我始终认为,与使用sqlDataSource编写SQL查询相比,在后面的代码中编写SQL查询并不好
sqlDataAdapter ad = new sqlDataAdapter("SELECT * FROM Categories",myConnection); DataSet ds = new DataSet(); ad.Fill(ds,"Categories"); myGridView.DataSource = ds; myGridView.DataBind();
与
<asp:sqlDataSource ID="sqlDataSource1" runat="server" ConnectionString="<%$ConnectionStrings:myConnection %>" SelectCommand="SELECT * FROM Categories" />
我觉得使用sqlDataSource是安全的,易于维护.
我关心的是真的吗?请说明理由.