0

I need a clarification, i went through different turorials on entity framework and implemented in my project.

Later when it came to security of application, i understood that parameterised queries are good for security.

My questions are :

  1. Will entity framwork automatically take care of parameterised queries
  2. If yes, where it is implemented?
  3. Is it implemeneted in context class like below?
modelBuilder.Entity<TriggerEvent>().HasKey(c => c.TriggerEventId)
            .HasIndex("IX_TriggerEvent_LegacyName", IndexOptions.Unique,
                        e => e.Property(x => x.LegacyName))
            .Map(m =>
            {
                  m.MapInheritedProperties();
                  m.ToTable("refTriggerEvent", schemaName: "CaseManagement");
            });
Improve this question
2
  • 1
    erm... Linq to Entities doesn't use parameterised queries... Entity SQL can... Query builder method can (using ObjectQuery)... executing raw SQL is the real issue of parameters being dangerous... EF will perform datatype matching to a greater extent (not sure exactly where it does it though).. your code defines part of your model... it is not a parameterised query. Commented Oct 20, 2015 at 10:39
  • This may prove interesting to you... msdn.microsoft.com/en-us/library/vstudio/… Commented Oct 20, 2015 at 10:42

1 Answer 1

Reset to default
3

Will entity framwork automatically take care of parameterised queries

Yes.

If yes, where it is implemented?

EF is open source, you could trawl through the implementation.

Is it implemeneted in context class like below?

That code is defining (part of) the model. There is no query to parametrise.

If you configure logging (DbConext.Database.Log property) you can see the SQL and parameters being passed to the database.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.