Deploy SQL Databases Easily with the Installer Class

Introduction

If you made an application that uses an SQL database that needs to be located on the client server, VS.NET Setup Project doesn’t help too much. You could go for InstallShield or another product that will make things easy, but the costs will get higher. So, while searching for a free solution, I found an article on MSDN about using the Installer class and custom actions to make this happen. The code is in VB .NET, so this article ports it to C# with some new features that I’ve found useful, such as storing the connection string to the database more safely, restoring the initial state of the server if something fails, and an uninstall feature. All you need to do is to make a class derived from System.Configuration.Install and add two Embedded Resources named install.txt & uninstall.txt to the solution. The install.txt will contain the SQL script for your database and uninstall.txt the drop script. For the database script, I am using the ASPstate script made by the Microsoft team for the ASP.NET InSQL session state:

< sessionState
   mode ="SQLServer"
   stateConnectionString ="tcpip=127.0.0.1:42424"
   sqlConnectionString = "data source=aleph;
                          User ID=ASPsession;Password=ASPsession;"
   cookieless = "false"
   timeout    = "60"
/>

For my Web application to work on a client server, I need to make a MSI with my app and the SQL script. To run the script at install time, I’ve made a .dll named ScriptInstall; the code for it will follow.

Installer Class Code

First, you declare a string that will have a default value and can be overridden by the Install method:

[RunInstaller(true)]
public class ScriptInstall : Installer
{
   //default value, it will be overwritten by the installer
   string conStr= "packet size=4096;integrated security=SSPI;" +
                  "data source=\"(local)\";
                  persist security info=False;" +
                  "initial catalog=master";

I use two static functions that will return the script content and the connection string to the SQL server:

private static string GetScript(string name)
{
   Assembly asm = Assembly.GetExecutingAssembly();
   Stream str = asm.GetManifestResourceStream(asm.GetName().Name +
                                              "." + name);
   StreamReader reader = new StreamReader(str);
   return reader.ReadToEnd();
}
private static string GetLogin(string databaseServer,string userName,
                               string userPass,string database)
{
   return "server=" + databaseServer + ";database="+database+
                      ";User ID=" + userName + ";Password=" + userPass;
}

Then, process two functions that will run install.txt and uninstall.txt onto the SQL server. The ExecuteSQL has a regex that splits the script after GO so I can execute them one by one with SQLCommand. I am doing this because ADO.NET will throw an exception if the SQL script contains “GO”.

private static void ExecuteSql(SqlConnection sqlCon)
{
   string[] SqlLine;
   Regex regex = new Regex("^GO",RegexOptions.IgnoreCase |
                           RegexOptions.Multiline);

   string txtSQL = GetScript("install.txt");
   SqlLine = regex.Split(txtSQL);

   SqlCommand cmd = sqlCon.CreateCommand();
   cmd.Connection = sqlCon;

   foreach(string line in SqlLine)
   {
      if(line.Length>0)
      {
         cmd.CommandText = line;
         cmd.CommandType = CommandType.Text;
         try
         {
            cmd.ExecuteNonQuery();
         }
         catch(SqlException)
         {
            //rollback
            ExecuteDrop(sqlCon);
            break;
         }
      }
   }
}
private static void ExecuteDrop(SqlConnection sqlCon)
{
   if(sqlCon.State!=ConnectionState.Closed)sqlCon.Close();
   sqlCon.Open();
   SqlCommand cmd  = sqlCon.CreateCommand();
   cmd.Connection  = sqlCon;
   cmd.CommandText = GetScript("uninstall.txt");
   cmd.CommandType = CommandType.Text;
   cmd.ExecuteNonQuery();
   sqlCon.Close();
}

Having the functions, now you can override Install(IDictionary stateSaver) and Uninstall(IDictionary savedState). In the Install method, besides running the SQL script on to the server, I save the connection data submitted by the user. It’s dangerous to save connection strings, so I use RijndaelManaged to encrypt it. You can find the class in the source as well. I am saving the connection string because I need it at uninstall to drop the database ASP state.

public override void Install(IDictionary stateSaver)
{
   base.Install (stateSaver);

   if(Context.Parameters["databaseServer"].Length>0 &&
      Context.Parameters["userName"].Length>0 &&
      Context.Parameters["userPass"].Length>0)
   {
      conStr = GetLogin(
         Context.Parameters["databaseServer"],
         Context.Parameters["userName"],
         Context.Parameters["userPass"],
         "master");

      RijndaelCryptography rijndael = new RijndaelCryptography();
      rijndael.GenKey();
      rijndael.Encrypt(conStr);
      //save information in the state-saver IDictionary
      //to be used in the Uninstall method
      stateSaver.Add("key",rijndael.Key);
      stateSaver.Add("IV",rijndael.IV);
      stateSaver.Add("conStr",rijndael.Encrypted);
   }

   SqlConnection sqlCon = new SqlConnection(conStr);

   sqlCon.Open();
   ExecuteSql(sqlCon);
   if(sqlCon.State!=ConnectionState.Closed)sqlCon.Close();
}

public override void Uninstall(IDictionary savedState)
{
   base.Uninstall (savedState);

   if(savedState.Contains("conStr"))
   {
      RijndaelCryptography rijndael = new RijndaelCryptography();
      rijndael.Key = (byte[])savedState["key"];
      rijndael.IV  = (byte[])savedState["IV"];
      conStr = rijndael.Decrypt((byte[])savedState["conStr"]);
   }

   SqlConnection sqlCon = new SqlConnection(conStr);

   ExecuteDrop(sqlCon);
}