What is the currently accepted way to retrieve data from a SQL Server using C# 4.0?
Question
Let's say I have a form in C# containing textboxes that correspond to fields in a SQL Server database table, and I want to extract data from the table and populate the textboxes.
From VS2005, I am familiar with the following code pattern:
command = conn.CreateCommand();
command.CommandText = "SELECT * FROM Customer WHERE ID = " + CustId;
reader = command.ExecuteReader();
FormCustomer.textBoxName = reader.GetString(reader.GetOrdinal("Name"));
FormCustomer.textBoxAddress = reader.GetString(reader.GetOrdinal("Address"));
FormCustomer.textBoxSuburb = reader.GetString(reader.GetOrdinal("Suburb"));
What is the currently accepted way to do this in C# 4.0 using VS2010?
5 answers
solution1
5 ACCPTED 2011-11-22 10:45:52
Well the way you've got it is certainly one option, although you should be using parameterized SQL instead of creating SQL on the fly. (I hope you've also got appropriate using statements to close connections etc).
Other options:
- Reading into a
DataTableinstead (still basic ADO.NET) - LINQ to SQL
- Entity Framework
- Massive
- Dapper
- NHibernate
- Subsonic
- Simple.Data
That's just off the top of my head. There are bound to be more.
solution2
1 2011-11-22 10:46:15
Take a look at SimpleData project:
Prompted by the need for an easy-to-use database access component which prevents SQL injection attacks while not requiring lots of boilerplate ADO.NET code or a pre-generated ORM model. Inspired by Ruby's ActiveRecord and DataMapper gems.
With SimpleData your code will be look like:
var customer = db.Customer.FindById(CustId);
FormCustomer.textBoxName = customer.Name;
FormCustomer.textBoxAddress = customer.Address;
FormCustomer.textBoxSuburb = customer.Suburb;
solution3
1 2011-11-22 10:48:58
Linq to SQL: http://msdn.microsoft.com/en-us/library/bb386976.aspx
Entity Framework: http://msdn.microsoft.com/en-us/library/aa697427%28v=vs.80%29.aspx
Long story short, the latter is the main ORM tool from Ms. Linq to SQL is a nice way to start with small and simple things.
solution4
1 2011-11-22 10:59:27
There is no single "currently accepted" way; I'm lazy, so I use dapper; so my approach would be:
var cust = conn.Query(
"select Name, Address, Suburb from Customer where Id = @CustId",
new {CustId}).Single();
FormCustomer.textBoxName = cust.Name;
FormCustomer.textBoxAddress = cust.Address;
FormCustomer.textBoxSuburb = cust.Suburb;
There is also Query<T> etc for filling typed objects, but in the above the dynamic usage (as shown) is probably fine. The new {CustId} specifies the parameters - fully named, typed, and SQL-injection safe (note the CustId in the anonymous type matches to @CustId in the TSQL). No messing with commands and readers, brutally fast.
solution5
0 2011-11-22 10:47:07
Well it depends on what you have to do. Your code is still valid of course and there is no definitive pattern, but it is connection oriented. The other approach is a "connection-less" approach using DataSet, SqlDataAdapter, etc. Have a look here: http://www.csharp-station.com/Tutorial/AdoDotNet/Lesson05 .
Edit : Ok here is a version with SqlDataAdapter:
DataSet dsCustomers = new DataSet();
SqlDataAdapter daCustomers =
new SqlDataAdapter("SELECT * FROM Customer WHERE ID = " + CustId, conn);
SqlCommandBuilder cmdBldr = new SqlCommandBuilder(daCustomers);
daCustomers.Fill(dsCustomers, tableName);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.