[英]Ignore single quote in C#
In my program I have this statment ...... 在我的程序中,我有这句话……
ct = String.Format(@"select [Movie Selector] from WSTMDS3
natural prediction join
(select
'{0}'as[Age],
'{1}'as[Education Level],
'{2}'as[Gender],
'{3}'as[Home Ownership],
'{4}'as[Internet Connection],
'{5}'as[Marital Status]
)as MovieSelector",
TextBox1.Text,
DropDownList1.SelectedValue,
DropDownList2.SelectedValue,
DropDownList3.SelectedValue,
DropDownList4.SelectedValue,
DropDownList5.SelectedValue)
;
But in DropDown list1 "Education Level " I have some value like this Master' Degree how i can use the single quote ' in this statment . 但是在Dropdown list1“ Education Level”中,我有一些价值,例如硕士学位,我如何在本陈述中使用单引号。
thanks 谢谢
You should not use string.Format
to build your queries. 您不应使用
string.Format
来构建查询。 You should use parameterized queries. 您应该使用参数化查询。
adomdCommand.CommandText = "SELECT ... @P1 ...";
adomdCommand.Parameters.Add(new AdomdParameter("P1", TextBox1.Text));
// etc..
Related 有关
Use SqlCommand and SqlParameter. 使用SqlCommand和SqlParameter。 Example
例
SqlCommand sqlCom=new SqlCommand();
sqlCom.CommandText=@"select [Movie Selector] from WSTMDS3
natural prediction join
(select
@P0 as[Age],
@P1 as[Education Level],
@P2 as[Gender],
@P3 as[Home Ownership],
@P4 as[Internet Connection],
@P5 as[Marital Status]
";
sqlCom.Parameters.AddWithValue("@P0",TextBox1.Text);
除了使用参数化查询外,T-SQL语法中单引号的转义方法是将它们加倍。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.