Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2005 Forums
 .NET Inside SQL Server (2005)
 System.Security.HostProtectionException

Author  Topic 

aCiD
Starting Member

1 Post

Posted - 2007-08-03 : 11:34:12
I'm running a stored proc in ASP.NET/C# which used to work, but now it throws this error every time I run the proc:


A .NET Framework error occurred during execution of user-defined routine or aggregate "addCampaign":
System.Security.HostProtectionException: Attempted to perform an operation that was forbidden by the CLR host.

The protected resources (only available with full trust) were: All
The demanded resources were: Synchronization



Here's the Stored proc code:
    public static void addCampaign(string name, string ratingId, string classId, string requiresApproval, string isApproved, string approvedById, string clientEmail, string isAdmin)//, string startDate, string endDate)
{
SqlConnection connection = new SqlConnection("Context Connection=true");
connection.Open();
SqlCommand command;

if (isAdmin.ToLower() == "false")
command = new SqlCommand("INSERT INTO Campaign (Name, RatingId, ClassId, ApprNeeded, IsApproved, CustomerEmail)VALUES(@name, @ratingId, @classId, False, False, @email)", connection);
else
{
if (isApproved.ToLower() == "true")
{
command = new SqlCommand("INSERT INTO Campaign (Name, RatingId, ClassId, ApprNeeded, IsApproved, DateApproved, ApprovedById, CustomerEmail)VALUES(@name, @ratingId, @classId, @requiresApproval, @isApproved, '" + DateTime.Now.ToString() + "', @approvedById, @email)", connection);
command.Parameters.Add("@requiresApproval", SqlDbType.Bit).Value = requiresApproval;
command.Parameters.Add("@isApproved", SqlDbType.Bit).Value = isApproved;
command.Parameters.Add("@approvedById", SqlDbType.Int).Value = approvedById;
}
else
{
command = new SqlCommand("INSERT INTO Campaign (Name, RatingId, ClassId, ApprNeeded, IsApproved, DateApproved, ApprovedById, CustomerEmail, StartDate, EndDate)VALUES(@name, @ratingId, @classId, @requiresApproval, @isApproved, null, @approvedById, @email, @startDate, @endDate)", connection);
command.Parameters.Add("@requiresApproval", SqlDbType.Bit).Value = requiresApproval;
command.Parameters.Add("@isApproved", SqlDbType.Bit).Value = isApproved;
command.Parameters.Add("@approvedById", SqlDbType.Int).Value = null;
}
}
Debug.WriteLine(command.CommandText);
command.Parameters.Add("@name", SqlDbType.NVarChar).Value = name;
command.Parameters.Add("@ratingId", SqlDbType.Int).Value = ratingId;
command.Parameters.Add("@classId", SqlDbType.Int).Value = classId;
command.Parameters.Add("@email", SqlDbType.NVarChar).Value = clientEmail;
//command.Parameters.Add("@startDate", SqlDbType.NVarChar).Value = startDate;
//command.Parameters.Add("@endDate", SqlDbType.NVarChar).Value = endDate;
command.ExecuteNonQuery();

connection.Close();
}



and the code which calls and sets up the stored proc:

        protected void addButton_Click(object sender, EventArgs e)
{
if (nameTextBox.Text != string.Empty)
{
SqlConnection connection = MediaSchedulerCommon.GetConnection();
connection.Open();
SqlCommand command = new SqlCommand("addCampaign", connection);
command.CommandType = CommandType.StoredProcedure;
if (MediaSchedulerCommon.isAdmin(Request.Cookies["mediascheduler_email"].Value))
{
command.Parameters.Add("@requiresApproval", SqlDbType.Bit).Value = needsApprovalCheckBox.Checked.ToString();
command.Parameters.Add("@isApproved", SqlDbType.Bit).Value = campaignApprovedCheckBox.Checked.ToString();
command.Parameters.Add("@approvedById", SqlDbType.Int).Value = MediaSchedulerCommon.getAccountId(Request.Cookies["mediascheduler_email"].Value).ToString();
command.Parameters.Add("@isAdmin", SqlDbType.Bit).Value = "True";
}
else
{
command.Parameters.Add("@requiresApproval", SqlDbType.Bit).Value = "";
command.Parameters.Add("@isApproved", SqlDbType.Bit).Value = "";
command.Parameters.Add("@approvedById", SqlDbType.Int).Value = null;
command.Parameters.Add("@isAdmin", SqlDbType.Bit).Value = "False";
}
command.Parameters.Add("@name", SqlDbType.NVarChar).Value = nameTextBox.Text;
command.Parameters.Add("@ratingId", SqlDbType.Int).Value = ratingIds[ratingDropDownList.SelectedIndex];
command.Parameters.Add("@classId", SqlDbType.Int).Value = classIds[classDropDownList.SelectedIndex];
command.Parameters.Add("@clientEmail", SqlDbType.NVarChar).Value = clientEmails[clientDropDownList.SelectedIndex];
//command.Parameters.Add("@startDate", SqlDbType.NVarChar).Value = startDateCalendar.SelectedDate.ToString();
//command.Parameters.Add("@endDate", SqlDbType.NVarChar).Value = endDateCalendar.SelectedDate.ToString();

command.ExecuteNonQuery();
connection.Close();
Response.Redirect("campaign.aspx");
}
}



Any insight is greatly appreciated since I haven't been able to get past this for a day....
   

- Advertisement -