ObjectContext.ExecuteStoreQuery 方法

定义

重载

ExecuteStoreQuery<TElement>(String, Object[])

对数据源直接执行查询,此查询将返回类型化结果的序列。Executes a query directly against the data source that returns a sequence of typed results.

ExecuteStoreQuery<TEntity>(String, String, MergeOption, Object[])

对数据源直接执行查询,此查询将返回类型化结果的序列。Executes a query directly against the data source and returns a sequence of typed results. 指定实体集和合并选项,以便能够将查询结果作为实体进行跟踪。Specify the entity set and the merge option so that query results can be tracked as entities.

ExecuteStoreQuery<TElement>(String, Object[])

对数据源直接执行查询,此查询将返回类型化结果的序列。Executes a query directly against the data source that returns a sequence of typed results.

public:
generic <typename TElement>
 System::Data::Objects::ObjectResult<TElement> ^ ExecuteStoreQuery(System::String ^ commandText, ... cli::array <System::Object ^> ^ parameters);
public System.Data.Objects.ObjectResult<TElement> ExecuteStoreQuery<TElement> (string commandText, params object[] parameters);
member this.ExecuteStoreQuery : string * obj[] -> System.Data.Objects.ObjectResult<'Element>
Public Function ExecuteStoreQuery(Of TElement) (commandText As String, ParamArray parameters As Object()) As ObjectResult(Of TElement)

类型参数

TElement

返回的数据的类型。The type of the returned data.

参数

commandText
String

要用数据源的本机语言执行的命令。The command to execute, in the native language of the data source.

parameters
Object[]

要传递给命令的参数数组。An array of parameters to pass to the command.

返回

ObjectResult<TElement>

类型为 TElement 的对象的枚举。An enumeration of objects of type TElement.

注解

ExecuteStoreQuery方法使用现有连接对数据源直接执行任意命令。The ExecuteStoreQuery method uses the existing connection to execute an arbitrary command directly against the data source. 如果存在当前事务,则将在当前事务的上下文中执行存储命令。The store command is executed in the context of the current transaction, if such a transaction exists.

调用 ExecuteStoreQuery 方法等效于调用 ExecuteReader 类的 DbCommand 方法,只是 ExecuteStoreQuery 返回实体,而 ExecuteReader 返回 DbDataReader 中的属性值。Calling the ExecuteStoreQuery method is equivalent to calling the ExecuteReader method of the DbCommand class, only ExecuteStoreQuery returns entities and the ExecuteReader returns property values in the DbDataReader.

ExecuteStoreQuery如果希望跟踪结果,请调用具有指定实体集名称的。Call the ExecuteStoreQuery with the specified entity set name, if you want for the results to be tracked.

Translate DbDataReader 当读取器包含映射到指定实体类型的数据行时,调用方法将转换为实体对象。Call the Translate method to translate a DbDataReader into entity objects when the reader contains data rows that map to the specified entity type.

使用参数化命令可帮助抵御 SQL 注入攻击,这种攻击的攻击者会将命令“注入”SQL 语句,从而危及服务器的安全。Using parameterized commands helps guard against SQL injection attacks, in which an attacker "injects" a command into a SQL statement that compromises security on the server. 通过确保从外部源接收的值仅作为值(而不是 SQL 语句的一部分)进行传递,参数化命令可抵御 SQL 注入攻击。Parameterized commands guard against a SQL injection attack by guaranteeing that values received from an external source are passed as values only, and not part of the SQL statement. 因此,不会在数据源中执行插入到值中的 SQL 命令。As a result, SQL commands inserted into a value are not executed at the data source. 相反,只会将这些命令作为参数值来计算。Rather, they are evaluated only as a parameter value. 除了安全优势外,参数化命令还提供了一种方便的方法来组织通过 SQL 语句或存储过程传递的值。In addition to the security benefits, parameterized commands provide a convenient method for organizing values passed with a SQL statement or to a stored procedure.

parameters 值可以是 DbParameter 对象数组或参数值数组。The parameters value can be an array of DbParameter objects or an array of parameter values. 如果只提供了值,则 DbParameter 根据数组中值的顺序创建对象数组。If only values are supplied, an array of DbParameter objects are created based on the order of the values in the array.

