S5498658
Reputation: 127
What does "WHERE x = ?" mean in SQL
This code is written in C# and it is calling database to get the data from it. But I don't understand what does "WHERE b.CompRec = ?" mean
public string GetFileNameAndTitle(int compRec)
{
string fileNameAndTitle = "";
string sql = "SELECT a.FileName, a.Title FROM (Files a INNER JOIN Components b ON a.RecNo=b.FileRec) WHERE b.CompRec = ?";
using (OleDbCommand cmd = new OleDbCommand(sql, cn))
{
cmd.Parameters.AddWithValue("@CompRec", compRec);
OpenConnection(); }
Upvotes: 2
Views: 167
Answers (2)
Oleksi
Reputation: 13097
It's basically a placeholder where you will put data later. This lets you split up your SQL statement from the data used in the query. This is the syntax of parameterized statements.
Upvotes: 2
Mike Perrenoud
Reputation: 67898
It is a parameterized statement.
cmd.Parameters.AddWithValue("@CompRec", compRec);
That line sets the actual value when the query is executed at the server. This prevents SQL Injection and is the 100% right approach!
Upvotes: 10
Related Questions
- What does ">=?" mean in SQL?
- What does the “?” symbol do in SQL?
- What is the "=>" sign in LINQ queries?
- How does LINQ Where() clause in .Net work?
- What Does *= means in WHERE Clause in TSQL?
- What does "=?" represent when used in an SQL query
- What does the "?" mean in a query?
- ?? operator in sql
- How does LINQ's "Where" method works?
- What does this SQL WHERE clause mean?