带参数的Command的执行

一个参数的执行:

string sqlstr = "select count(*) from Users where UserName = @Username";
   //打开数据库连接
conn.Open();
  //创建命令对象
SqlCommand cmd = new SqlCommand(sqlstr, conn);
  //判断SqlCommand对象的ExecuteScalar方法返回的参数是否大于0,大于0说明用户已经存在
cmd.Parameters.AddWithValue("@Username", username);

多个参数的执行:

       //string sql = "insert into Users(UserName,UserSex,Password,Email,PassQuestion,PassAnswer) values( '" + userName + "','" + Sex + "','" + passWord + "','" + emailAddress + "','" + tishiQuesetion + "','" + tishiPassWord + "')";
        string sql ="insert into Users(UserName,UserSex,Password,Email,PassQuestion,PassAnswer) values(@username,@usersex,@password,@email,@passQuestion,@passAnswer)";
                conn.Open();
                SqlCommand cmd = new SqlCommand(sql, conn);
                cmd.Parameters.AddWithValue("@username", userName);
                cmd.Parameters.AddWithValue("@usersex", Sex);
                cmd.Parameters.AddWithValue("@password", passWord);
                cmd.Parameters.AddWithValue("@email", emailAddress);
                cmd.Parameters.AddWithValue("@passQuestion", tishiQuesetion);
                cmd.Parameters.AddWithValue("@passAnswer", tishiPassWord);
                if (Convert.ToInt32(cmd.ExecuteNonQuery()) > 0)
                {
                    Response.Write("<script>alert('恭喜你注册成功!')</script>");
                }
                else
                {
                    Response.Write("<script>alert('注册失败!')</script>");
                }
                conn.Close();

posted @ 2011-08-23 15:52  王永华  阅读(492)  评论(0编辑  收藏  举报