Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

Tip of the Day
Language: Visual Basic
Expertise: Intermediate
Apr 27, 2000

Optimize Parametrized Queries With ADO Objects

When you write Insert statements, it can be difficult to accommodate the possible values end users might enter into a textbox. The most common task is replacing single quotes with double quotes. However, parameterized queries provide two benefits: You do not have to parse data entered by users—except for business rules; and SQL Server 7.0 immediately caches the SQL statement:
Dim cmd As ADODB.Command
Dim prm As ADODB.Parameter
Set cmd = New ADODB.Command
Set prm = New ADODB.Parameter
With cmd
	.ActiveConnection = CONNECT_STRING
	.CommandText = "INSERT INTO employees " & _
		"(name) VALUES(?)"
	.CommandType = adCmdText
	Set prm = .CreateParameter(, adChar, _
		adParamInput, 50, Me.txtName.Text)
	.Parameters.Append prm
End With
Set cmd = Nothing
Set prm = Nothing
Christopher P.
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date