Using VS.NET 2005 RC - Am I understanding correctly from the docs that
connection pooling for my ADO.NET db connections will happen automatically?
Do I need to do anything to enable this feature?
Basically I have code in a method that does this:
SqlConnection conn = null;
try
{
conn = new SqlConnection(" Data Source=myserver ;Initial
Catalog=mydb;Pe rsist Security Info=True;User ID=mydb;Passwor d=mypass;
conn.Open();
SqlCommand cmd = new SqlCommand("INS ERT INTO [mytable]
([col1],[col2]) VALUES (@col1, @col2)", conn);
cmd.Parameters. AddWithValue("@ col1", "testing col1");
cmd.Parameters. AddWithValue("@ col2", "testing col2");
int x = cmd.ExecuteNonQ uery();
}
finally
{
if (conn != null)
{
conn.Close();
}
}
As I call into this method from my Page_Load command, am I correct to assume
that this db connection really stays open under the hood, despite the code
doing a .Close() on it? Also am I correct that I do not need to do anything
fancy like create the new SqlConnection object once and not close it and
just reuse it? That's not needed right, because ADO.NET is taking care of
that in the background for me?
Likewise, sometimes I need to do a few inserts and updates on the same page
request. So I assume its ok to have each type of operation in its own
method like this and just call into the method, rather than creating one
method that does all the work and keeps reusing the same SqlConnection
object for each .ExecuteNonQuer y() statement?
Also on an unrelated note - I do not want to use stored procedures, so give
that, does my approach to using parameterized queries shown above look ok or
is there a better way?
Thanks!
Steve
7  1374 
IIRC you need Win2003 (IIS 6) for this to happen.
--
Curt Christianson
site: http://www.darkfalz.com
blog: http://blog.darkfalz.com
"Steve Franks" wrote: Using VS.NET 2005 RC - Am I understanding correctly from the docs that
connection pooling for my ADO.NET db connections will happen automatically?
Do I need to do anything to enable this feature?
Basically I have code in a method that does this:
SqlConnection conn = null;
try
{
conn = new SqlConnection(" Data Source=myserver ;Initial
Catalog=mydb;Pe rsist Security Info=True;User ID=mydb;Passwor d=mypass;
conn.Open();
SqlCommand cmd = new SqlCommand("INS ERT INTO [mytable]
([col1],[col2]) VALUES (@col1, @col2)", conn);
cmd.Parameters. AddWithValue("@ col1", "testing col1");
cmd.Parameters. AddWithValue("@ col2", "testing col2");
int x = cmd.ExecuteNonQ uery();
}
finally
{
if (conn != null)
{
conn.Close();
}
}
As I call into this method from my Page_Load command, am I correct to assume
that this db connection really stays open under the hood, despite the code
doing a .Close() on it? Also am I correct that I do not need to do anything
fancy like create the new SqlConnection object once and not close it and
just reuse it? That's not needed right, because ADO.NET is taking care of
that in the background for me?
Likewise, sometimes I need to do a few inserts and updates on the same page
request. So I assume its ok to have each type of operation in its own
method like this and just call into the method, rather than creating one
method that does all the work and keeps reusing the same SqlConnection
object for each .ExecuteNonQuer y() statement?
Also on an unrelated note - I do not want to use stored procedures, so give
that, does my approach to using parameterized queries shown above look ok or
is there a better way?
Thanks!
Steve
On Thu, 27 Oct 2005 09:02:26 -0400, "Steve Franks" <pl****@postrep lyhere.com> wrote:
¤ Using VS.NET 2005 RC - Am I understanding correctly from the docs that
¤ connection pooling for my ADO.NET db connections will happen automatically?
Yes.
¤ Do I need to do anything to enable this feature?
¤
No. As long as the provider supports connection pooling it is enabled by default.
