Unused sql options is any harm?

Question

Unused sql options is any harm?

Consider the following code:

Dim sql = "SELECT * FROM MyTable WHERE value1 = @Param1"

If someCondition Then
   sql = sql + " AND value2 = @Param2"
End If

Dim cmd As New SqlCommand(sql, conn)
cmd.Parameters.AddWithValue("@Param1", param1Value)
cmd.Parameters.AddWithValue("@Param2", param2Value)

Assuming I built a complex sql statement dynamically that may or may not include a parameter @Param2- is there any harm in adding it to the command as a parameter?

My real use case is obviously much more complicated than that, but overall this is a pattern that I should avoid; and if so, why?

+3

sql-server ado.net

Danp Sep 28 '10 at 14:51

source share

2 answers

, . , , , NULL, , , .

0

hav2play21 28 . '10 14:59

marc_s · Accepted Answer · 2010-09-28T15:12:51+0000

The only thing I would like to note is the fact that if you call .AddWithValue, you leave it to SQL Server to figure out what the data type of the parameter will be.

SQL Server - " ", .

:

SqlParameter aParam = new SqlParameter("@Param1", SqlDbType.VarChar, 50);
aParam.Value = param1Value;

:

, , . VARCHAR NVARCHAR ( ).
, .

, . .

, , , SQL Server, .

Unused sql options is any harm?

More articles: