Can parameterized queries have output parameters?
In SQL Server is there a way to have an output parameter return the total number of records (for paging) in a parameterized query? ...
parameterized-query
SQLServerCE Problem with parameterized queries from .NET
Hello, I am pulling the hair out of my head trying to figure this one out. I can't make Parameterized queries to work in VB.Net, when I am using parameters. From what I have found, using a parameter in a function, from .NET raises an error (see sample code). However, running the not working query in the Query Window in Visual studio w...
Subsonic 2.x MySQL CodingHorror
Hi! What’s wrong here? This is how I found on examples of Subsonic 2 CodingHorror and doesn't works :( new CodingHorror().Execute("SELECT * FROM product WHERE IdProduct = @IdProduct", 1); The error I get is “Parameter '@IdProduct' must be defined” I’m using Subsonic 2.x and MySQL! Thank you for your help! :) ...
How can I get the extrapolated version of a parameterized query?
I'm trying to update the database library that we use at work to use parameterized queries so that coworkers who are not very knowledgeable about SQL injection won't have to remember to escape input and just pass in an array of parameters instead (I'm using pg_query_params). However, I am running into a problem. One of the requirements ...
SqlCommand.Parameters.AddWithValue Not Returning Correct Results
I'll admit that I'm a bit of a newbie (though learning fast!) when it comes to using parameterized queries in C#, so I'm probably just overlooking something here, but I can't seem to figure out how to get a parameterized query to work for me. Here is a much simplified example. If more information is needed, I am certainly willing to sup...
Parameterized DB2 Query From .NET
I am attempting to run a parameterized query against a DB2 database from .NET using the Client Access ODBC Driver using the following code: var db2Cmd = new OdbcCommand("INSERT INTO presnlats (LAT) VALUES (@LAT)", db2Conn); db2Cmd.Parameters.AddWithValue("@LAT", insertValue); Console.Out.WriteLine(db2Cmd.ExecuteNonQuery()); When execu...
Pulling parameters from a datagridview C#.NET
I have what is undoubtedly a simple question, but I can't seem to find that answer anywhere. I am writing a C# Windows form application that contains a datagridview that I'm using to run a SQL UPDATE statement out to the database with a dataadapter. I am using a parameterized query and need to populate the parameters with columns from th...
Is there a way to parametrize ORACLE 10g SELECT-query with IN-clause
I saw couple of SO questions (SO) concerning SQL-server. For SQL-server there was no decent solution. All were hacks/workarounds. What about Oracle? Is it same answer (Paremeterizing each value)? Any Oracle example without LINQ would be appreciated (I have .NET 2.0). Thanks & BR -Matti ...
LINQ to SQL: ExecuteQuery not working when performing a parameterized query.
I have a weird problem with ExecuteQuery in that it isn't working when performing a parameterized query. The following returns 1 record: db.ExecuteQuery<Member>(@"SELECT * FROM Member INNER JOIN aspnet_Users ON Member.user_id = aspnet_Users.UserId WHERE [asp...
How do you specify 'DEFAULT' as a SQL parameter value in ADO.NET?
I have a parameterized SQL query targetted for SQL2005 which is dynamically created in code, so I used the ADO.NET SqlParameter class to add sql parameters to SqlCommand. In the aforementioned SQL I select from a Table Valued Function with has defaults. I want my dynamic sql to sometimes specify a value for these default parameters, and...
How to get textbox value from inside html tag in asp.net with c sharp
I want to select data from SqlDataSource tag to gridview using TextBox1 value.how can i modify that ASP.net code behind file..plz give me solution ASAP.thankz.................... ........................... <asp:SqlDataSource ID="SqlDataSource1" runat="server" SelectCommand= "select distinct [Species],[qty],[received],[Discard],[mortil...
Excel 2007 with parameterized query, automatic refresh doesn't work
I have a workbook developed in Excel 2003 that uses a parameterized query. The parameter is linked to a cell on another worksheet and is set to Refresh automatically when the cell value changes. The linked cell contains a dropdown list, but when the user chooses a value, the refresh does not work. This worked fine in 2003 and still ...
Parameterized Oracle SQL query in Java?
I've been trying to figure out why the following code is not generating any data in my ResultSet: String sql = "SELECT STUDENT FROM SCHOOL WHERE SCHOOL = ? "; PreparedStatement prepStmt = conn.prepareStatement(sql); prepStmt.setString(1, "Waterloo"); ResultSet rs = prepStmt.executeQuery(); On the other hand, the following runs properl...
Prepared Statements and Stored Procs Used Together
I'm in the planning stages of a Microsoft ASP.NET / SQL Server 2008 based web application and In thinking about database design, I began to think about injection attacks and what strategies I should employ to mitigate the database as a vector for injection attacks. I've heard from various sources that using stored procedures increases s...
The way PDO parametrized query works
PLEASE READ THE QUESTION CAREFULLY. It is not usual silly "my code doesn't work!!!" question. When I run this code with intended error try { $sth = $dbh->prepare("SELECT id FROM users WHERE name INN(?,?) "); $sth->execute(array("I'm","d'Artagnan")); } catch (PDOException $e) { echo $e->getMessage(); } I get this error me...
Suggestion needed for optimizing a MySQL query.
I'm using parameterized queries with PHP I have the following two queries: SELECT username,question_text FROM questions,users WHERE questions.question_id = 4 AND questions.user_id = users.user_id and SELECT username, post_text FROM posts,users WHERE posts.question_id = 4 AND posts.user_id = users.user_id ORDER BY posts.post_id AS...