parameterized-query Questions
1
I'd like to be able to build a parameterized ad-hoc SQL query using Entity Framework which consumes a table-valued parameter.
NB: The use-case which brought this to my interest was querying for mu...
Vaccaro asked 26/10, 2017 at 15:55
4
Solved
As far as I understand, prepared statements are (mainly) a database feature that allows you to separate parameters from the code that uses such parameters. Example:
PREPARE fooplan (int, text, boo...
Filaria asked 1/4, 2016 at 23:47
1
I want to create a JPA parameterised query for following SQL statement
select * from car where (colour, speed) in (('red', 50), ('blue', 70))
this query returns the expected result
entityManage...
Lymphoblast asked 9/7, 2014 at 17:23
1
I have a parameterised named Query like this :
Query moveOutQuery = session.createSQLQuery(moveOutQueryStr.toString())
.addEntity(MyClass.class)
.setParameter("assignmentStatus", Constants.CHECK...
Joshuajoshuah asked 14/1, 2019 at 13:6
1
Solved
I keep getting the below exception. The exception baffles me because I am not selecting UserID.
I have tried changing the select to SELECT * but this just causes a result.Count of 0 regardless if ...
Appalling asked 2/4, 2018 at 4:52
5
Solved
I have a parameterized SQL query targetted for SQL2005 which is dynamically created in code, so I used the ADO.NET SqlParameter class to add sql parameters to SqlCommand.
In the aforementioned SQL...
Afrikaans asked 3/6, 2010 at 23:28
2
I am trying to develop a spreadsheet that can locate corresponding records in an external data source. So, let's say I have Column A with a list of identity values. I want to develop Column B, whic...
Entrust asked 16/10, 2014 at 20:14
6
Solved
In both queries 1 and 2, the text from the textbox is inserted into the database. What's the significance of the parameterized query here?
Passing txtTagNumber as a query parameter
SqlCommand cm...
Xylo asked 29/3, 2011 at 5:50
4
Solved
What is a parameterized query, and what would an example of such a query be in PHP and MySQL?
Hyoscyamus asked 17/1, 2011 at 10:18
7
Solved
I'm trying to insert a database record inside a loop in C#.
It works when I hard code the values like this:
string query3 = "INSERT INTO furniture (room_id,member_id) VALUES (222,333);";
SqlCom...
Vincenty asked 5/1, 2012 at 17:41
3
Solved
Let's say I want to show a full list of awards with type="color":
Awards Type 2013 Winner
====== ==== ===========
Blue Award color Tom
Red Award color
Green Award color Dan
To achieve this resu...
Remind asked 18/7, 2013 at 21:12
11
In terms of SQL injection, I completely understand the necessity to parameterize a string parameter; that's one of the oldest tricks in the book. But when can it be justified to not parameterize an...
Lambent asked 18/9, 2015 at 2:2
3
Solved
In Microsoft SQL Server, to test something like this in the query window:
select * from Users where LastName = @lastname
I can add this before the command:
declare @lastname varchar(16)
set @la...
Uxorial asked 11/5, 2015 at 23:48
1
Solved
I am using Connector/Net 6.8.3 for a C# project and have been using it (or prior versions) for quite some time.
As I look through legacy code, I see several variations related to parameterized que...
Characterization asked 10/2, 2014 at 20:52
6
Solved
I have to fix a project that is vulnerable to SQL injection.
All the forms in every page on the project do not use parametrized query but simply string query.
For example I have the search page...
Tectonic asked 4/7, 2011 at 12:14
3
Solved
I have a datetime datatype : dttm
Also the database field type is datatime
Now I am doing this:
if (dttm.HasValue)
{
cmd.Parameters.AddWithValue("@dtb", dttm);
}
else
{
// It should insert nul...
Rafaelarafaelia asked 23/5, 2013 at 14:51
0
Using parameterized queries seems to set the length of the parameter to the length of the value passed in.
Doing something like:
var person = Connection.Query<People>("select * from People ...
Lissa asked 22/10, 2012 at 14:15
2
Solved
I am trying to use a simple MySQL insert query with the parameters in array form. It keeps telling me the number of parameters are wrong. I have tried the following, all producing the same error:
...
Caricature asked 15/6, 2012 at 10:27
2
Solved
i am trying to use parameterized queries with ADO. Executing the Command object throws the error:
Must declare the variable '@filename'
i declare the parameter @filename using CreateParameter/...
Tenace asked 23/5, 2012 at 17:48
3
Solved
I'm very new to Delphi and received the following piece of code (left out some irrelevant parts) for which I'm trying to understand what it does:
object SelectCosts: TIBQuery
SQL.Strings = (
'SE...
Tb asked 16/1, 2012 at 12:31
1
Solved
I have a problem with dropping sqlite3 table in python. I am using standard sqlite3 module.
self.conn = sqlite3.connect(...)
sql = """ drop table ? """
self.conn.execute( sql, (u'table_name',) )...
Tranquilizer asked 9/4, 2011 at 20:35
2
Solved
I'm trying to switch some hard-coded queries to use parameterized inputs, but I've run into a problem: How do you format the input for parameterized bulk inserts?
Currently, the code looks like th...
Spectroscope asked 11/1, 2011 at 15:34
2
Solved
PLEASE READ THE QUESTION CAREFULLY. It is not usual silly "my code doesn't work!!!" question.
When I run this code with intended error
try {
$sth = $dbh->prepare("SELECT id FROM users WHERE ...
Claudclauddetta asked 16/9, 2010 at 13:35
1
Solved
I've been trying to figure out why the following code is not generating any data in my ResultSet:
String sql = "SELECT STUDENT FROM SCHOOL WHERE SCHOOL = ? ";
PreparedStatement prepStmt = conn.pre...
Randa asked 10/8, 2010 at 16:38
2
Solved
I'm making a parameterized query using C# against a SQL server 2005 instance, and I'd like to take a look at the SQL that is run against the database for debugging purposes. Is there somewhere I ca...
Dasie asked 27/5, 2010 at 17:27
1 Next >
© 2022 - 2025 — McMap. All rights reserved.