I always have the assumption that writing SQL queries in the code behind is not as good as writing it with SqlDataSource
SqlDataAdapter ad = new SqlDataAdapter("SELECT * FROM Categories", myConnection);
DataSet ds = new DataSet();
ad.Fill(ds, "Categories");
myGridView.DataSource = ds;
myGridView.DataBind();
against.
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
ConnectionString="<%$ ConnectionStrings:myConnection %>"
SelectCommand="SELECT * FROM Categories" />
I feel that using SqlDataSource is safe, easily supported. Is my concern true? Please confirm.
source
share