Parameterized query only works with WHERE clause (?)

  • Thread starter Thread starter John Bailo
  • Start date Start date
J

John Bailo

In testing it seems like I can only use a parameterized query when the
parameters are in a WHERE clause.

For example

cmd.CommandText = "SELECT * FROM jbtest where testfield1=@tablename ";
cmd.Parameters.Add("@tablename", tablename);

works.

But:

txt_createtable_fields= "(myfieed varchar(24))";
cmd.CommandText = "CREATE TABLE @tablename " +
txt_createtable_fields.ToString();
cmd.Parameters.Add("@tablename", tablename);

Does not.

Comments?
 
John said:
In testing it seems like I can only use a parameterized query when
the parameters are in a WHERE clause.

For example

cmd.CommandText = "SELECT * FROM jbtest where testfield1=@tablename ";
cmd.Parameters.Add("@tablename", tablename);

works.

But:

txt_createtable_fields= "(myfieed varchar(24))";
cmd.CommandText = "CREATE TABLE @tablename " +
txt_createtable_fields.ToString(); cmd.Parameters.Add("@tablename",
tablename);

Does not.

Comments?
Click to expand...

Perhaps because CREATE TABLE requires a constant as name, not a
parameter?

FB


--
 
Back
Top