xpo-devexpress-dot-xpo-dot-session-dot-executenonquery-x28-system-dot-string-devexpress-dot-xpo-dot-db-dot-queryparametercollection-x29.md
This method executes a raw SQL query string. Always validate, sanitize, or parameterize externally supplied SQL query strings to prevent unauthorized access to sensitive information.
Executes the specified SQL statement and returns the number of rows affected.
Namespace : DevExpress.Xpo
Assembly : DevExpress.Xpo.v25.2.dll
NuGet Package : DevExpress.Xpo
public int ExecuteNonQuery(
string sql,
QueryParameterCollection parameters
)
Public Function ExecuteNonQuery(
sql As String,
parameters As QueryParameterCollection
) As Integer
| Name | Type | Description |
|---|---|---|
| sql | String |
Specifies an SQL statement.
| | parameters | QueryParameterCollection |
Specifies query parameter values.
|
| Type | Description |
|---|---|
| Int32 |
The number of rows affected by the executed SQL statement.
|
Use the ExecuteNonQuery method to execute SQL statements that do not produce result sets, such as UPDATE, INSERT, and DELETE statements.
Use QueryParameterCollection to pass strongly-typed parameters. See examples here: Always Encrypted (SQL Server only).
The connection provider automatically generates sequential parameter names (p0, p1, p2 …). To specify custom parameter names, use the overloaded ExecuteNonQuery(String, String[], QueryParameterCollection) method.
To learn more about executing SQL statements in XPO, refer to Direct SQL Queries.
Note
The ExecuteNonQuery method sends statements directly, so the correct statement syntax and parameter names format depends on a particular database server.
See Also