What does the symbol do in SQL

Question

I was browsing through the questions and noticed this   SELECT prodid  issue FROM Sales  WHERE custid    custid  AND datesold   SELECT MAX datesold                FROM Sales s               WHERE s prodid   Sales prodid                   AND s issue   Sales issue                   AND s custid    custid   I was wondering what the     does in front of custID   Is it just a way of referencing the custID from the table being selected

User · Answer

followed by a number is the parameters in the order they re listed in a function

User · Answer

The  CustID means it s a parameter that you will supply a value for later in your code   This is the best way of protecting against SQL injection   Create your query using parameters  rather than concatenating strings and variables   The database engine puts the parameter value into where the placeholder is  and there is zero chance for SQL injection

User · Answer

is used as a prefix denoting stored procedure and function parameter names  and also variable names

User · Answer

What you are talking about is the way a parameterized query is written      just signifies that it is a parameter  You can add the value for that parameter during execution process  eg  sqlcommand cmd   new sqlcommand query connection   cmd parameters add   custid   1    sqldatareader dr   cmd executequery

User · Answer

You may be used to MySQL s syntax  Microsoft SQL   is the same as the MySQL s

User · Answer

What you are talking about is the way a parameterized query is written      just signifies that it is a parameter  You can add the value for that parameter during execution process  eg  sqlcommand cmd   new sqlcommand query connection   cmd parameters add   custid   1    sqldatareader dr   cmd executequery

User · Answer

is used as a prefix denoting stored procedure and function parameter names  and also variable names

User · Answer

You may be used to MySQL s syntax  Microsoft SQL   is the same as the MySQL s

User · Answer

Its a parameter the you need to define   to prevent SQL Injection you should pass all your variables in as parameters

User · Answer

is used as a prefix denoting stored procedure and function parameter names  and also variable names

User · Answer

The  CustID means it s a parameter that you will supply a value for later in your code   This is the best way of protecting against SQL injection   Create your query using parameters  rather than concatenating strings and variables   The database engine puts the parameter value into where the placeholder is  and there is zero chance for SQL injection

User · Answer

followed by a number is the parameters in the order they re listed in a function

User · Answer

What you are talking about is the way a parameterized query is written      just signifies that it is a parameter  You can add the value for that parameter during execution process  eg  sqlcommand cmd   new sqlcommand query connection   cmd parameters add   custid   1    sqldatareader dr   cmd executequery

User · Answer

publish data where stoloc    AB143      select prtnum where stoloc    stoloc    This is how the   works

User · Answer

The  CustID means it s a parameter that you will supply a value for later in your code   This is the best way of protecting against SQL injection   Create your query using parameters  rather than concatenating strings and variables   The database engine puts the parameter value into where the placeholder is  and there is zero chance for SQL injection

User · Answer

You may be used to MySQL s syntax  Microsoft SQL   is the same as the MySQL s

User · Answer

Its a parameter the you need to define   to prevent SQL Injection you should pass all your variables in as parameters

User · Answer

What you are talking about is the way a parameterized query is written      just signifies that it is a parameter  You can add the value for that parameter during execution process  eg  sqlcommand cmd   new sqlcommand query connection   cmd parameters add   custid   1    sqldatareader dr   cmd executequery

User · Answer

Its a parameter the you need to define   to prevent SQL Injection you should pass all your variables in as parameters

User · Answer

publish data where stoloc    AB143      select prtnum where stoloc    stoloc    This is how the   works

User · Answer

Its a parameter the you need to define   to prevent SQL Injection you should pass all your variables in as parameters

User · Answer

The  CustID means it s a parameter that you will supply a value for later in your code   This is the best way of protecting against SQL injection   Create your query using parameters  rather than concatenating strings and variables   The database engine puts the parameter value into where the placeholder is  and there is zero chance for SQL injection

User · Answer

is used as a prefix denoting stored procedure and function parameter names  and also variable names

User · Answer

You may be used to MySQL s syntax  Microsoft SQL   is the same as the MySQL s

[sql] What does the "@" symbol do in SQL?

Examples related to sql