[英]C# sql delete command
SqlConnection con1 = new SqlConnection(strcon);
con1.Open();
string query = " ";
query += " BEGIN TRANSACTION ";
query += " DELETE FROM VehicleRentals FROM VehicleRentals INNER JOIN Vehicles N VehicleRentals.VehicleID = Vehicles.VehicleID WHERE LicensePlate=@LicensePlate ";
query += " DECLARE @x int ";
query += " SELECT @x = VehicleTypeCode FROM Vehicles WHERE LicensePlate=@LicensePlate ";
query += " DELETE FROM Manufacturers FROM Manufacturers INNER JOIN Models ON Manufacturers.ManufacturerCode = Models.ManufacturerCode INNER JOIN Vehicles ON Models.ModelID = Vehicles.ModelID WHERE LicensePlate=@LicensePlate ";
query += " DELETE FROM VehicleTypes FROM VehicleTypes WHERE VehicleTypeCode = @x ";
query += " COMMIT TRANSACTION ";
SqlCommand cmd1 = new SqlCommand(query, con1);
cmd1.Parameters.AddWithValue("@LicensePlate", txtPlaka.Text);
cmd1.ExecuteNonQuery();
con1.Close();
I fixed the code as you said. 我已按照您的要求修复了代码。 Spaces between lines and I'm using parameter @LicensePlate.
行之间的空格,我正在使用参数@LicensePlate。 But the code is not working
但是代码不起作用
query += "BEGIN TRANSACTION";
query += "DELETE FROM VehicleRentals FROM VehicleRentals INNER JOIN Vehicles N..."
turns into 变成
"BEGIN TRANSACTIONDELETE FROM..."
You need to include the spaces between each line: 您需要在每行之间包括空格:
query += "BEGIN TRANSACTION";
query += " DELETE FROM VehicleRentals FROM VehicleRentals INNER JOIN Vehicles N..."
And as others have stated, you should use parameters to avoid sql injection. 正如其他人所说,应该使用参数来避免sql注入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.