tailieunhanh - Using Parameterized SQL Statements

[ Team LiB ] Recipe Using Parameterized SQL Statements Problem You want to create and execute a SQL statement having parameters that are set dynamically. Solution Add parameters to the Command object's Parameters collection. | Team LiB Recipe Using Parameterized SQL Statements Problem You want to create and execute a SQL statement having parameters that are set dynamically. Solution Add parameters to the Command object s Parameters collection. The sample code contains two event handlers and one method Sets up the sample by creating a DataTable containing all Customers data from Northwind. The default view of the table is bound to a Customers data grid on the form. The handler for the CurrentCellChanged event of the data grid is called to initialize the grid containing Orders with the data for the row selected by default in the Customers data grid. Gets the CustomerlD from the data grid when the rows selected in the data grid changes and calls the LoadOrderGrid method to update the Orders displayed to match the selected Customer. LoadOrderGrid This method defines a parameterized SQL statement. A Command is built from the statement and the single parameter @CustomerID is created and set to the customerld argument passed into the method. The Command is used by a DataAdapter to fill a DataTable with the Orders for the specified Customer. The default view of the table is bound to the Customers data grid on the form. The C code is shown in Example 2-30. Example 2-30. File Namespaces variables and constants using System using using using Table name constants private const String CUSTOMERS_TABLE Customers private const String ORDERS_TABLE Orders . . . private void UsingParameterizedQueriesForm_Load object sender e String sqlText SELECT FROM Customers Retrieve table with all customers. SqlDataAdapter da new SqlDataAdapter sqlText S ql_ConnectString DataTable dt new DataTable CUSTOMERS_TABLE dt Bind the default view of the Customers table to the customers grid. Fire .