Parameterized Queries (C#, Oracle): How to produce a more readable representation?

Maybe it's worth looking at the way its done in the NHibernate source.

Find the function called "GetCommandLogString(IDbCommand command)" which you could almost copy/paste :p

protected string GetCommandLogString(IDbCommand command){    string outputText;    if (command.Parameters.Count == 0)    {        outputText = command.CommandText;    }    else    {        StringBuilder output = new StringBuilder();        output.Append(command.CommandText);        output.Append("; ");        IDataParameter p;        int count = command.Parameters.Count;        for (int i = 0; i < count; i++)        {            p = (IDataParameter) command.Parameters[i];            output.Append(string.Format("{0} = '{1}'", p.ParameterName, p.Value));            if (i + 1 < count)            {                output.Append(", ");            }        }        outputText = output.ToString();    }    return outputText;}

The trouble with trying to store this as a runnable statement for later use is that the parameter version runs differently to the hard-coded-string version, since the former doesn't require the typecasting inline, e.g. you don't have to put quotes around the string parameters etc. You'd need to do that manually depending on the type of each parameter.

I don't know what your log format is, but you might be better off writing to the log the SQL to run a parametized query instead; i.e., declare necessary variables, and assign values, then run the query. It will make for more lines (or longer lines, if you avoid the line breaks), but then you can just run the code as-is, and you don't have to worry about replacing the parameters yourself. Plus your log entries are resistant to SQL injection :)

Well use the replace function. Why not? Or you can use string.format(). Or regular expressions. Or a combination. All you want is string manipulation.