堆栈内存溢出
  简体   繁体   English

在C#中形成参数化SQL语句的正确方法是什么

[英]What is the correct way to form a parameterized SQL statement in C#

 原文  2013-09-19 16:48:22       c#/ sql/ parameterized-query

问题描述

Objective: Using C# and SQL2008 correctly setup a Parameterized SQL Insert statement 目标:使用C#和SQL2008正确设置参数化SQL插入语句

Issue: The following statement is used in a for loop so the values must be cleared. 问题:在for循环中使用以下语句,因此必须清除值。 Upon running this code it states there is a syntax error near 250. The code is as follows 在运行此代码时,它指出250附近存在语法错误。代码如下 

for (int i = 0; i < Rows.Count; i++)
{
    cmd.Parameters.Clear();

    struct Row = (struct)Rows[i];

    sql = "@RowName varchar(250) = null " +
    "INSERT INTO " +
        "database.dbo.table" +
             "(database.dbo.tabe.RowName) " +
    "VALUES " +
        "(@RowName) ";

 cmd.CommandText = sql;
 cmd.Parameters.AddWithValue("@RowValue ", Row.RowName);

} }

Thank you in advance for corrections, comments and suggestions. 提前感谢您的更正,意见和建议。

2 个解决方案

解决方案1
 2 已采纳  2013-09-19 16:50:43

You don't have to re-declare the variable inside the SQL code. 您不必在SQL代码中重新声明该变量。 This should work: 这应该工作: 

sql =
    "INSERT INTO " +
        "database.dbo.table" +
            "(database.dbo.tabe.RowName) " +
    "VALUES " +
        "(@RowName) ";

cmd.CommandText = sql;
cmd.Parameters.AddWithValue("@RowValue ", Row.RowName);

解决方案2
 2  2013-09-19 16:52:59

struct is a keyword, you can't use it as a type name. struct是一个关键字,您不能将其用作类型名称。 You don't need to declare the parameter first, (all necessary metadata is inferred from AddWithValue in this case) and the parameter name in the SQL query has to match what you put in AddWithValue . 您不需要首先声明参数(在这种情况下,从AddWithValue推断出所有必需的元数据),并且SQL查询中的参数名称必须与您在AddWithValue放置的内容相AddWithValue 

for (int i = 0; i < Rows.Count; i++)
{
    cmd.Parameters.Clear();

    var Row = (MyStruct)Rows[i];

    sql = "INSERT INTO " +
        "database.dbo.table " +
             "(database.dbo.tabe.RowName) " +
    "VALUES " +
        "(@RowName)";

    cmd.CommandText = sql;
    cmd.Parameters.AddWithValue("@RowName", Row.RowName);
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我的第一个c#声明......这样做的正确方法是什么? - my first c# statement…what is the correct way to do this? 如何在C#中的SQL语句中构建参数化查询或用户转义? - How to build a parameterized query or user escaping in this SQL statement in C#? 将Sql中的bit值转换为C#中的Int的正确方法是什么 - What is the correct way to convert a value that is bit in Sql to Int in C# 在C#中评估sql语句的最佳方法是什么? - What is the best way to evaluate a sql statement in C#? 在C#中的循环内调用参数化方法的最佳方法是什么 - What is the best way to call a parameterized method inside a loop in C# C#.Net中的参数化SQL - Parameterized SQL in C# .Net 从主表单以另一种形式获取字符串的正确方法是什么? C# - What is the correct way to get strings from the Main Form in another form? C# 在c#中表示double的正确方法是什么? - What is the correct way of representing double in c#? 在C#中释放内存的正确方法是什么? - What is the correct way to free memory in C# C#函数执行参数化的插入语句 - C# function to execute parameterized insert statement
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM