Click here to Skip to main content
15,909,324 members
Search within:


why do we write @ before writing a sql query ?
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#
SQL-Server
i have a Doubt in mind about the use of @ in sql squeries
although we can use @ in parametrized query also like this --


insert into EMP (EmpName , Salary) values (@EmpName,@Salary) -- i think here @ is used for userInput ,but i dont get why @ is used in below code ???


VB
string _Insert = @"insert into Details(fName,lName,DOB,City) Values('" + fName_Txt.Text + "','" + lName_Txt.Text + "','" +_Date.ToString() + "','" + City_Txt.Text + "')";



pls help ..thanks in advance
Posted
Updated 10-Mar-13 18:31pm
v2
Add a Solution

3 solutions

Its a C# thing - it means interpret the string literally or 'as is' .. that is to say

C#
String myFilePath1 = @"Drive:\Path\File.Ext";


Won't cause an error - the "\P" and "\F" are not interpreted, but

C#
String myFilePath2 = "Drive:\Path\File.Ext";


WILL cause an error because "\P" and "\F" are not recognised/a valid escape sequence - you have to make it

C#
String myFilePath2 = "Drive:\\Path\\File.Ext";


without the '@' sign

'g'
 
Share this answer
 
Posted
Comments
Aarti Meswania 11-Mar-13 1:13am    
5+ :)
sr_24 11-Mar-13 1:46am    
thankyou very much awesome explaination ...So can iu conclude by it that -- Is it optional to use when initializing/declaring a string variable , if the string does not contain \p ,\f ..i can skip @

otherwise i hv to use it .. ?????
Is their any other reason also ..as my query does not have any \f , \p
Garth J Lancaster 11-Mar-13 5:03am    
I think this post sums up the escape sequences - if you avoid those, you're unlikely to need the '@' http://msdn.microsoft.com/en-us/library/h21280bw.aspx

[modified] .. there's also, iirc, '\unnnn' for a unicode sequence of nnnn
@ sign stands for a variable in SQL server
Its scope is Limited to the batch in which it is used.



So if you are passing (@EmpName,@Salary) to the the sql, it means you are passing some variables to SQL in the form of parameters.
 
Share this answer
 
Posted
Comments
sr_24 11-Mar-13 1:47am    
thanks for the reply .... but why we use it before a string like-- ??

string _Insert = @"insert into Details(fName,lName,DOB,City) Values('" + fName_Txt.Text + "','" + lName_Txt.Text + "','" +_Date.ToString() + "','" + City_Txt.Text + "')";
rohitdon007 11-Mar-13 1:52am    
it is not necessary always to use @ before a string, the main purpose of using @ is to just nullify some special characters like "\".

if we want to use "\", we have to write "\\" or we can use @"\"
sr_24 11-Mar-13 3:04am    
thaanks
btw, lastly, as a matter of good form, I'd parameterise the SQL statement and avoid building it like this - you leave yourself open to 'SQL Injection' - google it

the short version is "what if someone deliberatly entered ';drop table x cascade' (for example) and that was added into the SQL starement and executed ?"

.. just saying

'g'
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How to write SQL query format in C#
How to write query to get dates
How to write SQL for below scenario
Why and How to write SQL Sub queries
sql queries write down
how to write query for this
Why do we write sizeof(x) / sizeof(x[0]) instead of simply writing sizeof(x) to determine the size of the array in C++
Convert SQL query to C# LINQ qu
Write SQL query for below result set
Writing sql query in xml

Advertise
Privacy
Cookies
Terms of Use
Last Updated 11 Mar 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-05-30:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900