Share via


RelationalDatabaseFacadeExtensions.ExecuteSqlCommandAsync Method

Definition

Overloads

ExecuteSqlCommandAsync(DatabaseFacade, String, CancellationToken, Object[])
ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, IEnumerable<Object>, CancellationToken)
Obsolete.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters.

ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, CancellationToken)
Obsolete.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter - context.Database.ExecuteSqlCommandAsync("SELECT * FROM [dbo].[SearchBlogs]({0})", userSuppliedSearchTerm).

ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, Object[])
Obsolete.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter - context.Database.ExecuteSqlCommandAsync("SELECT * FROM [dbo].[SearchBlogs]({0})", userSuppliedSearchTerm). You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters.

ExecuteSqlCommandAsync(DatabaseFacade, FormattableString, CancellationToken)
Obsolete.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter - context.Database.ExecuteSqlCommandAsync($"SELECT * FROM [dbo].[SearchBlogs]({userSuppliedSearchTerm})").

ExecuteSqlCommandAsync(DatabaseFacade, String, CancellationToken, Object[])

public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, string sql, System.Threading.CancellationToken cancellationToken = default, params object[] parameters);
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * string * System.Threading.CancellationToken * obj[] -> System.Threading.Tasks.Task<int>
<Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As String, Optional cancellationToken As CancellationToken = Nothing, ParamArray parameters As Object()) As Task(Of Integer)

Parameters

databaseFacade
DatabaseFacade
sql
String
cancellationToken
CancellationToken
parameters
Object[]

Returns

Applies to

ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, IEnumerable<Object>, CancellationToken)

Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs

Caution

For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter. You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters.

public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Collections.Generic.IEnumerable<object> parameters, System.Threading.CancellationToken cancellationToken = default);
[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Collections.Generic.IEnumerable<object> parameters, System.Threading.CancellationToken cancellationToken = default);
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * seq<obj> * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>
[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * seq<obj> * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>
<Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As RawSqlString, parameters As IEnumerable(Of Object), Optional cancellationToken As CancellationToken = Nothing) As Task(Of Integer)

Parameters

databaseFacade
DatabaseFacade

The DatabaseFacade for the context.

sql
RawSqlString

The SQL to execute.

parameters
IEnumerable<Object>

Parameters to use with the SQL.

cancellationToken
CancellationToken

A CancellationToken to observe while waiting for the task to complete.

Returns

A task that represents the asynchronous operation. The task result is the number of rows affected.

Attributes

Applies to

ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, CancellationToken)

Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs

Caution

For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter - context.Database.ExecuteSqlCommandAsync("SELECT * FROM [dbo].[SearchBlogs]({0})", userSuppliedSearchTerm).

public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Threading.CancellationToken cancellationToken = default);
[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, System.Threading.CancellationToken cancellationToken = default);
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>
[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>
<Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As RawSqlString, Optional cancellationToken As CancellationToken = Nothing) As Task(Of Integer)

Parameters

databaseFacade
DatabaseFacade

The DatabaseFacade for the context.

sql
RawSqlString

The SQL to execute.

cancellationToken
CancellationToken

A CancellationToken to observe while waiting for the task to complete.

Returns

A task that represents the asynchronous operation. The task result is the number of rows affected.

Attributes

Applies to

ExecuteSqlCommandAsync(DatabaseFacade, RawSqlString, Object[])

Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs

Caution

For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter - context.Database.ExecuteSqlCommandAsync("SELECT * FROM [dbo].[SearchBlogs]({0})", userSuppliedSearchTerm). You can also consider using ExecuteSqlInterpolated to use interpolated string syntax to create parameters.

public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, params object[] parameters);
[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, Microsoft.EntityFrameworkCore.RawSqlString sql, params object[] parameters);
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * obj[] -> System.Threading.Tasks.Task<int>
[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * Microsoft.EntityFrameworkCore.RawSqlString * obj[] -> System.Threading.Tasks.Task<int>
<Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As RawSqlString, ParamArray parameters As Object()) As Task(Of Integer)

Parameters

databaseFacade
DatabaseFacade

The DatabaseFacade for the context.

sql
RawSqlString

The SQL to execute.

parameters
Object[]

Parameters to use with the SQL.

Returns

A task that represents the asynchronous operation. The task result is the number of rows affected.

Attributes

Applies to

ExecuteSqlCommandAsync(DatabaseFacade, FormattableString, CancellationToken)

Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs
Source:
RelationalDatabaseFacadeExtensions.cs

Caution

For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.

Executes the given SQL against the database and returns the number of rows affected.

Note that this method does not start a transaction. To use this method with a transaction, first call BeginTransaction(DatabaseFacade, IsolationLevel) or UseTransaction(DatabaseFacade, DbTransaction).

Note that the current ExecutionStrategy is not used by this method since the SQL may not be idempotent and does not run in a transaction. An ExecutionStrategy can be used explicitly, making sure to also use a transaction if the SQL is not idempotent.

As with any API that accepts SQL it is important to parameterize any user input to protect against a SQL injection attack. You can include parameter place holders in the SQL query string and then supply parameter values as additional arguments. Any parameter values you supply will automatically be converted to a DbParameter - context.Database.ExecuteSqlCommandAsync($"SELECT * FROM [dbo].[SearchBlogs]({userSuppliedSearchTerm})").

public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, FormattableString sql, System.Threading.CancellationToken cancellationToken = default);
[System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")]
public static System.Threading.Tasks.Task<int> ExecuteSqlCommandAsync (this Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade databaseFacade, FormattableString sql, System.Threading.CancellationToken cancellationToken = default);
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * FormattableString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>
[<System.Obsolete("For the async execution of SQL queries using plain strings, use ExecuteSqlRawAsync instead. For the async execution of SQL queries using interpolated string syntax to create parameters, use ExecuteSqlInterpolatedAsync instead.")>]
static member ExecuteSqlCommandAsync : Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade * FormattableString * System.Threading.CancellationToken -> System.Threading.Tasks.Task<int>
<Extension()>
Public Function ExecuteSqlCommandAsync (databaseFacade As DatabaseFacade, sql As FormattableString, Optional cancellationToken As CancellationToken = Nothing) As Task(Of Integer)

Parameters

databaseFacade
DatabaseFacade

The DatabaseFacade for the context.

sql
FormattableString

The interpolated string representing a SQL query with parameters.

cancellationToken
CancellationToken

A CancellationToken to observe while waiting for the task to complete.

Returns

A task that represents the asynchronous operation. The task result is the number of rows affected.

Attributes

Applies to