In a C# application, I'm building a query by creating a query string with parameters, then to the command adding the parameters and their values. For example:
string query = "UPDATE USERS u SET u.username = @PARM_USERNAME " +
"WHERE u.id = @PARM_USERID ";
command.Parameters.AddWithValue("@PARM_USERNAME", user.username);
command.Parameters.AddWithValue("@PARM_USERID", user.id);
command.Connection.Open();
int res = command.ExecuteNonQuery();
It would be beneficial to see the query with parameters applied, is this doable in C#/Visual Studio? I can check the command.CommandText, but it's only showing me the same content as the query above, with the parameter placeholders there. If it helps, this is against MySQL.
There's no guarantee that there is such a thing as "the query with the parameters applied". I would hope that a driver would simply send down the command as SQL and the parameters in an appropriate form to represent each value. Why go to the bother of escaping values etc, only for the query processor to unescape them and parse them at the other side? It's more efficient and less risky to just pass the data in a binary format of some description.
You should regard it as some code (the SQL) which uses some data (the parameters) and keep the two concepts very separate in your mind. If you need to log what's going on, I would log it as the parameterized SQL and the parameter values separately.