RelationalDatabaseFacadeExtensions.ExecuteSqlCommandAsync Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| ExecuteSqlCommandAsync(DatabaseFacade, String, CancellationToken, Object[]) | |
| ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, IEnumerable<Object>, CancellationToken) |
Obsolete.
Executes the given SQL against the database and returns the number of rows affected. Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction). Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent. As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters. |
| ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, CancellationToken) |
Obsolete.
Executes the given SQL against the database and returns the number of rows affected. Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction). Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection
attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional
arguments. Any parameter values you supply will automatically be converted to a DbParameter -
|
| ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, Object[]) |
Obsolete.
Executes the given SQL against the database and returns the number of rows affected. Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction). Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection
attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional
arguments. Any parameter values you supply will automatically be converted to a DbParameter -
|
| ExecuteSqlCommandAsync(DatabaseFacade, FormattableString, CancellationToken) |
Obsolete.
Executes the given SQL against the database and returns the number of rows affected. Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction). Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection
attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional
arguments. Any parameter values you supply will automatically be converted to a DbParameter -
|
ExecuteSqlCommandAsync(DatabaseFacade, String, CancellationToken, Object[])
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, string sql, System.Threading.CancellationToken cancellationToken = default, params object[] parameters);static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * string * System.Threading.CancellationToken * obj[] -> System.Threading.Tasks.Task<int><Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As String, Optional cancellationToken As CancellationToken = Nothing, ParamArray parameters As Object()) As Task(Of Integer)Parameters
- databaseFacade
- DatabaseFacade
- sql
- String
- cancellationToken
- CancellationToken
- parameters
- Object[]
Returns
Applies to
ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, IEnumerable<Object>, CancellationToken)
Caution
For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.
Executes the given SQL against the database and returns the number of rows affected.
Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).
Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters.
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Collections.Generic.IEnumerable<object> parameters, System.Threading.CancellationToken cancellationToken = default);[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Collections.Generic.IEnumerable<object> parameters, System.Threading.CancellationToken cancellationToken = default);static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * seq<obj> * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * seq<obj> * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int><Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As RawSqlString, parameters As IEnumerable(Of Object), Optional cancellationToken As CancellationToken = Nothing) As Task(Of Integer)Parameters
- databaseFacade
- DatabaseFacade
The DatabaseFacade for the context.
- sql
- RawSqlString
The SQL to execute.
- parameters
- IEnumerable<Object>
Parameters to use with the SQL.
- cancellationToken
- CancellationToken
A CancellationToken to observe while waiting for the task to complete.
Returns
A task that represents the asynchronous operation. The task result is the number of rows affected.
- Attributes
Applies to
ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, CancellationToken)
Caution
For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.
Executes the given SQL against the database and returns the number of rows affected.
Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).
Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection
attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional
arguments. Any parameter values you supply will automatically be converted to a DbParameter -
context.Database.ExecuteSqlCommandAsync("SELECT * FROM [dbo].[SearchBlogs]({0})", userSuppliedSearchTerm).
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Threading.CancellationToken cancellationToken = default);[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Threading.CancellationToken cancellationToken = default);static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int><Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As RawSqlString, Optional cancellationToken As CancellationToken = Nothing) As Task(Of Integer)Parameters
- databaseFacade
- DatabaseFacade
The DatabaseFacade for the context.
- sql
- RawSqlString
The SQL to execute.
- cancellationToken
- CancellationToken
A CancellationToken to observe while waiting for the task to complete.
Returns
A task that represents the asynchronous operation. The task result is the number of rows affected.
- Attributes
Applies to
ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, Object[])
Caution
For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.
Executes the given SQL against the database and returns the number of rows affected.
Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).
Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection
attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional
arguments. Any parameter values you supply will automatically be converted to a DbParameter -
context.Database.ExecuteSqlCommandAsync("SELECT * FROM [dbo].[SearchBlogs]({0})", userSuppliedSearchTerm).
You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters.
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, params object[] parameters);[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, params object[] parameters);static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * obj[] -> System.Threading.Tasks.Task<int>[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * obj[] -> System.Threading.Tasks.Task<int><Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As RawSqlString, ParamArray parameters As Object()) As Task(Of Integer)Parameters
- databaseFacade
- DatabaseFacade
The DatabaseFacade for the context.
- sql
- RawSqlString
The SQL to execute.
- parameters
- Object[]
Parameters to use with the SQL.
Returns
A task that represents the asynchronous operation. The task result is the number of rows affected.
- Attributes
Applies to
ExecuteSqlCommandAsync(DatabaseFacade, FormattableString, CancellationToken)
Caution
For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.
Executes the given SQL against the database and returns the number of rows affected.
Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).
Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.
As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection
attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional
arguments. Any parameter values you supply will automatically be converted to a DbParameter -
context.Database.ExecuteSqlCommandAsync($"SELECT * FROM [dbo].[SearchBlogs]({userSuppliedSearchTerm})").
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, FormattableString sql, System.Threading.CancellationToken cancellationToken = default);[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, FormattableString sql, System.Threading.CancellationToken cancellationToken = default);static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * FormattableString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * FormattableString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int><Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As FormattableString, Optional cancellationToken As CancellationToken = Nothing) As Task(Of Integer)Parameters
- databaseFacade
- DatabaseFacade
The DatabaseFacade for the context.
The interpolated string representing a SQL query with parameters.
- cancellationToken
- CancellationToken
A CancellationToken to observe while waiting for the task to complete.
Returns
A task that represents the asynchronous operation. The task result is the number of rows affected.
- Attributes
Applies to
Entity Framework