ADO.NET prepare statemet && sqlparameter arrary as parameter receive variable

原创 于 2010-11-24 17:05:43 发布 · 141 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#.net #SQL #UI #Web

本文通过两个ASP.NET示例展示了如何使用SQL参数化来插入数据和查询数据,包括设置连接字符串、创建SQL命令及参数,并处理异常。 
public partial class Default2 : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        
        SqlConnection myConnection = new SqlConnection();
        myConnection.ConnectionString = "Data Source=10.225.106.27;Initial Catalog=Ticket;User ID=sa;password=password_1"; //define conn str
        myConnection.Open();
        SqlCommand cmd = new SqlCommand("insert into dbo.Ticket values(@p1,@p2,@p3,@p4)", myConnection); //bulid command
        cmd.Prepare(); //prepare begin
        SqlParameter p1 = new SqlParameter("@p1", SqlDbType.VarChar);
        p1.Value = "3"; // matching and evaluate
        cmd.Parameters.Add(p1);
        SqlParameter p2 = new SqlParameter("@p2", SqlDbType.VarChar);
        p2.Value = "ok";
        cmd.Parameters.Add(p2);
        SqlParameter p3 = new SqlParameter("@p3", SqlDbType.VarChar);
        p3.Value = "isee";
        cmd.Parameters.Add(p3);
        SqlParameter p4 = new SqlParameter("@p4", SqlDbType.VarChar);
        p4.Value = "success";
        cmd.Parameters.Add(p4);
        cmd.ExecuteNonQuery();  // execute
      }
}
//* this case haven't try & catch block,just for demonstrating prepare statement in order to avoid some sql hard to write
sqlparameter arrary as parameter  receive variable

 

public partial class Default6 : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        SqlConnection conn = new SqlConnection();
        conn.ConnectionString = "Data Source=10.225.106.27;Initial Catalog=Ticket;User ID=sa;password=password_1";
        try
        {
            conn.Open();
            DataSet ds = new DataSet();
            string sql = "select * from dbo.Ticket where TicketNo = @id";

            SqlParameter[] prams = new SqlParameter[1];
            prams[0] = new SqlParameter("@id", DbType.String);
            prams[0].Value = '1';
            ds = Excute(conn, sql, prams);
            foreach (DataRow dr in ds.Tables[0].Rows)
            {
                object value = dr["IndentType"];
                Response.Write(value.ToString());

            }
        }
        
        catch (Exception)
        {

            throw;
        }
        finally
        {
            if (conn.State == ConnectionState.Open)
            {
                conn.Close();
            }
        }
       
        
    }
    private DataSet Excute(SqlConnection conn ,string sql ,SqlParameter[] paras)
    {
        DataSet ds = new DataSet();

        SqlDataAdapter adapter = new SqlDataAdapter();
        SqlCommand cmd = new SqlCommand(sql,conn);
      
        if (paras != null)
        {
            foreach (SqlParameter para in paras)
                cmd.Parameters.Add(para);
        }
        adapter.SelectCommand = cmd;
       
        adapter.Fill(ds);
        return ds;
    }

}

 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值