Home/ Questions/Q 607413
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T17:21:27+00:00

I’d like to insert a sql script into a table. I’m pretty sure this

  • 0

I’d like to insert a sql script into a table. I’m pretty sure this is more complicated than just wrapping the script in quotes and throwing it in an insert statement (scripts with quotes and more complicated escaping seem problematic for example)

So, how can I safely store arbitrary tsql in a SqlServer table?

I can use either sql or c# to encode the script if needed.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use a parametrized query:

    C#

    var cmd = new SqlCommand(...);
cmd.CommandText = "INSERT INTO [Bla] ([SQL Column]) VALUES (@MyValue)";
cmd.Parameters.AddWithValue("MyValue", yourValueHere);

    This will take care of all of the quoting and etc.

    If you want to use a stored procedure, you would end up executing it in a similar way:

    var cmd = new SqlCommand(...);
cmd.CommandText = "StoreSQL";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("MyValue", yourValueHere);
    • 0