I'm trying to insert multiple rows using SqlCommand from C# to SQL Server. I'm forming a simple query as below:
Insert into temp(field1, field2) values (1, 'test'), (2, 'test1'), (3, 'test2') and so on till 100 rows. For the example purpose I only gave couple of fields here but it actually contains 25 fields and 20 out of this are strings.
this data is coming from third party API as a list and I'm forming multiple rows insert query out of that data.
I know that there is a problem of sql injection or apostrophe problem. This can be avoided by using SqlParameter. But how can I insert multiple rows without facing sql injection or apostrophe problem? Is this possible using SqlParameter?
I dont want to make multiple insert statements and send it to db, as that will slow down my process. Is there any alternative solution for this.