C＃SQL删除命令

Question

SqlConnection con1 = new SqlConnection(strcon);
con1.Open();

string query = " ";
query += " BEGIN TRANSACTION ";
query += " DELETE FROM VehicleRentals FROM VehicleRentals INNER JOIN Vehicles N VehicleRentals.VehicleID = Vehicles.VehicleID WHERE LicensePlate=@LicensePlate ";
query += " DECLARE @x int ";
query += " SELECT @x = VehicleTypeCode FROM Vehicles WHERE LicensePlate=@LicensePlate ";
query += " DELETE FROM Manufacturers FROM Manufacturers INNER JOIN Models ON Manufacturers.ManufacturerCode = Models.ManufacturerCode INNER JOIN Vehicles ON Models.ModelID = Vehicles.ModelID WHERE LicensePlate=@LicensePlate ";
query += " DELETE FROM VehicleTypes FROM VehicleTypes WHERE VehicleTypeCode = @x ";
query += " COMMIT TRANSACTION ";

SqlCommand cmd1 = new SqlCommand(query, con1);
cmd1.Parameters.AddWithValue("@LicensePlate", txtPlaka.Text);
cmd1.ExecuteNonQuery();
con1.Close();

I fixed the code as you said. Spaces between lines and I'm using parameter @LicensePlate. But the code is not working

Answer 1

query += "BEGIN TRANSACTION";
query += "DELETE FROM VehicleRentals FROM VehicleRentals INNER JOIN Vehicles N..."

turns into

"BEGIN TRANSACTIONDELETE FROM..."

You need to include the spaces between each line:

query += "BEGIN TRANSACTION";
query += " DELETE FROM VehicleRentals FROM VehicleRentals INNER JOIN Vehicles N..."

And as others have stated, you should use parameters to avoid sql injection.