| 1. | Column provides the parameters for parameterized command , and the
列为参数化命令提供参数, |
| 2. | Object contains a parameterized command , the commands for the
对象是否包含参数化命令,都始终执行 |
| 3. | Parameters changes are propagated to the subscriber using parameterized commands
使用参数化命令将更改传播给订阅服务器。 |
| 4. | Parameterized commands guard against a sql injection attack by ensuring that values received from an external source are passed as values only , and not part of the transact - sql statement
但是,即使大小足以接受恶意的transact - sql片断,该片断也只是作为值的一部分对待,而不会作为可执行的transact - sql代码对待。 |
| 5. | Use parameterized commands using parameterized commands helps guard against sql injection attacks , in which an attacker " injects " a command into a sql statement that compromises security on the server
该参数定义为大小为5个字符,所以,在参数添加到命令中时,如果textbox控件中提交的字符串值超过5个字符,将引发异常。 |
| 6. | Stored procedure if the command contains parameters , which provides a performance benefit . as a result , if a command affecting the state of the connection is included in a non - parameterized command , it modifies the state of the connection for all subsequent commands executed while the connection is open
Net framework 1 . 1版以及更高版本中,如果命令含有参数,则executereader只在sp _ executesql存储过程的上下文中执行该命令,因为这样可以提高性能。 |
