Breaking News: Grepper is joining You.com. Read the official announcement!

c# sql command parameters

SubZero answered on March 5, 2023 Popularity 4/10 Helpfulness 8/10

answer c# sql command parameters

c# sql command parameters

Comment

using System.Data.SqlClient;

// create a SqlConnection object
using (SqlConnection conn = new SqlConnection(connectionString))
{
    // create a SqlCommand object with parameters
    using (SqlCommand cmd = new SqlCommand("SELECT * FROM myTable WHERE myColumn = @value1 AND myOtherColumn = @value2", conn))
    {
        // add parameter values
        cmd.Parameters.AddWithValue("@value1", "myValue1");
        cmd.Parameters.AddWithValue("@value2", "myValue2");

        // execute the SQL command
        conn.Open();
        using (SqlDataReader reader = cmd.ExecuteReader())
        {
            // process the query results
        }
    }
}

SqlConnection represents a connection to a SQL Server database, SqlCommand represents a SQL statement or stored procedure, and SqlDataReader represents the results of a query. The @value1 and @value2 are parameter placeholders, which will be replaced with actual values when the SQL statement is executed. The AddWithValue() method is used to set the values of the parameters. It is important to use parameter placeholders to avoid SQL injection attacks, where malicious users can inject SQL code into your queries.

Popularity 4/10 Helpfulness 8/10 Language sql

Source: Grepper

Tags: c# command parameters sql

Link to this answer
Share Copy Link

Contributed on Mar 05 2023

SubZero

0 Answers Avg Quality 2/10

c# sql command parameters

Contents

More Related Answers

c# sql command parameters

Grepper

Documentation

Social

Legal

Contact

Oops, You will need to install Grepper and log-in to perform this action.