By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
444,041 Members | 1,046 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 444,041 IT Pros & Developers. It's quick & easy.

Insert Command With Parameters

P: n/a
All

If I have a SQL statmenet as illistarted below what is the best way to
append parameters to the command.

Dim sql As Text.StringBuilder
sql.Append("INSERT Table ")
sql.Append("(col1, col2) ")
sql.Append("?, ?")

Thanks
Nov 21 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
David,

The general best does not exist in Net, there is forever a best for your
situation.

However see this page on our website.

http://www.windowsformsdatagridhelp....3-eb8b44af0137

I hope this helps,

Cor

"David" <Da***@discussions.microsoft.com> schreef in bericht
news:64**********************************@microsof t.com...
All

If I have a SQL statmenet as illistarted below what is the best way to
append parameters to the command.

Dim sql As Text.StringBuilder
sql.Append("INSERT Table ")
sql.Append("(col1, col2) ")
sql.Append("?, ?")

Thanks

Nov 21 '05 #2

P: n/a
"David" <Da***@discussions.microsoft.com> schrieb:
If I have a SQL statmenet as illistarted below what is the best way to
append parameters to the command.

Dim sql As Text.StringBuilder
sql.Append("INSERT Table ")
sql.Append("(col1, col2) ")
sql.Append("?, ?")


Sample (look for "INSERT INTO"):

..NET Framework Class Library -- 'SqlDataAdapter' Constructor ('SqlCommand')
<URL:http://msdn.microsoft.com/library/en-us/cpref/html/frlrfSystemDataSqlClientSqlDataAdapterClassctorTop ic2.asp>

The sample shows how to use a parameterized command. This approach is
recommended over building up the whole command string by hand because it
protects from SQL injection.

--
M S Herfried K. Wagner
M V P <URL:http://dotnet.mvps.org/>
V B <URL:http://classicvb.org/petition/>

Nov 21 '05 #3

P: n/a
Herfried,

You show SQL parameters. The parameters are the only thing that I know which
are different between SQLClient and OleDb.

Showed by the OP is an OleDb SQL Insert string.

That the OP ask this is very good, because it is not that well described on
MSDN.

Cor
Nov 21 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.