3

Is this bad coding?

I have a query

INSERT INTO sometable (field1,field2...fieldn) VALUES (?,?,.....?)

Then

cmd.Parameters.Add("TOFnr", OdbcType.Int, 10).Value = orderId;
cmd.Parameters.Add("LineNr", OdbcType.Int, 10).Value = maxLineNr;
cmd.Parameters.Add("Date", OdbcType.VarChar, 8).Value = rowHeader["Date"];

The code works, except there was an if-conditional around an Add, causing the data after that line to get into the wrong variable.

The placeholders ("TOFnr" etc.) is only used for the programmers reference, not used by the sql or c# itself, right?

Isn't it less error-prone to used named parameters in the query?

INSERT INTO sometable (field1,field2...fieldn) VALUES (@TOFnr,@LineNr,.....@fieldn)

It is c# connecting to borland paradox over odbc.

Leif Neland
  • 1,416
  • 1
  • 17
  • 40
  • At this time, seems that named query parameters still unsupported in .NET Framework Data Provider for ODBC, either using text command or stored procedure: http://stackoverflow.com/questions/6338139/can-odbc-parameter-place-holders-be-named & https://msdn.microsoft.com/en-us/library/system.data.odbc.odbccommand.commandtype.aspx. In short, stay to use `?` placeholders when dealing with ODBC. – Tetsuya Yamamoto May 09 '17 at 08:40

1 Answers1

1

Isn't it less error-prone to used named parameters in the query?

Yes, it is. Unfortunately the ADO.NET ODBC driver doesn't allow named SQL parameters to be passed along in the SQL statement, so unfortunately for you, it is not possible using the ODBC driver.

I am not an expert on Paradox, but there might be a driver specifically for Paradox which does allow named parameters. You might have more luck there.

Patrick Hofman
  • 153,850
  • 22
  • 249
  • 325