Victor Mukherjee
Reputation: 11065
Get SQL statement from a parameterized sql query
I have the below code:
string cmdText="select * from [TestTable] where [TestColumn]=@testparam";
var cmd = new SqlCommand(cmdText);
cmd.Parameters.AddWithValue("@testparam", "hello");
Is there an way to get the sql statements being sent to the database engine? I am using SAP B1 DI API which have a Recordset object that takes the sql string as parameter. I could have used escaped values for parameters to prevent sql injection. Also, please let me know if it is possible with some other external library or I need to escape the parameter values manually.
Upvotes: 3
Views: 611
Answers (1)
Alberto Solano
Reputation: 8227
If you're using SQL Server, I think SQL Server Profiler is your solution.
Using this tool, you're able to listen to every query and action, that could be invoked by your C# code. In this way, you'll be able to understand which statements are sent to the RDBMS engine.
Upvotes: 1
Related Questions
- Executing query with parameters
- How to use sql parameters for a select query?
- Retrieve output parameter of SQL statement
- How to find parameters in sql query using C# Ado.Net
- How do I re-write a SQL query as a parameterized query?
- How to get parameterized query?
- Using Retrieved Data from a Parameterized SQL Query
- Parameterize SQL query
- how to get the full sql query including parameters
- Finding the SQL output of a parameterized query