This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Entity Framework and Connection Pooling
Does EF1 support Connection Pooling? If yes, what we need to do to manage it?
I don't think you need to do anything except to make sure your connection string throughout the application stays the same. .NET will take care of the rest herself.
Connection pooling is supported by EF and it is default. If you want to change it you can alter Pooling parameter in the connection string true or false.
Assuming SQL Server, somewhere underneath the EF code, a SqlConnection is created using a connection string. A pool of connections will be created per connection string.
It should simply work, without any code / config on your side
Related
This question already has answers here:
Does LINQ's ExecuteCommand provide protection from SQL injection attacks?
(2 answers)
Closed 3 years ago.
I'm writing some CRUD functions for media associated with certain products. To delete many records, I've been told to write the query as follows:
dataContext.ExecuteCommand("DELETE FROM ProductMedia WHERE ProductId = {0}", productId);
He says this is safe from SQL injection because it's 'parameterized'. I don't agree, but I also don't know a better way.
How do you protect from SQL injection when writing commands in this way?
He says this is safe from SQL injection because it's 'parameterized'.
As per the docs, the code in your question is perfectly valid and will be parameterised correctly:
The syntax for the command is almost the same as the syntax used to
create an ADO.NET DataCommand. The only difference is in how the
parameters are specified. Specifically, you specify parameters by
enclosing them in braces ({…}) and enumerate them starting from 0. The
parameter is associated with the equally numbered object in the
parameters array.
It is essentially a wrapper - and it takes care of creating the necessary SqlParameter objects and assigning values to them. Other ORMs (like PetaPoco) have similar mechanisms.
Generally, the thing you want to avoid is string concatenation (or something that is effectively concatenation - like string.Format) - which this solution does not use. String concatenation is almost always open to SQL Injection. But, again, the code in your question is fine.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I have two questions about use sql server 2008 in c#.
questions 1 : What is the number of simultaneous query for a connection sql server 2005 in c#?
my connection string is :
Data Source = localhost;database=TaskQueue;Persist Security Info=True;integrated security=SSPI; MultipleActiveResultSets=true; Connection Timeout=0;Pooling=false;
questions 2 : what is Productive lifetime of a connection ? i want to keep open a global connection in the end off runing app and just use for this connection.
Do problems occur with this method?
What is the number of simultaneous query for a connection sql server 2005 in c#?
SQL Server 2005 Standard Edition can support a maximum of 32,767 simultaneous connections.
What is Productive lifetime of a connection ? i want to keep open a global connection in the end off runing app and just use for this connection. Do problems occur with this method?
SQL Server takes advantage of connection pooling and as such you'll generally want to keep your connections as short-lived as opposed so that they can be returned to the pool after use.
So consider wrapping your SQL calls within a using statement to ensure they are opened, executed, and properly disposed of as opposed to using a global connection that stays open:
using (var connection = new SqlConnection("your-connection-string"))
{
// Do stuff
}
Check Your Connection String
It's worth noting that your existing connection string has pooling explicitly disabled, which won't allow you to take advantage of the built-in connection pooling:
Data Source = ...; Pooling=false;
I'd highly recommend turning this back on unless you absolutely know what you are doing, as otherwise you might experience some unexpected behaviors, orphaned connections, etc.
This question already has an answer here:
SQL Server connection string
(1 answer)
Closed 6 years ago.
Apparently this connection string is incorrect?
connectionString="Server=mydb.com:1433/sqlExpress;Database=d;User Id=d;Password=pw;"
the first think that I see is that you have type wrong this part
Server=mydb.com:1433
use
Server=mydb.com,1433
the sql server use the comma to separate the port.
Also take a look at that answer: Setting up connection string in ASP.NET to SQL SERVER
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I was wondering if can I connect to sql database from another computer without installing sql server (is this possible). I am creating a c# wpf program that would get and insert data in sql database that is placed in my PC, in all computers where this program is installed using internet. Should I use in connection string my internet IP, or what, because I’m confused?
My connection string
String connString = #"Network Library=dbmssocn;
Network Address=127.0.0.1,1433;
Integrated security=SSPI;
Initial Catalog=db";
Also i forgot to say that i'm new in programing area, and i want to connect to sql database through lan connection
Assuming that your remote database (on your other computer) accepts remote connections, you can accomplish this via a traditional ADO.NET connection or you could use an ORM like Entity Framework to handle the connection.
You can see an example below that takes advantage of the SqlConnection class which does exactly what it's name implies :
using(var sqlConnection = new SqlConnection("Your Connection String"))
{
var query = "Your Query";
using(var sqlCommand = new SqlCommand(query,sqlConnection))
{
sqlConnection.Open();
// Execute your query here using sqlCommand.ExecuteNonQuery()
// or some other execution method
}
}
You would just need to ensure that your actual connection string to target your remote database is correct.
Yes, it is possible. You could use ADO.NET or Entity Framework to accomplish this goal. However, I would recommend setting up a web api on the sever you have hosting the database, which you could call to get/post data. I personally wouldn't hard code any connection strings in the program you plan to deploy to end user workstations. Just call the web api and let your web api talk to the database.
This question already has answers here:
Why does Oracle 9i treat an empty string as NULL?
(10 answers)
Closed 9 years ago.
I have successfully converted an existing app's database from SqlServer to Oracle.
Everything works fine, but empty strings.
The app normally stores empty strings into the not null nvarchar2 fields which Oracle silently converts them to null and causes the following error:
ORA-01400: cannot insert NULL
Is there any workaround for this?
Note: I'm using Oracle Managed Driver ODP.NET + NHibernate Castle Active Record
you can use nvl(column_name,'')
Good Luck