Great tutorial, Bhrugen! You're absolutely right at 48:56 about always using parameterization to avoid SQL injection vulnerabilities, but just to be clear, it's only a vulnerability when the data you're appending has the ability of returning something that SQL could misinterpret. In this case, you're appending an int. There's no value of int which when converted to a string would be mishandled by SQL Server, so there's no risk here. On the other hand, if the id param were a string, then you'd be right, because the user might pass in something like "0; DROP TABLE Companies;" Again, it's better to just always use parameterization like you said, but I just want anyone who's curious to have a deeper understanding of what specifically makes something vulnerable to SQL injection.
Oh, thats good. Entity Framework is very bad for performance. Update is sucks with EF, I like typing sql queries myself. Yes it's hard sometimes but, everything is only my hands.
Hi Ray, That is one of the most important piece with Dapper which can be tricky to understand! I cover one to one and one to many relations with Dapper in the full course, which is on dotnetmastery.com
its very wrong approach, using connection initialization in Constructor will give "Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached" errors
Can you make a video where you log Dapper sql commands ? So instead of logging "Select * from products where productId = :prodID" you log the complete string "Select * from products where productId = 1 " .
Should be called learn Dapper in under 30 minutes, because the Dapper part doesn't start until 32:00 - good video though, but those that already know EF can skip the first half hour!
when you use dapper you do not "create" table, you need to either create it directly using SQL statements and access with Dapper right? In that case we can use any technology to use Dapper, since the purpose of Dapper is to access/modify with database after the table is created. Please correct me if you think this is not a correct statement.
@@DotNetMastery I agree with you. Whilst EF can do Table Creations with Code-First Approach, You still need to create the same tables with EF Core if you're on Database-First approach. It's more of Data manipulation as opposed to database creation what this tutorial is all about. (At least that's how I understand it).
![ปฏิเสธไม่ไหว (Crush on you) - LIPTA feat. No One Else [Official MV]](http://i.ytimg.com/vi/NBw1jF342vw/mqdefault.jpg)
Dapper starts at 42:00
Golden Comment.
Very late to see your comments...
I saw your comment too late
Thank you
so really the title should be 'learn dapper in 18 minutes' 🤣
Thanks for the informative video. Good job.
Correction in 49:26. Vulnerable to "SQL Injection" not "dependency injection" attacks.
Great tutorial, Bhrugen! You're absolutely right at 48:56 about always using parameterization to avoid SQL injection vulnerabilities, but just to be clear, it's only a vulnerability when the data you're appending has the ability of returning something that SQL could misinterpret. In this case, you're appending an int. There's no value of int which when converted to a string would be mishandled by SQL Server, so there's no risk here. On the other hand, if the id param were a string, then you'd be right, because the user might pass in something like "0; DROP TABLE Companies;"
Again, it's better to just always use parameterization like you said, but I just want anyone who's curious to have a deeper understanding of what specifically makes something vulnerable to SQL injection.
Indeed!
thank you so much for the explanation
Title says how to use dapper, but must of the video shows how to use EF Core
Dapper install at 42:00 and using it at 46:00
The Company class implementation is at 15:00
Bhrugen I reallly enjoy your teaching style and you have helped me so much already with my learning journy into C# ! Thanks for being awesome!
Thank you so much for the wonderful feedback!
Good Tutorial.As a beginner of dapper and an experienced of EF,I can say it was very much helpful to understand the exact changes also.
Thank you
Quality Video....Would love a series of this advancing more into Dapper
Pls post dapper full course sir
Oh, thats good. Entity Framework is very bad for performance. Update is sucks with EF, I like typing sql queries myself. Yes it's hard sometimes but, everything is only my hands.
it is posible use a Transaction?, do yo have an example?
At 49:00 by "dependency injection attacks" I think you meant "sql injection attacks"
I was about to comment the same, and wanted to see just in case if any one else has caught it, and there you have !!
Which you do you prefer Mr. Patel?
Dapper for large scale project! Hands down
@@DotNetMastery what is considered a large scale?
Realistic video thanks
hi . have you explain register and login in dapper environment >>
core 6
Can you share Dapper toturial?
Brilliant
Excellent video. One comment, at ~49 mins, it's SQL Injection attacks, rather than dependency injection.
i noticed this too.
Thank you great video!
When will be available the release of .net 5 ? is the preview stable?
.net 5 will be released in nov!
@@DotNetMastery Thank you
where is the repository link for this video example
Good one. Thank you!!
this is gold!. thank you
.net 6 and above does not t have startup file what to do
Awesome. Thanks
at 17:07 what would i put into google to get the connection string template?
Hello Bhrugen, are we going to be working with 2 or more tables with one to many relationship using Dapper? Thanks
Hi Ray, That is one of the most important piece with Dapper which can be tricky to understand! I cover one to one and one to many relations with Dapper in the full course, which is on dotnetmastery.com
@@DotNetMastery Thanks, I will enroll.
There is no .Net Core 5, as of now .Net Core's current version is 3.1, there is .Net 5, but that's a different thing... :D
its very wrong approach, using connection initialization in Constructor will give "Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached" errors
Dude it was like 10 minutes of dapper the rest was Entiry Framework. You didn't even show how to map relationships
Can you make a video where you log Dapper sql commands ? So instead of logging "Select * from products where productId = :prodID" you log the complete string "Select * from products where productId = 1 " .
is this for Entity Framework or Dapper? All I hear is Entity framework...
Thats the firs part, hang on
Awesome
Should be called learn Dapper in under 30 minutes, because the Dapper part doesn't start until 32:00 - good video though, but those that already know EF can skip the first half hour!
31:30
Dapper Fundamentals will be more helpful. Its more on EF
Video could have been cut down to 15 minutes due to it not showing anything about Dapper for 42 minutes. Sheesh.
*sings everytime* O R Mmmmmm!
wtf is that name
you have wasted 45 min to show the entity framework thing which is not good under the title sorry but no offence
Learn Dapper in 7 minutes
This video dos not focus on Dapper at all! You created the table with EF and used it with dapper!
when you use dapper you do not "create" table, you need to either create it directly using SQL statements and access with Dapper right? In that case we can use any technology to use Dapper, since the purpose of Dapper is to access/modify with database after the table is created. Please correct me if you think this is not a correct statement.
@@DotNetMastery I agree with you. Whilst EF can do Table Creations with Code-First Approach, You still need to create the same tables with EF Core if you're on Database-First approach. It's more of Data manipulation as opposed to database creation what this tutorial is all about. (At least that's how I understand it).
fast video to 2
you don't explain why you do anything