MaximumASP
Social Bookmarking
Online Shopping
asp.net hosting
UK online local dating
| More
Recent News » SQL

LINQ to Entities, Entity SQL, Parameterized Store Queries and SQL Injection

Posted by: Julia Lerman Blog - Dont Be Iffy..., on 08 Feb 2009 | View original | Bookmarked: 0 time(s)

Last week, I was demoing some basic Entity Framework queries to a client and explaining that the store queries are parameterized, alleviating one area of concern. But when we looked at SQL Profiler the query was not parameterized. Why was this? The query I had used was: var query = from c in context.Customers where c.lastname=='Smith' select c; I had hard coded the string for lastname into the query which resulted in the following SQL: SELECT TOP (1) [Extent1].[CustomerID] AS [CustomerID],...

Advertisement
Free Agile Project Management Tool from Telerik
TeamPulse Community Edition helps your team effectively capture requirements, manage project plans, assign and track work, and most importantly, be continually connected with each other.
Category: SQL | Other Posts: View all posts by this blogger | Report as irrelevant | View bloggers stats | Views: 1638 | Hits: 124

Similar Posts

  • Chat room questions from the EF Tips & Tricks webcast more
  • Important Entity Framework Query Improvements for .NET 4.0 more
  • Talking Points: ADO.NET Entity Framework more
  • Logging Entity Framework Queries to Look for Perf Improvement Opportunities more
  • Entity Framework and Read Stored Procedures - a new perspective more
  • Best approach for teaching first exposure to Entity Framework more
  • More on Foreign Keys in EF more
  • Preventing SQL Injection with the Entity Framework and Data Services more
  • Querying with LINQ to Entities vs ObjectQuery in EF more
  • Looking at EF Performance - some surprises more

News Categories

.NET | Agile | Ajax | Architecture | ASP.NET | BizTalk | C# | Certification | Data | DataGrid | DataSet | Debugger | DotNetNuke | Events | GridView | IIS | Indigo | JavaScript | Mobile | Mono | Patterns and Practices | Performance | Podcast | Refactor | Regex | Security | Sharepoint | Silverlight | Smart Client Applications | Software | SQL | VB.NET | Visual Studio | W3 | WCF | WinFx | WPF | WSE | XAML | XLinq | XML | XSD