[英]How to update an xml string into a database without changing from double quotes to single quotes?
I need to update part of an xml string in a database, but I do not want to change from double quotes to single quotes, in other words, I want to preserve the double quotes in the xml string. 我需要更新数据库中xml字符串的一部分,但我不想从双引号更改为单引号,换句话说,我想保留xml字符串中的双引号。 This question is based of another question I had found here
这个问题是基于我在这里找到的另一个问题
The following: 下列:
ExecuteNonQuery("Update Logs
SET Message = '" + encryptedMessage.Replace('"','\'') + "'
WHERE ID = " + message.Id);
Will replace the double quotes with single quotes and save that to the db, but I do not want to permanently change the quotes. 将双引号替换为单引号并将其保存到数据库,但是我不想永久更改引号。
I am trying this: 我正在尝试:
string sqlUpdate = "Update Logs SET Message = @Message where Id = @Id";
SqlParameter id = new SqlParameter("@Id", message.Id);
SqlParameter msg = new SqlParameter("@Message", message.Msg);
Collection parameters = new Collection();
parameters.Add(id);
parameters.Add(msg);
Data.ExecuteNonQuery(sqlUpdate,parameters);
Data.ExecuteNonQuery
already takes care of the connection for me. Data.ExecuteNonQuery
已经为我处理了连接。
I noticed the sql passed into the ExecuteNonQuery method is Update Logs SET Message = @Message where Id = @Id
我注意到传递给ExecuteNonQuery方法的sql是
Update Logs SET Message = @Message where Id = @Id
I am just using Collection because this the method took a VBCollection. 我正在使用Collection,因为此方法使用了VBCollection。
Use a parametrized query instead and pass in your XML as a SqlParameter
: 请改用参数化查询,并将XML作为
SqlParameter
传递:
string sqlUpdate = "Update Logs set Message = @MESSAGE where ID = @ID";
using (SqlCommand cmd = new SqlCommand(sqlUpdate, someConnection))
{
cmd.Parameters.Add(new SqlParameter("@MESSAGE", SqlDbType.Xml)).Value = encryptedMessage;
cmd.Parameters.Add(new SqlParameter("@ID", SqlDbType.Int)).Value = message.Id;
cmd.ExecuteNonQuery();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.