1 out of 8 rated this helpful - Rate this topic

SqlDataSource.SelectCommand Property

.NET Framework 3.0

Gets or sets the SQL string that the SqlDataSource control uses to retrieve data from the underlying database.

Namespace: System.Web.UI.WebControls
Assembly: System.Web (in system.web.dll)

public:
property String^ SelectCommand {
	String^ get ();
	void set (String^ value);
}

/** @property */
public String get_SelectCommand ()

/** @property */
public void set_SelectCommand (String value)

JScript

public function get SelectCommand () : String

public function set SelectCommand (value : String)

XAML

Not applicable.

Property Value

An SQL string that the SqlDataSource uses to retrieve data.

Remarks

Because different database products use different varieties of SQL, the syntax of the SQL string depends on the current ADO.NET provider being used, which is identified by the ProviderName property. If the SQL string is a parameterized query or command, the placeholder of the parameter also depends on the ADO.NET provider being used. For example, if the provider is the System.Data.SqlClient, which is the default provider for the SqlDataSource class, the placeholder of the parameter is '@parameterName'. However, if the provider is set to the System.Data.Odbc or System.Data.OleDb, the placeholder of the parameter is '?'. For more information on parameterized SQL queries and commands, see Parameters with the SqlDataSource and AccessDataSource Controls.

The SelectCommand property can be an SQL string or the name of a stored procedure, if the data source supports stored procedures.

The SelectCommand property delegates to the SelectCommand property of the SqlDataSourceView object that is associated with the SqlDataSource control.

Security Note:
For security purposes, the SelectCommand property is not stored is view state. Because it is possible to decode the contents of view state on the client, storing sensitive information about the database structure in view state could result in an information disclosure vulnerability.

Security Note:
Values are inserted into parameters without validation, which is a potential security threat. Use the Filtering event to validate parameter values before executing the query. For more information, see Script Exploits Overview (Visual Studio).

Topic	Location
How to: Connect to an ODBC Database Using the SqlDataSource Control	Building ASP .NET Web Applications
How to: Connect to an ODBC Database Using the SqlDataSource Control	Building ASP .NET Web Applications
How to: Connect to an ODBC Database Using the SqlDataSource Control (Visual Studio)	Building ASP .NET Web Applications in Visual Studio

Example

This section contains two code examples. The first code example demonstrates how to set the SelectCommand text to a basic SQL query to retrieve data from an ODBC-compliant database and display it in a GridView control. The second code example demonstrates how to set the SelectCommand text to the name of a stored procedure and the SelectCommandType property to the StoredProcedure value to retrieve data from a Microsoft SQL Server database and display it in a DropDownList control.

The following code example demonstrates how to set the SelectCommand text to a basic SQL query to retrieve data from an ODBC-compliant database and display it in a GridView control.

C++

No code example is currently available or this language may not be supported.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
  <head runat="server">
    <title>ASP.NET Example</title>
</head>
<body>
    <!-- This example uses a Northwind database that is hosted by an ODBC-compliant
         database. To run this sample, create an ODBC DSN to any database that hosts
         the Northwind database, including Microsoft SQL Server or Microsoft Access,
         change the name of the DSN in the ConnectionString, and view the page.
    -->

    <form id="form1" runat="server">

      <asp:SqlDataSource
          id="SqlDataSource1"
          runat="server"
          ProviderName="System.Data.Odbc"
          DataSourceMode="DataSet"
          ConnectionString="dsn=myodbc3dsn;"
          SelectCommand="SELECT FirstName, LastName, Title FROM Employees">
      </asp:SqlDataSource>

      <asp:GridView
          id="GridView1"
          runat="server"
          AllowSorting="True"
          DataSourceID="SqlDataSource1">
      </asp:GridView>

    </form>
  </body>
</html>

The following code example demonstrates how to set the SelectCommand text to the name of a stored procedure and the SelectCommandType property to the StoredProcedure value to retrieve data from a SQL Server database and display it in a DropDownList control. The SelectCommand property can be an SQL query or the name of a stored procedure, if the data source supports stored procedures.

C++

No code example is currently available or this language may not be supported.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
    <head runat="server">
    <title>ASP.NET Example</title>
</head>
<body>
        <form id="form1" runat="server">

            <asp:DropDownList
                id="DropDownList1"
                runat="server"
                DataTextField="LastName"
                DataSourceID="SqlDataSource1" />

            <asp:SqlDataSource
                id="SqlDataSource1"
                runat="server"
                ConnectionString="Data Source=localhost;Integrated Security=SSPI;Initial Catalog=Northwind;"
                SelectCommand="sp_lastnames">
            </asp:SqlDataSource>

            <!--
                The sp_lastnames stored procedure is
                CREATE PROCEDURE sp_lastnames AS
                   SELECT LastName FROM Employees
                GO
            -->

        </form>
    </body>
</html>

Platforms

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

Version Information

.NET Framework

Supported in: 3.0, 2.0

Reference

SqlDataSource Class
SqlDataSource Members
System.Web.UI.WebControls Namespace
SelectParameters
Select

Other Resources

ASP.NET Data Access Overview
Data Source Web Server Controls
Parameters with the SqlDataSource and AccessDataSource Controls
SqlDataSource Web Server Control Overview
Introduction to the ASP.NET Page Life Cycle

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Additions

ADD