Browse DevX
Sign up for e-mail newsletters from DevX

Tip of the Day
Language: Visual Basic
Expertise: Intermediate
Apr 27, 2000



Building the Right Environment to Support AI, Machine Learning and Deep Learning

Optimize Parametrized Queries With ADO Objects

When you write Insert statements, it can be difficult to accommodate the possible values end users might enter into a textbox. The most common task is replacing single quotes with double quotes. However, parameterized queries provide two benefits: You do not have to parse data entered by users—except for business rules; and SQL Server 7.0 immediately caches the SQL statement:
Dim cmd As ADODB.Command
Dim prm As ADODB.Parameter
Set cmd = New ADODB.Command
Set prm = New ADODB.Parameter
With cmd
	.ActiveConnection = CONNECT_STRING
	.CommandText = "INSERT INTO employees " & _
		"(name) VALUES(?)"
	.CommandType = adCmdText
	Set prm = .CreateParameter(, adChar, _
		adParamInput, 50, Me.txtName.Text)
	.Parameters.Append prm
End With
Set cmd = Nothing
Set prm = Nothing
Christopher P.
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date