What is parameterized query?

Question

1 Answer

Related questions

0 votes

1 answer

Is it safe to not parameterize an SQL query when the parameter is not a string?

asked Jul 22, 2019 in SQL by Tech4ever (20.3k points)

+1 vote

1 answer

How to insert multiple rows from a single query using eloquent/fluent

asked Jul 25, 2019 in SQL by Tech4ever (20.3k points)

0 votes

1 answer

Increment value in mysql update query

asked Jul 18, 2019 in SQL by Tech4ever (20.3k points)

0 votes

1 answer

MySQL query String contains

asked Jul 5, 2019 in SQL by Tech4ever (20.3k points)

0 votes

1 answer

SQL injection that gets around mysql_real_escape_string()

asked Dec 31, 2020 in SQL by Appu (6.1k points)

Mano · Answer 1 · 2020-12-04T17:26:26+0000

A parameterized query is a type of query in which the placeholders are used for the parameters and the parameter values are supplied at the execution time.

Why we use the Parameterized Query

The most important reason to use the parameterized query is to avoid all the SQL injection attacks.
Secondly, the parameterized query takes care of the scenario where sql query might fail for e.g. inserting of O'Baily in a field. Parameterized query handles such type of queries without forcing you to replace single quotes with double single quotes.

If you want to learn more about SQL, Check out this SQL training and certification program by Intellipaat.

What is parameterized query?

1 Answer

Related questions

Browse Categories