The error message tells you what's wrong: The stored procedure expects a parameter
@Booknum
which you did not supply with your SqlCommand. Instead you add an unnamed SqlParameter with no value - which doesn't help because the stored procedure expects that named parameter. Also, you need to provide the SqlParameter
before you execute the SqlCommand (by calling ExecuteReader() on it).
It might work if you do this:
cmd.Parameters.Add(new SqlParameter());
cmd.Parameters.AddWithValue("@Booknum", Booknum);
SqlDataReader reader = cmd.ExecuteReader();
Edit: You should move this line:
con.Close();
..below the if-block in which it currently is in:
if (reader.HasRows)
{
}
con.Close();
..because you want to close the SqlConnection
in any case, not only if there are no results.
Even better would be to use the SqlConnection with a
using
-Statement because this will
ensure that the connection gets closed (and disposed) in any case, even if an exception is thrown somewhere "inbetween" - and the same goes for all other Sql****-objects like the SqlCommand, SqlDataReader, SqlTransaction (and others):
using (SqlConnection con = new SqlConnection(connstring))
using (SqlCommand cmd = new SqlCommand(sproc, con))
{
con.Open();
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Booknum", Booknum);
using(SqlDataReader reader = cmd.ExecuteReader())
{
List<Document> docs = new List<Document>();
if (reader.HasRows)
{
}
}
}