C# guid and SQL uniqueidentifier

Question

I want to create a GUID and store it in the DB.

In C# a guid can be created using Guid.NewGuid(). This creates a 128 bit integer. SQL Server has a uniqueidentifier column which holds a huge hexidecimal number.

Is there a good/preferred way to make C# and SQL Server guids play well together? (i.e. create a guid using Guid.New() and then store it in the database using nvarchar or some other field ... or create some hexidecimal number of the form that SQL Server is expecting by some other means)

Do NOT use nvarchar, use uniqueidentifier.

Tor Haugen
– Tor Haugen

2009-09-16 22:55:33 +00:00
Commented Sep 16, 2009 at 22:55 — Tor Haugen
– Tor Haugen, Commented Sep 16, 2009 at 22:55

Luke Girvin · Accepted Answer · 2020-01-22 16:46:52Z

73

Here's a code snippet showing how to insert a GUID using a parameterised query:

    using(SqlConnection conn = new SqlConnection(connectionString))
    {
        conn.Open();
        using(SqlTransaction trans = conn.BeginTransaction())
        using (SqlCommand cmd = conn.CreateCommand())
        {
            cmd.Transaction = trans;
            cmd.CommandText = @"INSERT INTO [MYTABLE] ([GuidValue]) VALUE @guidValue;";
            cmd.Parameters.AddWithValue("@guidValue", Guid.NewGuid());
            cmd.ExecuteNonQuery();
            trans.Commit();
        }
    }

edited Jan 22, 2020 at 16:46

Luke Girvin

13.5k10 gold badges69 silver badges87 bronze badges

answered Sep 16, 2009 at 23:16

DLKJ

8681 gold badge5 silver badges12 bronze badges

Sign up to request clarification or add additional context in comments.

4 Comments

Peter Oehlert Over a year ago

guidValue should be @guidValue

Christian Hayter Over a year ago

+1 for demonstrating the correct way to do it, rather than just answering the question literally.

Hcabnettek Over a year ago

Very useful. I was trying to parse a string etc... inside the database. This works great. Cheers, ~ck

Edwin Stoteler Over a year ago

This works for inserting but not for a WHERE clause. It tries to compare the lowercase guid from c# to the uppercase uniqueidentifier and that doesn't match.

Peter Oehlert · Accepted Answer · 2009-09-16 22:50:41Z

61

SQL is expecting the GUID as a string. The following in C# returns a string Sql is expecting.

"'" + Guid.NewGuid().ToString() + "'"

Something like

INSERT INTO TABLE (GuidID) VALUE ('4b5e95a7-745a-462f-ae53-709a8583700a')

is what it should look like in SQL.

answered Sep 16, 2009 at 22:50

Peter Oehlert

17.1k7 gold badges46 silver badges49 bronze badges

4 Comments

Pierre-Alain Vigeant Over a year ago

If you use SqlParameter, you don't have to convert the GUID into a string.

Peter Oehlert Over a year ago

To be clearer to everyone, I'm not suggesting that the sql specified should be used as demonstrated from C# with string concatenation. The crux of the question, I believe, is what form does a SQL UNIQUEIDENTIFIER LITERAL look like. The literal looks just like a string but with a special format. The two code snippets demonstrate what the literal looks like in 2 languages. I agree with DLKG that using a parameterized query and passing the guid as a typed parameter is both more performant as well as preventing potential SQL Injection attacks.

Nate Anderson Over a year ago

And in Entity Framework, Database first method, a uniqueidentifier SQL datatype (recommended in comment by @TorHaugen) translates to a System.Guid C# datatype, which is what OP asked about

phil123456 Over a year ago

so how does System.Guid generates an identifier that is not already in the DB ? although, the odds would be small...is there a check for uniqueness ?

canon · Accepted Answer · 2024-12-17 14:59:24Z

12

You can pass a C# Guid value directly to a SQL Stored Procedure by specifying SqlDbType.UniqueIdentifier.

Your method may look like this (provided that your only parameter is the Guid):

int StoreGuid(Guid guid)
{
  using SqlConnection connection = new("YourDataBaseConnectionString");
  using SqlCommand command = new() {
    Connection = connection ,
    CommandType = CommandType.StoredProcedure,
    CommandText = "StoreGuid",
    Parameters = {
      new() {
        ParameterName = "@guid",
        SqlDbType = SqlDbType.UniqueIdentifier, // right here
        Value = guid
      }
    }
  };
  connection.Open();
  return command.ExecuteNonQuery();    
}

_{See also: SQL Server's uniqueidentifier}

edited Dec 17, 2024 at 14:59

answered Feb 17, 2011 at 18:49

canon

41.9k10 gold badges77 silver badges102 bronze badges

Comments

Jay Riggs · Accepted Answer · 2009-09-16 22:51:01Z

5

Store it in the database in a field with a data type of uniqueidentifier.

answered Sep 16, 2009 at 22:51

Jay Riggs

53.7k10 gold badges146 silver badges156 bronze badges

Comments

Erwin · Accepted Answer · 2012-09-07 08:40:19Z

2

// Create Instance of Connection and Command Object
SqlConnection myConnection = new SqlConnection(GentEFONRFFConnection);
myConnection.Open();
SqlCommand myCommand = new SqlCommand("your Procedure Name", myConnection);
myCommand.CommandType = CommandType.StoredProcedure;
myCommand.Parameters.Add("@orgid", SqlDbType.UniqueIdentifier).Value = orgid;
myCommand.Parameters.Add("@statid", SqlDbType.UniqueIdentifier).Value = statid;
myCommand.Parameters.Add("@read", SqlDbType.Bit).Value = read;
myCommand.Parameters.Add("@write", SqlDbType.Bit).Value = write;
// Mark the Command as a SPROC

myCommand.ExecuteNonQuery();

myCommand.Dispose();
myConnection.Close();

edited Sep 7, 2012 at 8:40

Erwin

4,8113 gold badges34 silver badges42 bronze badges

answered Apr 11, 2012 at 9:13

Sunandan Dutt

673 bronze badges

Collectives™ on Stack Overflow

C# guid and SQL uniqueidentifier

5 Answers 5

4 Comments

4 Comments

Comments

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

5 Answers 5

4 Comments

4 Comments

Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related