SQL Queries

D

Dylan Parry

Hi,

I was wondering if anyone has some perspective as to what the best way
to query an MS SQL Server database is using C#?

Currently, I am using the SqlConnection, SqlCommand and SqlDataReader
classes by opening a connection, writing an query string and passing it
to the SqlCommand object along with the SqlConnection object.

eg.

SqlConnection connection = new SqlConnection(/connectionString/);
connection.Open();
string query = "SELECT ...";
SqlCommand command = new SqlCommand(query, connection);
SqlDataReader = command.ExecuteReader();
[...]

(or something like that - I cut out most of the code)

Now this is okay, but I am finding it quite complicated to dynamically
generate queries using this technique, especially if some of the values
are /null/.

Is there an easier/better way of creating the query string, or am I
stuck with using IF statements and "query += ..." to build them?

Cheers,
 
T

Tasos Vogiatzoglou

Dylan,

You can use stored procedures. But you can also create your command
string as following :

string sqlString = "SELECT * FROM MyTable Where id=@id";

and then

SqlConnection con = <get your connection>;

SqlCommand cmd = con.CreateCommand();
cmd.CommandText = sqlString;
cmd.Parameters.Add("id",SqlDbType.Int);

using (SqlDataReader rdr =
cmd.ExecuteReader(CommandBehavior.CloseConnection)) {
// do stuff
}

Regards,
Tasos
 
D

Dylan Parry

Pondering the eternal question of "Hobnobs or Rich Tea?", Tasos
Vogiatzoglou finally proclaimed:
string sqlString = "SELECT * FROM MyTable Where id=@id"; [...]
SqlCommand cmd = con.CreateCommand();
cmd.CommandText = sqlString;
cmd.Parameters.Add("id",SqlDbType.Int);
Click to expand...

Thanks. That looks interesting, and while is probably involves writing
more code, will most likely make it easier for me understand what I'm
doing! :)
 
R

Richard Brown

If you use stored procs you can be far more granular in your approach
to permissions, and security.
 
I

Ignacio Machin \( .NET/ C# MVP \)

Hi,

Richard Brown said:
If you use stored procs you can be far more granular in your approach
to permissions, and security.
Click to expand...

And the application more flexible to changes in the DB
 
D

Dylan Parry

Dylan Parry realised that microsoft.public.dotnet.languages.csharp was a
little too quiet...

[...]

Thanks, everyone, for your replies.
 
F

Frans Bouma [C# MVP]

Richard said:
If you use stored procs you can be far more granular in your approach
to permissions, and security.
Click to expand...

That just took 3 posts... one asks a question about SQL queries and
someone steps in and starts a lecture about how great stored procedures
are.

Please avoid that discussion here.

FB

--
------------------------------------------------------------------------
Lead developer of LLBLGen Pro, the productive O/R mapper for .NET
LLBLGen Pro website: http://www.llblgen.com
My .NET blog: http://weblogs.asp.net/fbouma
Microsoft MVP (C#)
------------------------------------------------------------------------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Encapsulating SqlDataReader and SQL 2
using statment with sql connection 7
System.NullReferenceException - Object reference not set to an instance of an object 17
run test code 4
Scope confusion -- compilation issue -- please help me understand 12
A question about sql connection in C# code. 3
help!i'm stuck here 3
C# Data Access Best Practice 2

Top