Does C# have to be installed in my computer to access SQL database?

Question

1.00/5 (1 vote)

See more:

Hello friends,
I am trying to write codes that is interested with SQL.I won't use the SQL IDE this is why I wonder if I can access database unless SQL installed.I will just run the C# codes ,I wouldn't like to install SQL server in the machine because maybe 5 five years later it can be adaptation problem.

What I have tried:

private void button1_Click(object sender, EventArgs e)
        {
            if (sqlConnection.State == ConnectionState.Closed)
            {
                label61.Text = DateTime.Now.ToString();
                sqlConnection.Open();
                SqlCommand sqlCommand = new SqlCommand("Insert into ContaVarlık([Parça Varlığı],Tarih) VALUES ('" + "OK" + "','" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "')", sqlConnection);
                sqlCommand.ExecuteNonQuery();
                sqlCommand.Dispose();
                sqlConnection.Close();
            }
        }
        //********************************************************************************************************************//
        private void button2_Click(object sender, EventArgs e)
        {
            string command = "if exists(select * from sys.tables where name like 'ContaVarlık') drop table ContaVarlık " +
                "create table ABC(" +
                "OgrNo varchar(4))";

            if (sqlConnection.State == ConnectionState.Closed)
            {
                SqlCommand sqlCommand = new SqlCommand(command, sqlConnection);
                sqlConnection.Open();
                sqlCommand.ExecuteNonQuery();
                sqlConnection.Close();
            }
        }

Posted 10-May-18 21:37pm

Emrah Duatepe

Updated 10-May-18 22:01pm

Add a Solution

Comments

Richard MacCutchan 11-May-18 3:45am

Where is your database and what type is it? You must have an interface to a database system, SQL Compact, SQL Server, Oracle etc.

GKP1992 11-May-18 3:51am

I presume it is SQL server since they do not want to install it.

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CHill60 · Answer 1 · 2018-05-10T22:02:00

As per solution 1, no you do not and, for client machines, should not.

You can connect to (remote) databases using .NET Framework Data Providers[^] which are included in the .NET framework. The link (to the Microsoft Docs) gives further information and links to "how to" articles.

Also as per solution 1 - use Parameterized queries - this article explains why .. SQL Injection - OWASP[^] .. and this one explains how ... Query Parameterization Cheat Sheet - OWASP[^]

[EDIT]
I had another look at the code you posted ... instead of using sys.tables use
System Information Schema Views[^] - they are designed to be cross platform and cross version so you will be helping to "future proof" (protect) your code.

SQL

if exists (select * from INFORMATION_SCHEMA.TABLES where TABLE_NAME = 'ContaVarlık' AND TABLE_SCHEMA = 'dbo')
    drop table dbo.ContaVarlık;

Also the first bit of code that contains the concatenation does not need the concatenation - it could just be

SQL

Insert into ContaVarlık([Parça Varlığı],Tarih) VALUES ('OK',GetDate())

GKP1992 · Answer 2 · 2018-05-10T21:51:00

Absolutely not. You do not need SQL server management studio installed on your computer for your code to be able to access the database, however, it is advisable to do so to verify your code does what it is supposed to do. Also, I will strongly advise against string concatenation to create an SQL query, it is a major security risk.

Learn about parametrized SQL queries and use them to make your code resistant to SQL injection attacks.

jsc42 · Answer 3 · 2018-05-10T22:02:00

You express concern about future compatibility but you are using SQL Server specific code (not all databases store internal data like table names in a table called sys.tables). You must have an iunstance of an SQL engine somewhere - why not put it into a cloud where the cloud vendor will ensure that the database engine is kept at a good update level.

Does C# have to be installed in my computer to access SQL database?

3 solutions

Solution 3

Solution 1

Solution 2

Add your solution here

Preview 0