I cannot find any documentation or examples of the method signature that actually uses parameters.
Code: Select all
IEnumerable<TResult> ExecuteQuery<TResult>(string query, params object[] parameters);
Code: Select all
context.ExecuteQuery("select colA from tableA where colA = :paramA", "paramAValue");
Code: Select all
context.ExecuteQuery("select colA from tableA where colA = '{0}'", "paramAValue");
none, or is the param value internally formatted to avoid malicious values?
...or do I pass OracleParameter objects
Code: Select all
context.ExecuteQuery("select colA from tableA where colA = :paramA", new OracleParameter("paramA", OracleDbType.NVarChar, 10){ Value = "paramAValue" });