Quote:
Thanks But i want to use Range for Sqlparameter of our code protect from SQL injection.
You don't need the
.Size
-property of
SqlParameter
for protection against SQL-injection. Using SQL-parameters will prevent SQL-injection with or without a specified size of the value.
But there's another reason you might want to set the
.Size
,
.Precision
, and
.Scale
-properties (where applicable to the data type) and that's because it improves query execution performance. Please refer to this MSDN blog:
How Data Access Code Affects Database Performance[
^]