ObjectContext.ExecuteStoreCommand ObjectContext.ExecuteStoreCommand ObjectContext.ExecuteStoreCommand Method

Definition

Overloads

ExecuteStoreCommand(String, Object[]) ExecuteStoreCommand(String, Object[]) ExecuteStoreCommand(String, Object[])

Executes an arbitrary command directly against the data source using the existing connection. The command is specified using the server's native query language, such as SQL.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

ExecuteStoreCommand(TransactionalBehavior, String, Object[]) ExecuteStoreCommand(TransactionalBehavior, String, Object[])

Executes an arbitrary command directly against the data source using the existing connection. The command is specified using the server's native query language, such as SQL.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

ExecuteStoreCommand(String, Object[]) ExecuteStoreCommand(String, Object[]) ExecuteStoreCommand(String, Object[])

Executes an arbitrary command directly against the data source using the existing connection. The command is specified using the server's native query language, such as SQL.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

public virtual int ExecuteStoreCommand (string commandText, params object[] parameters);
abstract member ExecuteStoreCommand : string * obj[] -> int
override this.ExecuteStoreCommand : string * obj[] -> int
Public Overridable Function ExecuteStoreCommand (commandText As String, ParamArray parameters As Object()) As Integer

Parameters

commandText
String String String

The command specified in the server's native query language.

parameters
Object[]

The parameter values to use for the query.

Returns

The number of rows affected.

Remarks

If there isn't an existing local transaction a new transaction will be used

to execute the command.

ExecuteStoreCommand(TransactionalBehavior, String, Object[]) ExecuteStoreCommand(TransactionalBehavior, String, Object[])

Executes an arbitrary command directly against the data source using the existing connection. The command is specified using the server's native query language, such as SQL.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.ExecuteStoreCommand("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

public virtual int ExecuteStoreCommand (System.Data.Entity.TransactionalBehavior transactionalBehavior, string commandText, params object[] parameters);
abstract member ExecuteStoreCommand : System.Data.Entity.TransactionalBehavior * string * obj[] -> int
override this.ExecuteStoreCommand : System.Data.Entity.TransactionalBehavior * string * obj[] -> int

Parameters

transactionalBehavior
TransactionalBehavior TransactionalBehavior TransactionalBehavior

Controls the creation of a transaction for this command.

commandText
String String String

The command specified in the server's native query language.

parameters
Object[]

The parameter values to use for the query.

Returns

The number of rows affected.

Applies to