Re: Parameterized queries to different data providers
- From: "Miha Markic [MVP C#]" <miha at rthand com>
- Date: Tue, 29 Nov 2005 21:48:16 +0100
Hi Dino,
I don't think that there is an easy solution other than doing naming based
on provider manually.
Perhaps you might look into ORM products that do that part for you?
--
Miha Markic [MVP C#]
RightHand .NET consulting & development www.rthand.com
Blog: http://cs.rthand.com/blogs/blog_with_righthand/
"Dino Buljubasic" <dino@xxxxxxxxxxxxxxxxxxx> wrote in message
news:faepo1t9vt5nqnp3bu3joc11ku0gal646u@xxxxxxxxxx
> Hi,
>
> I would like to build my app so it can connect to SQL Server, Oracle
> or mySQL and query data.
> Data queries should be parameterized to reduce impact of SQL
> Injection.
>
> SQLServer Dataprovider uses named parameters (i.e. @name)
> OracleClient Dataprovider uses named parameters (i.e. :name)
> mySQL ODBC Dataprovider uses question marks (i.e. ?) on the place of a
> parameter (so order of question marks is important)
>
> How do I write my queries easily so they will work with all 3 of these
> data providers?
>
> For example how do I write this to work with all tree:
>
> SELECT a1, a2 FROM table1 WHERE a1 = 'blah' AND a2 = 'blahblah'
>
> thank you
> _dino_
.
- References:
- Parameterized queries to different data providers
- From: Dino Buljubasic
- Parameterized queries to different data providers
- Prev by Date: Parameterized queries to different data providers
- Next by Date: Re: Problem Connecting To Access Database
- Previous by thread: Parameterized queries to different data providers
- Next by thread: Re: Parameterized queries to different data providers
- Index(es):
Relevant Pages
|
Loading
