Parameterized Query for MySQL with C#

Question

I have the code below (I\'ve included what I believe are all relevant sections):

private String readCommand = \"SELECT LEVEL FROM USERS WHERE VAL_1 = ? AND V         


        

Answer 1

If you want to execute the sql many times, then you should use this way:

conn.Open();
cmd.Connection = conn;

cmd.CommandText = "INSERT INTO myTable VALUES(NULL, @number, @text)";
cmd.Prepare();

cmd.Parameters.AddWithValue("@number", 1);
cmd.Parameters.AddWithValue("@text", "One");

for (int i=1; i <= 1000; i++)
{
    cmd.Parameters["@number"].Value = i;
    cmd.Parameters["@text"].Value = "A string value";

    cmd.ExecuteNonQuery();
}

First time is without "ExecuteNonQuery" just adding the parameters with faked values, then inside the loop you add the real values.

See this link: https://dev.mysql.com/doc/connector-net/en/connector-net-programming-prepared-preparing.html