有关详细信息,请参阅:For more information, see:

直接执行存储命令Directly Executing Store Commands and

如何:针对数据源直接执行命令How to: Directly Execute Commands Against the Data Source

适用于

ExecuteStoreQuery<TEntity>(String, String, MergeOption, Object[])

对数据源直接执行查询,此查询将返回类型化结果的序列。Executes a query directly against the data source and returns a sequence of typed results. 指定实体集和合并选项,以便能够将查询结果作为实体进行跟踪。Specify the entity set and the merge option so that query results can be tracked as entities.

public:
generic <typename TEntity>
 System::Data::Objects::ObjectResult<TEntity> ^ ExecuteStoreQuery(System::String ^ commandText, System::String ^ entitySetName, System::Data::Objects::MergeOption mergeOption, ... cli::array <System::Object ^> ^ parameters);
public System.Data.Objects.ObjectResult<TEntity> ExecuteStoreQuery<TEntity> (string commandText, string entitySetName, System.Data.Objects.MergeOption mergeOption, params object[] parameters);
member this.ExecuteStoreQuery : string * string * System.Data.Objects.MergeOption * obj[] -> System.Data.Objects.ObjectResult<'Entity>
Public Function ExecuteStoreQuery(Of TEntity) (commandText As String, entitySetName As String, mergeOption As MergeOption, ParamArray parameters As Object()) As ObjectResult(Of TEntity)

类型参数

TEntity

返回的数据的实体类型。The entity type of the returned data.

参数

commandText
String

要用数据源的本机语言执行的命令。The command to execute, in the native language of the data source.

entitySetName
String

TEntity 类型的实体集。The entity set of the TEntity type. 如果未提供实体集名称,则不会跟踪结果。If an entity set name is not provided, the results are not going to be tracked.

mergeOption
MergeOption

要在执行查询时使用的 MergeOptionThe MergeOption to use when executing the query. 默认值为 AppendOnlyThe default is AppendOnly.

parameters
Object[]

要传递给命令的参数数组。An array of parameters to pass to the command.

返回

ObjectResult<TEntity>

类型为 TResult 的对象的枚举。An enumeration of objects of type TResult.

注解

ExecuteStoreQuery方法使用现有连接对数据源直接执行任意命令。The ExecuteStoreQuery method uses the existing connection to execute an arbitrary command directly against the data source. 如果存在当前事务,则将在当前事务的上下文中执行存储命令。The store command is executed in the context of the current transaction, if such a transaction exists.

调用 ExecuteStoreQuery 方法等效于调用 ExecuteReader 类的 DbCommand 方法,只是 ExecuteStoreQuery 返回实体,而 ExecuteReader 返回 DbDataReader 中的属性值。Calling the ExecuteStoreQuery method is equivalent to calling the ExecuteReader method of the DbCommand class, only ExecuteStoreQuery returns entities and the ExecuteReader returns property values in the DbDataReader.

如果希望将结果作为实体进行跟踪,请指定实体集名称。Specify the entity set name, if you want for the results to be tracked as entities.

Translate DbDataReader 当读取器包含映射到指定实体类型的数据行时,调用方法将转换为实体对象。Call Translate method to translate a DbDataReader into entity objects when the reader contains data rows that map to the specified entity type.

使用参数化命令可帮助抵御 SQL 注入攻击,这种攻击的攻击者会将命令“注入”SQL 语句,从而危及服务器的安全。Using parameterized commands helps guard against SQL injection attacks, in which an attacker "injects" a command into a SQL statement that compromises security on the server. 通过确保从外部源接收的值仅作为值(而不是 SQL 语句的一部分)进行传递,参数化命令可抵御 SQL 注入攻击。Parameterized commands guard against a SQL injection attack by guaranteeing that values received from an external source are passed as values only, and not part of the SQL statement. 因此,不会在数据源中执行插入到值中的 SQL 命令。As a result, SQL commands inserted into a value are not executed at the data source. 相反,只会将这些命令作为参数值来计算。Rather, they are evaluated only as a parameter value. 除了安全优势外,参数化命令还提供了一种方便的方法来组织通过 SQL 语句或存储过程传递的值。In addition to the security benefits, parameterized commands provide a convenient method for organizing values passed with a SQL statement or to a stored procedure.

parameters 值可以是 DbParameter 对象数组或参数值数组。The parameters value can be an array of DbParameter objects or an array of parameter values. 如果只提供了值,则 DbParameter 根据数组中值的顺序创建对象数组。If only values are supplied, an array of DbParameter objects are created based on the order of the values in the array.

有关详细信息,请参阅:For more information, see:

直接执行存储命令Directly Executing Store Commands and

如何:针对数据源直接执行命令How to: Directly Execute Commands Against the Data Source

适用于