paramertised select query

  • Thread starter Thread starter steve
  • Start date Start date
S

steve

Hi All

A lot of comments in replies to my posts in these newsgroups encourage me to
use parametised queries to protect against injection attacks

How can I return a datatable from a function by passing the function a
sqlclient command object

The command object only has executenonquery method or executereader and I
need a datatable with the result set

I am using vb.net 2005 and sql server express 2005 in a windows form
application

Regards
Steve
 
Steve,

You could assign the command object to a dataadapter's SelectCommand
property, call the dataadapter's Fill method, sending it a datatable to be
filled, and return the filled datatable.

Kerry Moorman
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Using DataAdapter.Fill to return a DataTable complete with schema information 2
Error on Select method on DataTable 6
dataset and crystal report basic problem 3
Query results to file 9
Sharing an instance of an object across classes 42
View timed out every now and then 5
Convert Linq.DataQuery to DataTable 0
getting the sql statement from a Access stored Query 3

Back
Top