Junior ADO.NET

What is the role of the SqlParameter class in ADO.NET?

The SqlParameter class represents a parameter to a SQL command or stored procedure. It

allows you to define the name, data type, size, and value of a parameter. SqlParameter is

used to protect against SQL injection and to pass data to SQL queries safely.

Example:

SqlCommand command = new SqlCommand("SELECT * FROM Customers WHERE

CustomerID = @CustomerID", connection);

SqlParameter parameter = new SqlParameter("@CustomerID",

SqlDbType.Int);

parameter.Value = customerId;

command.Parameters.Add(parameter);

More from ADO.NET Core Tutorial

All questions for this course