Class SparqlParameterizedString

A SPARQL Parameterized String is a String that can contain parameters in the same fashion as a SQL command string.

Inheritance

object

SparqlParameterizedString

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

Namespace: VDS.RDF.Query

Assembly: dotNetRdf.dll

Syntax

public class SparqlParameterizedString

Remarks

This is intended for use in applications which may want to dynamically build SPARQL queries/updates where user input may comprise individual values in the triples patterns and the applications want to avoid SPARQL injection attacks which change the meaning of the query/update.

It works broadly in the same way as a SqlCommand would in that you specify a string with paramters specified in the form @name and then use various set methods to set the actual values that should be used. The values are only substituted for parameters when you actually call the ToString() method to get the final string representation of the command. E.g.

SparqlParameterizedString queryString = new SparqlParameterizedString();
queryString.CommandText = @"SELECT * WHERE
{
    ?s a @type .
}";
queryString.SetUri("type", new Uri("http://example.org/myType"));
Console.WriteLine(queryString.ToString());

Would result in the following being printed to the Console:

SELECT * WHERE
{
    ?s a <http://example.org/myType>
}

Calling a Set method to set a parameter that has already been set changes that value and the new value will be used next time you call ToString() - this may be useful if you plan to execute a series of queries/updates using a series of values since you need not instantiate a completely new parameterized string each time.

This class was added to a library based on a suggestion by Alexander Sidorov and ideas from slides from Slideshare by Almedia et al.

PERFORMANCE TIPS: if building the command text incrementally, avoid using CommandText += and use the AppendSubQuery or Append methods instead.

Constructors

| Edit this page View Source

SparqlParameterizedString()

Creates a new empty parameterized String.

Declaration

public SparqlParameterizedString()

| Edit this page View Source

SparqlParameterizedString(string)

Creates a new parameterized String.

Declaration

public SparqlParameterizedString(string command)

Parameters

Type	Name	Description
string	command	Command Text.

Properties

| Edit this page View Source

BaseUri

Gets/Sets the Base URI which will be used to prepend BASE declarations to the command.

Declaration

public Uri BaseUri { get; set; }

Property Value

Type	Description
Uri

| Edit this page View Source

CommandText

Gets/Sets the parameterized Command Text.

Declaration

public virtual string CommandText { get; set; }

Property Value

Type	Description
string

| Edit this page View Source

Namespaces

Gets/Sets the Namespace Map that is used to prepend PREFIX declarations to the command.

Declaration

public INamespaceMapper Namespaces { get; set; }

Property Value

Type	Description
INamespaceMapper

| Edit this page View Source

Parameters

Gets an enumeration of the Parameters for which Values have been set.

Declaration

public IEnumerable<KeyValuePair<string, INode>> Parameters { get; }

Property Value

Type	Description
IEnumerable<KeyValuePair<string, INode>>

| Edit this page View Source

QueryProcessor

Gets/Sets the Query processor which is used when you call the ExecuteQuery() method.

Declaration

public ISparqlQueryProcessor QueryProcessor { get; set; }

Property Value

Type	Description
ISparqlQueryProcessor

| Edit this page View Source

UpdateProcessor

Gets/Sets the Query processor which is used when you call the ExecuteUpdate() method.

Declaration

public ISparqlUpdateProcessor UpdateProcessor { get; set; }

Property Value

Type	Description
ISparqlUpdateProcessor

| Edit this page View Source

Variables

Gets an enumeration of the Variables for which Values have been set.

Declaration

public IEnumerable<KeyValuePair<string, INode>> Variables { get; }

Property Value

Type	Description
IEnumerable<KeyValuePair<string, INode>>

Methods

| Edit this page View Source

Append(string)

Appends the given text to the existing command text, any prefixes in the command are moved to the parent query.

Declaration

public void Append(string text)

Parameters

Type	Name	Description
string	text	Text.

| Edit this page View Source

Append(SparqlParameterizedString)

Appends the given text to the existing command text, any prefixes in the sub-query are moved to the parent query but any parameter/variable assignments will be lost.

Declaration

public void Append(SparqlParameterizedString text)

Parameters

Type	Name	Description
SparqlParameterizedString	text	Text.

| Edit this page View Source

AppendSubQuery(SparqlParameterizedString)

Appends the given query as a sub-query to the existing command text, any prefixes in the sub-query are moved to the parent query but any parameter/variable assignments will be lost.

Declaration

public void AppendSubQuery(SparqlParameterizedString query)

Parameters

Type	Name	Description
SparqlParameterizedString	query	Query.

| Edit this page View Source

AppendSubQuery(SparqlQuery)

Appends the given query as a sub-query to the existing command text, any prefixes in the sub-query are moved to the parent query.

Declaration

public void AppendSubQuery(SparqlQuery query)

Parameters

Type	Name	Description
SparqlQuery	query	Query.

| Edit this page View Source

Clear()

Clears all set Parameters and Variables.

Declaration

public virtual void Clear()

| Edit this page View Source

ClearParameters()

Clears all set Parameters.

Declaration

public virtual void ClearParameters()

| Edit this page View Source

ClearVariables()

Clears all set Variables.

Declaration

public virtual void ClearVariables()

| Edit this page View Source

ExecuteQuery()

Executes this command as a query.

Declaration

public SparqlResultSet ExecuteQuery()

Returns

Type	Description
SparqlResultSet

| Edit this page View Source

ExecuteQuery(IRdfHandler, ISparqlResultsHandler)

Executes this command as a query.

Declaration

public void ExecuteQuery(IRdfHandler rdfHandler, ISparqlResultsHandler resultsHandler)

Parameters

Type	Name	Description
IRdfHandler	rdfHandler	RDF Handler.
ISparqlResultsHandler	resultsHandler	Results Handler.

| Edit this page View Source

ExecuteUpdate()

Executes this command as an update.

Declaration

public void ExecuteUpdate()

| Edit this page View Source

SetBlankNode(string)

Sets the Parameter to be a new anonymous Blank Node.

Declaration

public void SetBlankNode(string name)

Parameters

Type	Name	Description
string	name	Parameter.

Remarks

Only guarantees that the Blank Node ID will not clash with any other Blank Nodes added by other calls to this method or it's overload which takes an explicit Node ID. If the base query text into which you are inserting parameters contains Blank Nodes then the IDs generated here may clash with those IDs.

| Edit this page View Source

SetBlankNode(string, string)

Sets the Parameter to be a Blank Node with the given ID.

Declaration

public void SetBlankNode(string name, string value)

Parameters

Type	Name	Description
string	name	Parameter.
string	value	Node ID.

Remarks

Only guarantees that the Blank Node ID will not clash with any other Blank Nodes added by other calls to this method or it's overload which generates anonymous Blank Nodes. If the base query text into which you are inserting parameters contains Blank Nodes then the IDs generated here may clash with those IDs.

| Edit this page View Source

SetLiteral(string, bool)

Sets the Parameter to a Boolean Literal.

Declaration

public void SetLiteral(string name, bool value)

Parameters

Type	Name	Description
string	name	Parameter.
bool	value	Integer.

| Edit this page View Source

SetLiteral(string, DateTime)

Sets the Parameter to a Date Time Literal.

Declaration

public void SetLiteral(string name, DateTime value)

Parameters

Type	Name	Description
string	name	Parameter.
DateTime	value	Integer.

| Edit this page View Source

SetLiteral(string, DateTime, bool)

Sets the Parameter to a Date Time Literal.

Declaration

public void SetLiteral(string name, DateTime value, bool precise)

Parameters

Type	Name	Description
string	name	Parameter.
DateTime	value	Integer.
bool	precise	Whether to preserve precisely i.e. include fractional seconds.

| Edit this page View Source

SetLiteral(string, DateTimeOffset)

Sets the Parameter to a Date Time Literal.

Declaration

public void SetLiteral(string name, DateTimeOffset value)

Parameters

Type	Name	Description
string	name	Parameter.
DateTimeOffset	value	Integer.

| Edit this page View Source

SetLiteral(string, DateTimeOffset, bool)

Sets the Parameter to a Date Time Literal.

Declaration

public void SetLiteral(string name, DateTimeOffset value, bool precise)

Parameters

Type	Name	Description
string	name	Parameter.
DateTimeOffset	value	Integer.
bool	precise	Whether to preserve precisely i.e. include fractional seconds.

| Edit this page View Source

SetLiteral(string, decimal)

Sets the Parameter to a Decimal Literal.

