Share via


Database.ExecuteSqlCommandAsync Method

Definition

Overloads

ExecuteSqlCommandAsync(TransactionalBehavior, String, CancellationToken, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

ExecuteSqlCommandAsync(String, CancellationToken, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

ExecuteSqlCommandAsync(String, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

ExecuteSqlCommandAsync(TransactionalBehavior, String, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

ExecuteSqlCommandAsync(TransactionalBehavior, String, CancellationToken, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

public System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (System.Data.Entity.TransactionalBehavior transactionalBehavior, string sql, System.Threading.CancellationToken cancellationToken, params object[] parameters);
member this.ExecuteSqlCommandAsync : System.Data.Entity.TransactionalBehavior * string * System.Threading.CancellationToken * obj[] -> System.Threading.Tasks.Task<int>

Parameters

transactionalBehavior
TransactionalBehavior

Controls the creation of a transaction for this command.

sql
String

The command string.

cancellationToken
CancellationToken

A CancellationToken to observe while waiting for the task to complete.

parameters
Object[]

The parameters to apply to the command string.

Returns

A task that represents the asynchronous operation. The task result contains the result returned by the database after executing the command.

Remarks

Multiple active operations on the same context instance are not supported. Use 'await' to ensure that any asynchronous operations have completed before calling another method on this context.

Applies to

ExecuteSqlCommandAsync(String, CancellationToken, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

public System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (string sql, System.Threading.CancellationToken cancellationToken, params object[] parameters);
member this.ExecuteSqlCommandAsync : string * System.Threading.CancellationToken * obj[] -> System.Threading.Tasks.Task<int>

Parameters

sql
String

The command string.

cancellationToken
CancellationToken

A CancellationToken to observe while waiting for the task to complete.

parameters
Object[]

The parameters to apply to the command string.

Returns

A task that represents the asynchronous operation. The task result contains the result returned by the database after executing the command.

Remarks

Multiple active operations on the same context instance are not supported. Use 'await' to ensure that any asynchronous operations have completed before calling another method on this context.

If there isn't an existing local transaction a new transaction will be used to execute the command.

Applies to

ExecuteSqlCommandAsync(String, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

public System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (string sql, params object[] parameters);
member this.ExecuteSqlCommandAsync : string * obj[] -> System.Threading.Tasks.Task<int>
Public Function ExecuteSqlCommandAsync (sql As String, ParamArray parameters As Object()) As Task(Of Integer)

Parameters

sql
String

The command string.

parameters
Object[]

The parameters to apply to the command string.

Returns

A task that represents the asynchronous operation. The task result contains the result returned by the database after executing the command.

Remarks

Multiple active operations on the same context instance are not supported. Use 'await' to ensure that any asynchronous operations have completed before calling another method on this context.

If there isn't an existing local transaction a new transaction will be used to execute the command.

Applies to

ExecuteSqlCommandAsync(TransactionalBehavior, String, Object[])

Asynchronously executes the given DDL/DML command against the database.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @p0", userSuppliedAuthor); Alternatively, you can also construct a DbParameter and supply it to SqlQuery. This allows you to use named parameters in the SQL query string. context.Database.ExecuteSqlCommandAsync("UPDATE dbo.Posts SET Rating = 5 WHERE Author = @author", new SqlParameter("@author", userSuppliedAuthor));

public System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (System.Data.Entity.TransactionalBehavior transactionalBehavior, string sql, params object[] parameters);
member this.ExecuteSqlCommandAsync : System.Data.Entity.TransactionalBehavior * string * obj[] -> System.Threading.Tasks.Task<int>

Parameters

transactionalBehavior
TransactionalBehavior

Controls the creation of a transaction for this command.

sql
String

The command string.

parameters
Object[]

The parameters to apply to the command string.

Returns

A task that represents the asynchronous operation. The task result contains the result returned by the database after executing the command.

Remarks

Multiple active operations on the same context instance are not supported. Use 'await' to ensure that any asynchronous operations have completed before calling another method on this context.

Applies to