¤ Basically I have code in a method that does this:
¤
¤ SqlConnection conn = null;
¤ try
¤ {
¤ conn = new SqlConnection(" Data Source=myserver ;Initial
¤ Catalog=mydb;Pe rsist Security Info=True;User ID=mydb;Passwor d=mypass;
¤ conn.Open();
¤ SqlCommand cmd = new SqlCommand("INS ERT INTO [mytable]
¤ ([col1],[col2]) VALUES (@col1, @col2)", conn);
¤ cmd.Parameters. AddWithValue("@ col1", "testing col1");
¤ cmd.Parameters. AddWithValue("@ col2", "testing col2");
¤ int x = cmd.ExecuteNonQ uery();
¤ }
¤ finally
¤ {
¤ if (conn != null)
¤ {
¤ conn.Close();
¤ }
¤ }
¤
¤ As I call into this method from my Page_Load command, am I correct to assume
¤ that this db connection really stays open under the hood, despite the code
¤ doing a .Close() on it? Also am I correct that I do not need to do anything
¤ fancy like create the new SqlConnection object once and not close it and
¤ just reuse it? That's not needed right, because ADO.NET is taking care of
¤ that in the background for me?
¤
When you close the connection it is released to a connection pool. At this point your application
knows nothing about it. Upon a subsequent request for a connection, the pool that is associated with
the application process (or app pool) and connection string properties is checked for an available
connection. If available a connection is returned, if not a new connection is created and returned.
¤ Likewise, sometimes I need to do a few inserts and updates on the same page
¤ request. So I assume its ok to have each type of operation in its own
¤ method like this and just call into the method, rather than creating one
¤ method that does all the work and keeps reusing the same SqlConnection
¤ object for each .ExecuteNonQuer y() statement?
¤
¤ Also on an unrelated note - I do not want to use stored procedures, so give
¤ that, does my approach to using parameterized queries shown above look ok or
¤ is there a better way?
Not really. Ideally stored procedures should be used. Otherwise you will have to edit check your
data for certain characters such as single quotes, double quotes, etc. or your query will fail with
a syntax error when they are embedded within text.
Paul
~~~~
Microsoft MVP (Visual Basic)
Steve,
Each connection pool is associated with a distinct connection string. So
when you use same connection string to open a connection the connection is
taken from the pool. When you use a new connection string first time, a pool
is created.
This artcle explains it verywell http://msdn.microsoft.com/library/de...taProvider.asp
HTH
"Steve Franks" wrote: Using VS.NET 2005 RC - Am I understanding correctly from the docs that
connection pooling for my ADO.NET db connections will happen automatically?
Do I need to do anything to enable this feature?
Basically I have code in a method that does this:
SqlConnection conn = null;
try
{
conn = new SqlConnection(" Data Source=myserver ;Initial
Catalog=mydb;Pe rsist Security Info=True;User ID=mydb;Passwor d=mypass;
conn.Open();
SqlCommand cmd = new SqlCommand("INS ERT INTO [mytable]
([col1],[col2]) VALUES (@col1, @col2)", conn);
cmd.Parameters. AddWithValue("@ col1", "testing col1");
cmd.Parameters. AddWithValue("@ col2", "testing col2");
int x = cmd.ExecuteNonQ uery();
}
finally
{
if (conn != null)
{
conn.Close();
}
}
As I call into this method from my Page_Load command, am I correct to assume
that this db connection really stays open under the hood, despite the code
doing a .Close() on it? Also am I correct that I do not need to do anything
fancy like create the new SqlConnection object once and not close it and
just reuse it? That's not needed right, because ADO.NET is taking care of
that in the background for me?
Likewise, sometimes I need to do a few inserts and updates on the same page
request. So I assume its ok to have each type of operation in its own
method like this and just call into the method, rather than creating one
method that does all the work and keeps reusing the same SqlConnection
object for each .ExecuteNonQuer y() statement?
Also on an unrelated note - I do not want to use stored procedures, so give
that, does my approach to using parameterized queries shown above look ok or
is there a better way?
Thanks!
Steve
Hello Paul,
-snip- ¤ Basically I have code in a method that does this:
¤
¤ SqlConnection conn = null;
¤ try
¤ {
¤ conn = new SqlConnection(" Data Source=myserver ;Initial
¤ Catalog=mydb;Pe rsist Security Info=True;User
ID=mydb;Passwor d=mypass;
¤ conn.Open();
¤ SqlCommand cmd = new SqlCommand("INS ERT INTO [mytable]
¤ ([col1],[col2]) VALUES (@col1, @col2)", conn);
¤ cmd.Parameters. AddWithValue("@ col1", "testing col1");
¤ cmd.Parameters. AddWithValue("@ col2", "testing col2");
¤ int x = cmd.ExecuteNonQ uery();
¤ }
¤ finally
¤ {
¤ if (conn != null)
¤ {
¤ conn.Close();
¤ }
¤ }
-snip-
¤ Also on an unrelated note - I do not want to use stored procedures,
so give
¤ that, does my approach to using parameterized queries shown above
look ok or
¤ is there a better way?
Not really. Ideally stored procedures should be used. Otherwise you
will have to edit check your data for certain characters such as
single quotes, double quotes, etc. or your query will fail with a
syntax error when they are embedded within text.
Paul
~~~~
Microsoft MVP (Visual Basic)
Paul:
That's true if he is using just string concatenation to put together his
SQL statments:
strSQL = "Select * From myTable where Dept = '" & varDept & "'"
But if he is using parameterized queries, as his code sample shows, it should
automatically do proper character escaping, etc, just like using stored procedures.
BradC
> That's true if he is using just string concatenation to put together his SQL statments:
strSQL = "Select * From myTable where Dept = '" & varDept & "'"
But if he is using parameterized queries, as his code sample shows, it
should automatically do proper character escaping, etc, just like using
stored procedures. BradC
Thanks guys. Does using parameterized queries also protect against SQL
injection attacks, or do I need to do something special for that?
Steve
Yes, it does, Steve.
That's the primary advantage of Parameterized queries over just cobbling
together your own SQL statments with strings.
Note that I usually use a slightly more verbose method for adding SQL parameters:
Dim cmd As New SqlCommand("INS ERT INTO department VALUES" & "(@DepartmentID ,
@DepartmentName )", cn)
Dim parmDepartmentI D = New SqlParameter("@ DepartmentID", SqlDbType.Int)
parmDepartmentI D.Direction = ParameterDirect ion.Input
cmd.Parameters. Value = 10
cmd.Parameters. Add(parmDepartm entID)
The advantage of this syntax is that it actually enforces proper data types,
just like a stored procedure.
ALSO, parameterized queries even get some of the PERFORMANCE advantage of
a stored procedure:
"You can think of parameterized SQL statements as sort of a cross between
stored procedures and dynamic SQL. Like stored procedures, they can accept
different parameter values at runtime. Like dynamic SQL, they're not persistent
in the database. However, unlike with dynamic SQL, SQL Server parses parameterized
SQL and creates the access plan only once-when it first prepares the statement.
Subsequent statement execution takes advantage of the existing access plan"
From http://msdn.microsoft.com/library/de...SqlCommand.asp
Hope this helps,
Brad That's true if he is using just string concatenation to put together
his
SQL statments:
strSQL = "Select * From myTable where Dept = '" & varDept & "'"
But if he is using parameterized queries, as his code sample shows,
it should automatically do proper character escaping, etc, just like
using stored procedures. BradC
Thanks guys. Does using parameterized queries also protect against
SQL injection attacks, or do I need to do something special for that?
Steve
On Thu, 27 Oct 2005 09:20:25 -0700, BradC <br********@yah oo.com> wrote:
¤ Hello Paul,
¤
¤ -snip-
¤ > ¤ Basically I have code in a method that does this:
¤ > ¤
¤ > ¤ SqlConnection conn = null;
¤ > ¤ try
¤ > ¤ {
¤ > ¤ conn = new SqlConnection(" Data Source=myserver ;Initial
¤ > ¤ Catalog=mydb;Pe rsist Security Info=True;User
¤ > ID=mydb;Passwor d=mypass;
¤ > ¤ conn.Open();
¤ > ¤ SqlCommand cmd = new SqlCommand("INS ERT INTO [mytable]
¤ > ¤ ([col1],[col2]) VALUES (@col1, @col2)", conn);
¤ > ¤ cmd.Parameters. AddWithValue("@ col1", "testing col1");
¤ > ¤ cmd.Parameters. AddWithValue("@ col2", "testing col2");
¤ > ¤ int x = cmd.ExecuteNonQ uery();
¤ > ¤ }
¤ > ¤ finally
¤ > ¤ {
¤ > ¤ if (conn != null)
¤ > ¤ {
¤ > ¤ conn.Close();
¤ > ¤ }
¤ > ¤ }
¤
¤ -snip-
¤
¤ > ¤ Also on an unrelated note - I do not want to use stored procedures,
¤ > so give
¤ > ¤ that, does my approach to using parameterized queries shown above
¤ > look ok or
¤ > ¤ is there a better way?
