O'Reilly logo

Programming Microsoft® ADO.NET 2.0 Core Reference, 2nd Edition by David Sceppa

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Working with Parameterized Queries

There are many scenarios in which you might want to use parameterized queries, but the most common scenario occurs when you need user input in your query.

Formatting User Input in a Query String

Let’s say that you’re building an application that lets a user examine the orders placed by a particular customer. The application user will specify customer information while the application is running, whether that be the company name or some other information. You’ll likely want to construct a "base" query, apply the user’s input, and execute the query.

There are two basic approaches you could follow. First, you could look for a way to embed the user input into your query string, perhaps using the String.Format function ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required