Procedure: Non Query - Error", "SQL Passed", sql);
                throw new Exception();
            }
            finally
            {
                cmd.Connection.Close();
                Dispose();
            }
        }

        public void StoredProcedure_NonQuery(String StoredProcedureName)
        {
            Boolean Silencer;
            StoredProcedure_NonQuery(StoredProcedureName, out Silencer);
        }

        //IDisposable method
        public void Dispose()
        {
            if (da != null)
            {
                da.Dispose();
                da = null;
            }
            if (cmd != null)
            {
                cmd.Connection.Close();
                cmd.Dispose();
                cmd = null;
            }
            if (conn != null)
            {
                conn.Dispose();
                conn = null;
            }
            ResetParams();
        }

    } //End of Database Class

} //End of Helpers NameSpace

Open in New Window

Select All

Question : ASP.NET - Database Class

Answer : ASP.NET - Database Class

There's an add-on for that
https://addons.mozilla.org/en-US/firefox/addon/207

Question : ASP.NET - Database Class

Answer : ASP.NET - Database Class

There's an add-on for thathttps://addons.mozilla.org/en-US/firefox/addon/207

There's an add-on for that
https://addons.mozilla.org/en-US/firefox/addon/207