using System;
using System.Data;
using System.Data.SqlClient;
class UsingParameters
{
public static void Main()
{
SqlConnection mySqlConnection =new SqlConnection("server=(local)SQLEXPRESS;database=MyDatabase;Integrated Security=SSPI;");
mySqlConnection.Open();
SqlCommand mySqlCommand = mySqlConnection.CreateCommand();
mySqlCommand.CommandText =
"INSERT INTO Employee (" +
" ID, FirstName, LastName" +
") VALUES (" +
" @ID, @FirstName, @LastName" +
")";
mySqlCommand.Parameters.Add("@ID", SqlDbType.NChar, 2);
mySqlCommand.Parameters.Add("@FirstName", SqlDbType.NVarChar, 10);
mySqlCommand.Parameters.Add("@LastName", SqlDbType.NVarChar, 10);
mySqlCommand.Parameters["@ID"].Value = "9";
mySqlCommand.Parameters["@FirstName"].Value = "New";
mySqlCommand.Parameters["@LastName"].IsNullable = true;
mySqlCommand.Parameters["@LastName"].Value = "New";
mySqlCommand.ExecuteNonQuery();
Console.WriteLine("Successfully added row to Customers table");
mySqlConnection.Close();
}
}
