You can create an insert query with defining parameters in sqlcommand:
SQLCommand cmd = new SQLCommand("Insert into Category(id, name) values(@id, @name)" , con);
Where
con
is the
SQLConnection
object.
You can define parameters as follows:
SQLParamter param1 = new SQLParamter("@id","1");
SQLParamter param2 = new SQLParamter("@name","O'Really");
Add the parameters in above
SQLCommand
:
cmd.Parameters.add(param1);
cmd.Parameters.add(param2);
Execute the command:
cmd.ExecuteNonQuery();
Hope this will help you.