SqlParameter类——带参数的SQL语句
SqlParameter 类
表示 SqlCommand 的参数,也可以是它到 DataSet 列的映射。无法继承此类。
命名空间: System.Data.SqlClient
程序集: System.Data(在 System.Data.dll 中)
举例1
string strconn = "Data Source=xxx;user id=sa;pwd=;initial catalog=gltest";
SqlConnection Conn = new SqlConnection(strconn);
Conn.Open();
// 声明参数
string sql = "insert into users(name,pwd) values (@name,@pwd)";
SqlCommand cmd = new SqlCommand(sql, Conn);
// 添加参数
cmd.Parameters.Add(new SqlParameter("@name", SqlDbType.NVarChar, 50));
cmd.Parameters.Add(new SqlParameter("@pwd", SqlDbType.NVarChar, 50));
// 为参数赋值
cmd.Parameters["@name"].Value = this.TextBox1.Text;
cmd.Parameters["@pwd"].Value = this.TextBox2.Text;
cmd.ExecuteNonQuery();
Conn.Close();
comm.Parameters.Add()添加参数到参数集即(添加参数列表),add里面的第一个参数是要添加的参数名,第二个参数是参数的数据类型Parameters的作用就是把存储过程执行结束后得到的参数传到程序里。
第一个是参数名,第二个是参数类型,第三个是长度
举例二:
/// <summary>
/// 更新一条数据
/// </summary>
public bool Update(Model.MonitoringPointsStatusInfo model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update TB_MonitoringPointsStatus set ");
strSql.Append("PointID=@PointID,");
strSql.Append("PointName=@PointName,");
strSql.Append("Date=@Date,");
strSql.Append("DangerousLevel=@DangerousLevel,");
strSql.Append("IsUpload=@IsUpload,");
strSql.Append("IsCheck=@IsCheck,");
strSql.Append("IsSafe=@IsSafe,");
strSql.Append("CycleTime=@CycleTime,");
strSql.Append("ColumnValue=@ColumnValue,");
strSql.Append("IsApproval=@IsApproval,");
strSql.Append("CheckUser=@CheckUser,");
strSql.Append("CheckRealName=@CheckRealName,");
strSql.Append("Note=@Note");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters = {
new SqlParameter("@ID", SqlDbType.Int,4),
new SqlParameter("@PointID", SqlDbType.Int,4),
new SqlParameter("@PointName", SqlDbType.NVarChar,50),
new SqlParameter("@Date", SqlDbType.DateTime),
new SqlParameter("@DangerousLevel", SqlDbType.Char,1),
new SqlParameter("@IsUpload", SqlDbType.Bit,1),
new SqlParameter("@IsCheck", SqlDbType.Bit,1),
new SqlParameter("@CycleTime",SqlDbType.Char,12),
new SqlParameter("@IsSafe", SqlDbType.Bit,1),
new SqlParameter("@ColumnValue", SqlDbType.Int),
new SqlParameter("@IsApproval", SqlDbType.Bit,1),
new SqlParameter("@CheckUser", SqlDbType.Int),
new SqlParameter("@CheckRealName", SqlDbType.NVarChar,50),
new SqlParameter("@Note", SqlDbType.Text)
};
parameters[0].Value = model.ID;
parameters[1].Value = model.PointID;
parameters[2].Value = model.PointName;
parameters[3].Value = model.Date;
parameters[4].Value = model.DangerousLevel;
parameters[5].Value = model.IsUpload;
parameters[6].Value = model.IsCheck;
parameters[7].Value = model.CycleTime;
parameters[8].Value = model.IsSafe;
parameters[9].Value = model.ColumnValue;
parameters[10].Value = model.IsApproval;
parameters[11].Value = model.CheckUser;
parameters[12].Value = model.CheckRealName;
parameters[13].Value = model.Note;
int rows = DBHelper.ExecuteSql(strSql.ToString(), parameters);
if (rows > 0)
{
return true;
}
else
{
return false;
}
}
参考博客:http://liuyuanjian82.blog.163.com/blog/static/40093839200942732222918/