If the type is incompatible with the column type in the DB, the query will fail. It will not let you insert strings into NUMBER columns or anything like that.
I still recommend doing the strongly-typed version of adding parameters. It makes error messages much more clear and makes your code more reliable.
Adding parameters seems like a lot more work at first compared to building SQL strings. However, that's because you're forced to do things like check for null and data types which you really should have been doing with SQL strings anyhow.
Of course, eventually you'll get sick of it all and start using an O/R mapper. But that's later.
rponton
Participant
1460 Points
292 Posts
Re: An Easy Way to Implement SQL Parameters
Jun 20, 2005 09:25 PM|LINK
I still recommend doing the strongly-typed version of adding parameters. It makes error messages much more clear and makes your code more reliable.
Adding parameters seems like a lot more work at first compared to building SQL strings. However, that's because you're forced to do things like check for null and data types which you really should have been doing with SQL strings anyhow.
Of course, eventually you'll get sick of it all and start using an O/R mapper. But that's later.