Using the OracleCommand Object

(Page 1 of 4 )

In this article, you will learn how to use the OracleCommand object to execute SQL statements and stored procedures on an Oracle 9i database. It is excerpted from chapter 9 of ADO.NET: The Complete Reference, written by Michael Otey and Denielle Otey (McGraw-Hill/Osborne, 2004; ISBN: 0072228989).

In the previous chapter, you saw how to use the SqlCommand object to execute SQL statements and stored procedures on a SQL Server database. This chapter picks up where Chapter 8 leaves off, and here you see how to use the OracleCommand object to execute SQL statements and stored procedures on an Oracle 9i database. In the first part of this chapter, you learn how to use the visual OracleCommand object to execute simple SQL DDL action queries on the target database. Next, the chapter provides an example that illustrates how to execute an Oracle stored procedure with named parameters. In the final example, you see how to use the OracleCommand object to execute transactions.

--------------------------------------------------------------------

Executing SQL Statements and Stored Procedures Using the OracleCommand Object

The OracleCommand object is used to execute SQL action queries, stored procedures, and packages on an Oracle 8i or later database. Two of the most essential database application actions, executing dynamic SQL statements and stored procedures, are the basis for most production ADO.NET applications. Dynamic SQL statements are parsed by the database server and executed when they are sent to the database server from the client application. In contrast, stored procedures are typically created in advance by the DBA and then called by the database applications. Stored procedures offer both a performance and security advantage over dynamic SQL. Packages and stored procedures enjoy a performance advantage because the jobs of parsing the SQL statements and creating the data access plan are enacted when the procedure is first created—not at runtime. They gain a security advantage because they allow the developer to funnel database access through a predefined interface supplied by the procedure rather than permitting access to the base tables. This helps to prevent hackers from using techniques such as SQL injection to gain knowledge about the underlying database structure and contents. The first example in this chapter illustrates how to use the OracleCommand object to execute a SQL DDL statement that creates a stored procedure. The next example illustrates how to call that stored procedure.

Next: Using the Visual Studio OracleCommand Object >>
 

More Database Articles
More By McGraw-Hill/Osborne

Comments On: Using the OracleCommand Object

· ' Create a suitable connection object for a given connection string. Function...   >>> Post your comment now!

Buy this book...

This article is taken from chapter 9 of ADO.NET: The Complete Reference, written by Michael Otey and Denielle Otey (McGraw-Hill/Osborne, 2004; ISBN: 0072228989). Check it out at your favorite bookstore. Buy this book now.