SqlCommand command = new SqlCommand("SELECT * FROM customers WHERE customer_id=@id", connection); command.Parameters.Add("@id", SqlDbType.Int).Value = 1;
SqlCommand command = new SqlCommand("INSERT INTO customers (name, email) VALUES (@name, @email)", connection); command.Parameters.Add("@name", SqlDbType.NVarChar, 50).Value = "John Doe"; command.Parameters.Add("@email", SqlDbType.NVarChar, 50).Value = "[email protected]";The package library used in this example is System.Data.SqlClient, which is included in the .NET Framework.