WebMatrix Parametrized Query Problem...
I wonder if anybody uses WebMatrix here? If so, perhaps you have some ideas about the following...
Iíve been working for the past few days in WebMatrix 2, trying to learn the ropes as regards to ASP.NET and Razor (Iím using C# as the base language as Iím already familiar with it). I have to say Iím impressed with how easy and quick it is to code and everything was going so smoothly until I came across one irritating problem I was unable to find a solution for despite my best Googling.
It seems that when using parametrized database queries, WebMatrix doesnít like strings.
For instance, the following SQL query will fail:
Whereas dropping the string-denoting single quotes does work:
SELECT * FROM aTable WHERE ID='@0'
As yet, the only way Iíve found around this is to build the query at run time and drop in the string values I need, but of course this doesnít provide the SQL injection safety net that parametrized queries do.
SELECT * FROM aTable WHERE ID=@0
My thoughts are that WebMatrix/Razor isnít recognizing the parameter as itís enclosed in quotes, but Iím yet to find a fix for that.