|
-
Apr 11th, 2010, 09:31 PM
#6
Re: How do YOU write sql statements?
 Originally Posted by stateofidleness
Was scolded.. err, I mean "taught" very early on this forum to use parameters and it actually is much nicer to code:
vb Code:
Dim cmd As New SqlCommand("SELECT FirstName, LastName FROM Employee WHERE FirstName = @fn", con)
cmd.Parameters.Add(New SqlParameter("@fn", SqlDbType.VarChar, 10)).Value = "Joe"
It allows for better dynamics and less margin for error. As for the SELECT part (the table names) I usually use variable names that hold the table names. It lets me/the user define them much easier than a hard-coded value.
This question isn't about the values though; it's about the identifiers, i.e. the table and column names rather than the field values.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|