Export (0) Print
Expand All

ObjectContext::ExecuteStoreQuery<TElement> Method (String, array<Object>)

Executes a query directly against the data source that returns a sequence of typed results.

Namespace:  System.Data.Objects
Assembly:  System.Data.Entity (in System.Data.Entity.dll)

public:
generic<typename TElement>
ObjectResult<TElement>^ ExecuteStoreQuery(
	String^ commandText, 
	... array<Object^>^ parameters
)

Type Parameters

TElement

Parameters

commandText
Type: System::String

The command to execute, in the native language of the data source.

parameters
Type: array<System::Object>

An array of parameters to pass to the command.

Return Value

Type: System.Data.Objects::ObjectResult<TElement>
An enumeration of objects of type TResult.

The ExecuteStoreQuery method uses the existing connection to execute an arbitrary command directly against the data source. The store command is executed in the context of the current transaction, if such a transaction exists.

Calling the ExecuteStoreQuery method is equivalent to calling the ExecuteReader method of the DbCommand class, only ExecuteStoreQuery returns entities and the ExecuteReader returns property values in the DbDataReader.

Call the ExecuteStoreQuery with the specified entity set name, if you want for the results to be tracked.

Call the Translate method to translate a DbDataReader into entity objects when the reader contains data rows that map to the specified entity type.

Using parameterized commands helps guard against SQL injection attacks, in which an attacker "injects" a command into a SQL statement that compromises security on the server. Parameterized commands guard against a SQL injection attack by guaranteeing that values received from an external source are passed as values only, and not part of the SQL statement. As a result, SQL commands inserted into a value are not executed at the data source. Rather, they are evaluated only as a parameter value. In addition to the security benefits, parameterized commands provide a convenient method for organizing values passed with a SQL statement or to a stored procedure.

The parameters value can be an array of DbParameter objects or an array of parameter values. If only values are supplied, an array of DbParameter objects are created based on the order of the values in the array.

For more information, see:

Executing Store Commands and

How to: Directly Execute Arbitrary Command Against the Store

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4

.NET Framework Client Profile

Supported in: 4

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft