int KeChengHao = int.Parse(this.textBox1.Text.Trim());

            System.Data.SqlClient.SqlConnection con = new System.Data.SqlClient.SqlConnection("Data Source=127.0.0.1;Initial Catalog=Student;User ID=sa;PassWord=58");

            System.Data.SqlClient.SqlCommand cmd = new System.Data.SqlClient.SqlCommand("delete from 课程表 where 课程号=@课程号", con);
            cmd.CommandType = CommandType.Text;  //防止这样注入 delete from 课程表 where 课程号=1 or 1=1

            System.Data.SqlClient.SqlParameter p = new System.Data.SqlClient.SqlParameter("@课程号", SqlDbType.Int, 4);
            p.Value = KeChengHao;

            cmd.Parameters.Add(p);

            con.Open();
            int changeline = cmd.ExecuteNonQuery();
            con.Close();

            label2.Text = "数据库更改行数" + changeline.ToString();

posted on 2008-03-01 23:34  阿春  阅读(158)  评论(0编辑  收藏  举报