Declaration

public void SetLiteral(string name, decimal value)

Parameters

Type	Name	Description
string	name	Parameter.
decimal	value	Integer.

| Edit this page View Source

SetLiteral(string, double)

Sets the Parameter to a Double Literal.

Declaration

public void SetLiteral(string name, double value)

Parameters

Type	Name	Description
string	name	Parameter.
double	value	Integer.

| Edit this page View Source

SetLiteral(string, short)

Sets the Parameter to an Integer Literal.

Declaration

public void SetLiteral(string name, short value)

Parameters

Type	Name	Description
string	name	Parameter.
short	value	Integer.

| Edit this page View Source

SetLiteral(string, int)

Sets the Parameter to an Integer Literal.

Declaration

public void SetLiteral(string name, int value)

Parameters

Type	Name	Description
string	name	Parameter.
int	value	Integer.

| Edit this page View Source

SetLiteral(string, long)

Sets the Parameter to an Integer Literal.

Declaration

public void SetLiteral(string name, long value)

Parameters

Type	Name	Description
string	name	Parameter.
long	value	Integer.

| Edit this page View Source

SetLiteral(string, float)

Sets the Parameter to a Float Literal.

Declaration

public void SetLiteral(string name, float value)

Parameters

Type	Name	Description
string	name	Parameter.
float	value	Integer.

| Edit this page View Source

SetLiteral(string, string, bool)

Sets the Parameter to an Untyped Literal.

Declaration

public void SetLiteral(string name, string value, bool normalizeValue)

Parameters

Type	Name	Description
string	name	Parameter.
string	value	The literal value.
bool	normalizeValue	Whether to normalize the string value of `value`.

| Edit this page View Source

SetLiteral(string, string, string, bool)

Sets the Parameter to a Literal with a Language Specifier.

Declaration

public void SetLiteral(string name, string value, string lang, bool normalizeLiteralValue)

Parameters

Type	Name	Description
string	name	Parameter.
string	value	The Literal value.
string	lang	The language specifier.
bool	normalizeLiteralValue	Whether to normalize the string value of `value`.

| Edit this page View Source

SetLiteral(string, string, Uri, bool)

Sets the Parameter to a Typed Literal.

Declaration

public void SetLiteral(string name, string value, Uri datatype, bool normalizeLiteralValue)

Parameters

Type	Name	Description
string	name	Parameter.
string	value	The literal value.
Uri	datatype	Datatype URI.
bool	normalizeLiteralValue	Whether to normalize the string value of `value`.

| Edit this page View Source

SetLiteral(string, TimeSpan)

Sets the Parameter to a Duration Literal.

Declaration

public void SetLiteral(string name, TimeSpan value)

Parameters

Type	Name	Description
string	name	Parameter.
TimeSpan	value	Integer.

| Edit this page View Source

SetParameter(string, INode)

Sets the Value of a Parameter.

Declaration

public void SetParameter(string name, INode value)

Parameters

Type	Name	Description
string	name	Parameter Name.
INode	value	Value.

Remarks

Can be used in derived classes to set the value of parameters if the derived class defines additional methods for adding values for parameters.

| Edit this page View Source

SetUri(string, Uri)

Sets the Parameter to a URI.

Declaration

public void SetUri(string name, Uri value)

Parameters

Type	Name	Description
string	name	Parameter.
Uri	value	URI.

| Edit this page View Source

SetVariable(string, INode)

Sets the Value of a Variable.

Declaration

public virtual void SetVariable(string name, INode value)

Parameters

Type	Name	Description
string	name	Variable Name.
INode	value	Value.

| Edit this page View Source

ToString()

Returns the actual Query/Update String with parameter and variable values inserted.

Declaration

public override string ToString()

Returns

Type	Description
string

Overrides

object.ToString()

| Edit this page View Source

UnsetParameter(string)

Removes a previously set value for a Parameter.

Declaration

public void UnsetParameter(string name)

Parameters

Type	Name	Description
string	name	Parameter Name.

Remarks

There is generally no reason to do this since you can just set a parameters value to change it.

| Edit this page View Source

UnsetVariable(string)

Removes a previously set value for a Variable.

Declaration

public void UnsetVariable(string name)

Parameters

Type	Name	Description
string	name	Variable Name.

Remarks

May be useful if you have a skeleton query/update into which you sometimes substitute values for variables but don't always do so.

Extension Methods

Extensions.ToSafeString(object)

Extensions.AsEnumerable<T>(T)