From 2209feeb0991c5e4c6b41ce2de94102837403449 Mon Sep 17 00:00:00 2001 From: Shay Rojansky Date: Wed, 21 Sep 2022 18:59:29 +0200 Subject: [PATCH] Fixup to SQL query doc changes (#4051) --- entity-framework/core/querying/single-split-queries.md | 2 +- entity-framework/core/querying/sql-queries.md | 10 +++++----- samples/core/Querying/SqlQueries/Program.cs | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/entity-framework/core/querying/single-split-queries.md b/entity-framework/core/querying/single-split-queries.md index 174592cafb..daf657fab9 100644 --- a/entity-framework/core/querying/single-split-queries.md +++ b/entity-framework/core/querying/single-split-queries.md @@ -14,7 +14,7 @@ In relational databases, all related entities are loaded by introducing JOINs in ```sql SELECT [b].[BlogId], [b].[OwnerId], [b].[Rating], [b].[Url], [p].[PostId], [p].[AuthorId], [p].[BlogId], [p].[Content], [p].[Rating], [p].[Title] FROM [Blogs] AS [b] -LEFT JOIN [Post] AS [p] ON [b].[BlogId] = [p].[BlogId] +LEFT JOIN [Posts] AS [p] ON [b].[BlogId] = [p].[BlogId] ORDER BY [b].[BlogId], [p].[PostId] ``` diff --git a/entity-framework/core/querying/sql-queries.md b/entity-framework/core/querying/sql-queries.md index 06d52ed781..1e68d96593 100644 --- a/entity-framework/core/querying/sql-queries.md +++ b/entity-framework/core/querying/sql-queries.md @@ -78,9 +78,9 @@ If you've decided you do want to dynamically construct your SQL, you'll have to [!code-csharp[Main](../../../samples/core/Querying/SqlQueries/Program.cs#FromSqlRawStoredProcedureParameter)] -In the above code, the column name is inserted directly into the SQL, using C# string interpolation. It is your responsibility to make sure the value is safe, sanitizing it if it comes from an unsafe origin; this means detecting special characters such as semicolons, comments, and other SQL constructs, and either escaping them properly or rejecting such inputs. +In the above code, the column name is inserted directly into the SQL, using C# string interpolation. It is your responsibility to make sure this string value is safe, sanitizing it if it comes from an unsafe origin; this means detecting special characters such as semicolons, comments, and other SQL constructs, and either escaping them properly or rejecting such inputs. -On the other hand, the property value is sent via a `DbParameter`, and is therefore safe in the face of SQL injection. +On the other hand, the column value is sent via a `DbParameter`, and is therefore safe in the face of SQL injection. > [!WARNING] > @@ -125,12 +125,12 @@ The following example uses a SQL query that selects from a Table-Valued Function [!code-csharp[Main](../../../samples/core/Querying/SqlQueries/Program.cs#FromSqlAsNoTracking)] -## Querying primitive (non-entity) types +## Querying scalar (non-entity) types > [!NOTE] > This feature was introduced in EF Core 7.0. -While is useful for querying entities defined in your model, allows you to easily query for simple, non-entity types via SQL, without needing to drop down to lower-level data access APIs. For example, the following query fetches all the IDs from the `Blogs` table: +While is useful for querying entities defined in your model, allows you to easily query for scalar, non-entity types via SQL, without needing to drop down to lower-level data access APIs. For example, the following query fetches all the IDs from the `Blogs` table: [!code-csharp[Main](../../../samples/core/Querying/SqlQueries/Program.cs#SqlQuery)] @@ -138,7 +138,7 @@ You can also compose LINQ operators over your SQL query. However, since your SQL [!code-csharp[Main](../../../samples/core/Querying/SqlQueries/Program.cs#SqlQueryComposed)] - can be used with any primitive type supported by your database provider. If you'd like to use a type not supported by your database provider, you can use [pre-convention configuration](xref:core/modeling/bulk-configuration#pre-convention-configuration) to define a value conversion for it. + can be used with any scalar type supported by your database provider. If you'd like to use a type not supported by your database provider, you can use [pre-convention configuration](xref:core/modeling/bulk-configuration#pre-convention-configuration) to define a value conversion for it. allows for dynamic construction of SQL queries, just like does for entity types. diff --git a/samples/core/Querying/SqlQueries/Program.cs b/samples/core/Querying/SqlQueries/Program.cs index de79fc3dde..de8a52b64d 100644 --- a/samples/core/Querying/SqlQueries/Program.cs +++ b/samples/core/Querying/SqlQueries/Program.cs @@ -100,11 +100,11 @@ from [Post] as [p] using (var context = new BloggingContext()) { #region FromSqlRawStoredProcedureParameter - var propertyName = "User"; - var propertyValue = new SqlParameter("propertyValue", "johndoe"); + var columnName = "Name"; + var columnValue = new SqlParameter("propertyValue", "johndoe"); var blogs = context.Blogs - .FromSqlRaw("SELECT * FROM [Blogs] WHERE {propertyValue} = {propertyValue}", propertyName, propertyValue) + .FromSqlRaw($"SELECT * FROM [Blogs] WHERE {columnName} = @columnValue", columnValue) .ToList(); #endregion }