ContextQMD
Back to Devexpress

Session.ExecuteQuery(String, String[], QueryParameterCollection) Method

xpo-devexpress-dot-xpo-dot-session-dot-executequery-x28-system-dot-string-system-dot-string-devexpress-dot-xpo-dot-db-dot-queryparametercollection-x29.md

latest2.7 KB
Original Source

Session.ExecuteQuery(String, String[], QueryParameterCollection) Method

SECURITY-RELATED CONSIDERATIONS

This method executes a raw SQL query string. Always validate, sanitize, or parameterize externally supplied SQL query strings to prevent unauthorized access to sensitive information.

Executes the specified SQL query and returns a result set.

Namespace : DevExpress.Xpo

Assembly : DevExpress.Xpo.v25.2.dll

NuGet Package : DevExpress.Xpo

Declaration

csharp
public SelectedData ExecuteQuery(
    string sql,
    string[] parameterNames,
    QueryParameterCollection parameters
)
vb
Public Function ExecuteQuery(
    sql As String,
    parameterNames As String(),
    parameters As QueryParameterCollection
) As SelectedData

Parameters

NameTypeDescription
sqlString

Specifies an SQL statement.

| | parameterNames | String[] |

Specifies parameter names.

| | parameters | QueryParameterCollection |

Specifies query parameter values.

|

Returns

TypeDescription
SelectedData

A result set compatible with XPDataView

|

Remarks

Use the ExecuteQuery method to query data stores for resulting sets. You can visualize resulting sets using the XPDataView. Refer to this article for additional information: How to: Access Data in SQL Query Results.

Use QueryParameterCollection to pass strongly-typed parameters. See examples here: Always Encrypted (SQL Server only).

To learn more about executing SQL statements in XPO, refer to Direct SQL Queries.

Note

The ExecuteQuery method sends statements directly, so the correct statement syntax and parameter names format depends on a particular database server.

See Also

Session Class

Session Members

DevExpress.Xpo Namespace