C# SQL insert command

by

First of all: STOP concatenating together your SQL code!! This is an invitation to hackers everywhere to attack you with SQL injection! Use parametrized queries instead!

I would use this solution: create a single SqlCommand with a parametrized query, and execute that:

string stmt = "INSERT INTO dbo.Test(id, name) VALUES(@ID, @Name)";

SqlCommand cmd = new SqlCommand(smt, _connection);
cmd.Parameters.Add("@ID", SqlDbType.Int);
cmd.Parameters.Add("@Name", SqlDbType.VarChar, 100);

for (int i = 0; i < 10000; i++)
{
    cmd.Parameters["@ID"].Value = i;
    cmd.Parameters["@Name"].Value = i.ToString();

    cmd.ExecuteNonQuery();
}

or use SqlBulkCopy, especially if you’re inserting even more than 10’000 rows.

More Related Contents:

  1. How do I translate a List into a SqlParameter for a Sql In statement? [duplicate]
  2. convert sql query into lambda expression [closed]
  3. how to get date difference between two dates using DateDiff Excluding the weekends [duplicate]
  4. How to enumerate an enum
  5. How to remove elements from a generic list while iterating over it?
  6. C# Data Connections Best Practice?
  7. Parsing SQL code in C# [closed]
  8. SQL Express connection string: mdf file location relative to application location
  9. LINQ to SQL – Left Outer Join with multiple join conditions
  10. How do I loop through a date range?
  11. Why does the Contains() operator degrade Entity Framework’s performance so dramatically?
  12. How to save image in database using C# [closed]
  13. Query extremely slow in code but fast in SSMS
  14. DateTime format to SQL format using C#
  15. Filter sql based on C# List instead of a filter table
  16. Code to validate SQL Scripts
  17. SQLException : String or binary data would be truncated
  18. Check if list contains any of another list
  19. C# Version Of SQL LIKE
  20. Application can’t scaffold items
  21. Retrieve an object from entityframework without ONE field
  22. ALTER TABLE DROP COLUMN failed because one or more objects access this column
  23. Anonymous type result from sql query execution entity framework
  24. Oracle Parameters with IN statement?
  25. How to pass a null variable to a SQL Stored Procedure from C#.net code
  26. How to insert data into SQL Server
  27. Check if record in a table exist in a database through ExecuteNonQuery
  28. looping a SQL insert statement with dates
  29. Stored procedure returns int instead of result set
  30. ‘Must Declare the Scalar Variable’ Error When Passing a Table-Valued Parameter to a Parameterized SQL Statement

Leave a Comment