Skip to content

Latest commit

 

History

History
29 lines (25 loc) · 655 Bytes

SQL002.md

File metadata and controls

29 lines (25 loc) · 655 Bytes

SQL002

SQL parameters mismatch

Noncompliant Code Example:
Dapper

var dog = connection.Query<Dog>("select Age = @Age, Id = @Id", new { Id = guid });

SqlCommand

var sql = new SqlCommand("select Age = @Age, Id = @Id");
sql.Parameters.AddWithValue("@Id", guid);
sql.ExecuteNonQuery();

Compliant Solution:
Dapper

var dog = connection.Query<Dog>("select Age = @Age, Id = @Id", new { Age = (int?)null, Id = guid });

SqlCommand

var sql = new SqlCommand("select Age = @Age, Id = @Id");
sql.Parameters.AddWithValue("@Id", guid);
sql.Parameters.AddWithValue("@Age", 42);
sql.ExecuteNonQuery();