¤
¤ > Not really. Ideally stored procedures should be used. Otherwise you
¤ > will have to edit check your data for certain characters such as
¤ > single quotes, double quotes, etc. or your query will fail with a
¤ > syntax error when they are embedded within text.
¤ >
¤ > Paul
¤ > ~~~~
¤ > Microsoft MVP (Visual Basic)
¤
¤ Paul:
¤
¤ That's true if he is using just string concatenation to put together his
¤ SQL statments:
¤ strSQL = "Select * From myTable where Dept = '" & varDept & "'"
¤
¤ But if he is using parameterized queries, as his code sample shows, it should
¤ automatically do proper character escaping, etc, just like using stored procedures.
¤
Yes, that is true if he is using bind variables.
Paul
~~~~
Microsoft MVP (Visual Basic)
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Wonderinguy |
last post by:
Our websphere application uses a generic application userid to connect
and query db2 on z/os via DB2 connect. The end user,logs in to the
application using
his regular userid, which is then authenticated with the mainframe and
if its ok, then the application proceeds using the generic application
id. We are not
able to track the user in the DB2 on Mainframe.
Is there anyway I can pass the end userid along with the generic
userid, so I...
|
by: Jonas Knaus |
last post by:
hello
until now i allways wrote all my sql-stuff in my presentation-layer.
i heard about that model of that presentation- / businesslogic- and data
access layer -model.
i found some example on the internet, but not very useful.
does anyone has some examples for this ???
i would by very happy !!!
|
by: Alvin Bruney [MVP] |
last post by:
with the using construct, exit from scope calls dispose on said object. But
what happens in a connection pooling scenario? Is the run-time smart enough
to realize that Object Pooling is being used so it will not call dispose and
instead flag the object similar to what close() does when pooling is in
effect. Or does it really go ahead and shut down the object? If it does,
then isn't it circumventing the object pooling? Does anybody know?
...
|
by: Bob Lehmann |
last post by:
Hi,
My understanding is that Dispose() should not be used for destroying a
connection object, and that Close() is preferred.
However, in one of MS's Quickstart Apps I see this being used....
This is found in the SqlHelper class -
Dim cn As New SqlConnection(connectionString)
|
by: bnob |
last post by:
Im my ASP.net project I do a lot of connection to the SQL Server
Database. I use a global variabe for my connection declare in a module
(VB.Net code behind)
All is ok but when I start a form from the default page it takes 30
seconds to show the resultat of a select request
And when, during this 30 seconds, a another user want open a another
forms from the default page, I have an error : "Connection are already
open"
| | |
by: Lenny Shprekher |
last post by:
Hi,
I am getting issues that Oracle collecting opened sessions (connections)
from my webservice using regular System.Data.OleDb.OleDbConnection object.
I am guessing that this is connection pooling issue. Is there is any way to
disable connection pooling for one particular .net webservice?
Thanks,
Leonid
|
by: Martin B |
last post by:
Hallo!
I'm working with C# .NET 2.0, implementing Client/Server Applications which
are connecting via Network to SQL-Server or Oracle Databases.
To stay independent from the underlaying Database I use
System.Data.Common.DBConnection and .DBCommand.
How can I keep aware from connection losses (network not availeable,
db-server not available...)?
Are there any strategies to detect this broken connections, and how can I
|
by: fniles |
last post by:
I am using VS2003 and connecting to MS Access database.
When using a connection pooling (every time I open the OLEDBCONNECTION I use
the exact matching connection string),
1. how can I know how many connection has been used ?
2. If the maximum pool size has been reached, what happens when I call the
method Open to open the connection ? Will I get an error ? MSDN says the
request is queued, but will I get an error in the open method ?
...
|
by: fniles |
last post by:
In the Windows application (using VB.NET 2005) I use connection pooling like
the following:
In the main form load I open a connection using a connection string that I
stored in a global variable g_sConnectionString and leave this connection
open and not close it until it exits the application.
Then on each thread/each subsequent sub that needs the connection I create a
local OleDBConnection variable, open the connection using the exact...
|
by: viswarajan |
last post by:
Introduction
This article is to go in deep in dome key features in the ADO.NET 2 which was shipped with VS 2005.
In this article I will go trough one of the key features which is the Connection Pooling.
This feature is a key feature plays an important role in the performance in most of business application or Data driven application.
What's Connection Pooling?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
