Best IT Recipes

What does the @ character do in SQL?

I looked through the questions and noticed this:

SELECT prodid, issue FROM Sales WHERE custid = @custid AND datesold = SELECT MAX(datesold) FROM Sales s WHERE s.prodid = Sales.prodid AND s.issue = Sales.issue AND s.custid = @custid

I was wondering what the "@" does before custID? Is this just a way of referencing custID from a selected table?

+45
sql
Dec 12 '08 at 3:02
source share
8 answers

@CustID means this is a parameter that you will specify in the code later. This is the best way to protect against SQL injection. Create your query using parameters, not concatenation of strings and variables. The database engine puts the value of the parameter in the place where the placeholder is located, and there is no zero probability for SQL injection.

+36
Dec 12 '08 at 3:05
source share

@ is used as a prefix denoting the names of stored procedures and functional parameters, as well as the names of variables

+22
Dec 12 '08 at 3:04
source share

So, would you set the @custID value inside this request to select, or before you execute the request?

Something like that?

 SET @custID = '1';
+2
Dec 12 '08 at 3:27
source share

Its parameter that you need to determine. to prevent SQL Injection, you must pass all of your variables as parameters.

+1
Dec 12 '08 at 3:05
source share

You can use MySQL syntax: ? Microsoft SQL @ match MySQL ?

+1
Dec 12 '08 at 3:07
source share

What you're talking about is a way to write a parameterized query. '@' just means that it is a parameter. You can add a value for this parameter at runtime.

 eg: sqlcommand cmd = new sqlcommand(query,connection); cmd.parameters.add("@custid","1"); sqldatareader dr = cmd.executequery();
+1
Dec 12 '08 at 5:24
source share
 publish data where stoloc = 'AB143' | [select prtnum where stoloc = @stoloc]

Here's how @ works.

0
Jul 30 '12 at 19:34
source share

@ and then the number are the parameters in the order in which they are listed in the function.

0
Jul 26 '17 at 6:28
source share


More articles:


All Articles