This documentation is archived and is not being maintained.

SqlDataSource.SelectParameters Property

Updated: January 2011

Gets the parameters collection that contains the parameters that are used by the SelectCommand property from the SqlDataSourceView object that is associated with the SqlDataSource control.

Namespace:  System.Web.UI.WebControls
Assembly:  System.Web (in System.Web.dll)

public ParameterCollection SelectParameters { get; }

Property Value

Type: System.Web.UI.WebControls.ParameterCollection
A ParameterCollection that contains the parameters used by the SelectCommand property.

If the SelectCommand property contains a parameterized SQL query, the SelectParameters collection contains any Parameter objects that correspond to the parameter placeholders in the SQL string.

Depending on the ADO.NET provider, the order of the parameters in the SelectParameters collection might be important. The System.Data.OleDb and System.Data.Odbc providers associate the parameters in the collection according to the order that the parameters appear in the parameterized SQL query. The System.Data.SqlClient provider, which is the default ADO.NET provider for the SqlDataSource control, associates the parameters in the collection by matching the name of the parameter with a placeholder alias in the SQL query. For more information about parameterized SQL queries and commands, see Using Parameters with the SqlDataSource Control.

The SelectParameters property retrieves the SelectParameters property that is contained by the SqlDataSourceView object that is associated with the SqlDataSource control.

Security noteSecurity Note

Values are inserted into parameters without validation, which is a potential security threat. Use the Selecting event to validate parameter values before executing the query. For more information, see Script Exploits Overview.

The following code example demonstrates how to retrieve data from the Northwind database in Microsoft SQL Server by setting the SelectCommand property to an SQL query. The SQL query is parameterized and the placeholder in the SelectCommand property is matched to the ControlParameter object that is added to the SelectParameters collection. The DropDownList control, which the ControlParameter is bound to, acts as a filter for what is displayed in the ListBox control.

For information about other types of parameters you can use, see the Parameter class overview.


Because the parameter is used in a WHERE clause, the use of the SelectParameters property in the code example is functionally equivalent to using the FilterExpression and FilterParameters properties.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
<html xmlns="" >
  <head runat="server">
    <title>ASP.NET Example</title>
    <form id="form1" runat="server">

          <asp:listitem selected="True">Sales Representative</asp:listitem>
          <asp:listitem>Sales Manager</asp:listitem>
          <asp:listitem>Vice President, Sales</asp:listitem>

          connectionstring="<%$ ConnectionStrings:MyNorthwind%>"
          selectcommand="SELECT LastName FROM Employees WHERE Title = @Title">
              <asp:controlparameter name="Title" controlid="DropDownList1" propertyname="SelectedValue"/>



.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.




January 2011

Added link to Parameter class.

Customer feedback.