.NET Tip

[.NET Follower]

useful tip i feel ,

Using String.Format() Method.

Replaces each format specification in a specified String with the textual
equivalent of a

corresponding object's value
string strSQL;
strSQL = "SELECT * FROM Products ";
strSQL += " WHERE CategoryID = {0}";
strSQL += " AND SupplierID = {1}";
strSQL = String.Format(strSQL, 5, 12);

When this string comes back 5 will be placed where the {0} is located in the
string
and the 12 will be placed where the {1} is located.
"SELECT * FROM Products WHERE CategoryID = 5 AND SupplierID = 12"

amit agarwal
india

 

[Maxim V. Karpov]

It is better to use StringBuilder AppendFormat Method to accomplition the
same
For examlpe:
Dim strBld As New StringBuilder(String.Empty)

If textboxes.Count = 0 Then Exit Sub

For Each txt As TextBox In textboxes

strBld.AppendFormat("{0} {1}", txt.Text, vbCrLf)

Next



I agree it is very good tip!

Maxim

[www.ipattern.com do you?]

 

[Janaka]

Is this actually more efficient than just doing the following?
int cat = 5;
int supply = 12;
string strSQL = "SELECT * FROM Products WHERE CategoryID=" + cat.ToString()
+ " AND SupplierID=" + supply.ToString();

 

[Scott Allen]

Unfortunately, using string concatenation and string format to put
parameters into SQL commands also places you at higher risk for SQL
injection attacks.

 

[.NET Follower]

ya thats true!!