it's overloaded so there are a few ways, but the simplest
on is like this....
sql.Append("SELECT * FROM myTable where Field1 = ? and
Field2 = ?");
cmd.Parameters.Clear();//just to be safe
cmd.Parameters.Add[firstValue];//might be Paren ()
instead, don't have an IDE in front of me.
cmd.Parameters.Add[secondValue];
cmd.connection = "SomeValidConnection";
cmd.commandtext = sql.Tostring();
You an also specify the type of the parameter, which
you'll see with intellisense when you type the parens
after add.
