dcsimg
Login | Register   
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


Tip of the Day
Language: Visual Basic
Expertise: Intermediate
Apr 27, 2000

WEBINAR:

On-Demand

Application Security Testing: An Integral Part of DevOps


Optimize Parametrized Queries With ADO Objects

When you write Insert statements, it can be difficult to accommodate the possible values end users might enter into a textbox. The most common task is replacing single quotes with double quotes. However, parameterized queries provide two benefits: You do not have to parse data entered by users—except for business rules; and SQL Server 7.0 immediately caches the SQL statement:
 
Dim cmd As ADODB.Command
Dim prm As ADODB.Parameter
Set cmd = New ADODB.Command
Set prm = New ADODB.Parameter
With cmd
	.ActiveConnection = CONNECT_STRING
	.CommandText = "INSERT INTO employees " & _
		"(name) VALUES(?)"
	.CommandType = adCmdText
	Set prm = .CreateParameter(, adChar, _
		adParamInput, 50, Me.txtName.Text)
	.Parameters.Append prm
	.Execute
End With
Set cmd = Nothing
Set prm = Nothing
Christopher P.
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date