SqlParameter类——带参数的SQL语句

时间:2023-03-09 07:29:52
SqlParameter类——带参数的SQL语句

http://blog.csdn.net/woshixuye/article/details/7218770

SqlParameter 类

表示 SqlCommand 的参数,也可以是它到 DataSet 列的映射。无法继承此类。

命名空间:  System.Data.SqlClient

程序集:  System.Data(在 System.Data.dll 中)

举例1

string strconn = "Data Source=xxx;user id=sa;pwd=;initial catalog=gltest";
        SqlConnection Conn = new SqlConnection(strconn);
        Conn.Open();

// 声明参数
        string sql = "insert into users(name,pwd) values (@name,@pwd)";
        SqlCommand cmd = new SqlCommand(sql, Conn);

// 添加参数
        cmd.Parameters.Add(new SqlParameter("@name", SqlDbType.NVarChar, 50));
       cmd.Parameters.Add(new SqlParameter("@pwd", SqlDbType.NVarChar, 50));

// 为参数赋值
        cmd.Parameters["@name"].Value = this.TextBox1.Text;
       cmd.Parameters["@pwd"].Value = this.TextBox2.Text;


        cmd.ExecuteNonQuery();
        Conn.Close();

comm.Parameters.Add()添加参数到参数集即(添加参数列表),add里面的第一个参数是要添加的参数名,第二个参数是参数的数据类型Parameters的作用就是把存储过程执行结束后得到的参数传到程序里。

第一个是参数名,第二个是参数类型,第三个是长度

举例二:

/// <summary>
        /// 更新一条数据
        /// </summary>
        public bool Update(Model.MonitoringPointsStatusInfo model)
        {
            StringBuilder strSql = new StringBuilder();
            strSql.Append("update TB_MonitoringPointsStatus set ");
            strSql.Append("PointID=@PointID,");
            strSql.Append("PointName=@PointName,");
            strSql.Append("Date=@Date,");
            strSql.Append("DangerousLevel=@DangerousLevel,");
            strSql.Append("IsUpload=@IsUpload,");
            strSql.Append("IsCheck=@IsCheck,");
            strSql.Append("IsSafe=@IsSafe,");
            strSql.Append("CycleTime=@CycleTime,");
            strSql.Append("ColumnValue=@ColumnValue,");
 
            strSql.Append("IsApproval=@IsApproval,");
            strSql.Append("CheckUser=@CheckUser,");
            strSql.Append("CheckRealName=@CheckRealName,");
            strSql.Append("Note=@Note");

strSql.Append(" where ID=@ID");
            SqlParameter[] parameters = {
                         new SqlParameter("@ID", SqlDbType.Int,4),
                         new SqlParameter("@PointID", SqlDbType.Int,4),
                         new SqlParameter("@PointName", SqlDbType.NVarChar,50),
                         new SqlParameter("@Date", SqlDbType.DateTime),
                         new SqlParameter("@DangerousLevel", SqlDbType.Char,1),
                         new SqlParameter("@IsUpload", SqlDbType.Bit,1),
                         new SqlParameter("@IsCheck", SqlDbType.Bit,1),
                         new SqlParameter("@CycleTime",SqlDbType.Char,12),
                         new SqlParameter("@IsSafe", SqlDbType.Bit,1),
                         new SqlParameter("@ColumnValue", SqlDbType.Int),

new SqlParameter("@IsApproval", SqlDbType.Bit,1),
                         new SqlParameter("@CheckUser", SqlDbType.Int),
                         new SqlParameter("@CheckRealName", SqlDbType.NVarChar,50),
                         new SqlParameter("@Note", SqlDbType.Text)
                                        };

parameters[0].Value = model.ID;
            parameters[1].Value = model.PointID;
            parameters[2].Value = model.PointName;
            parameters[3].Value = model.Date;
            parameters[4].Value = model.DangerousLevel;
            parameters[5].Value = model.IsUpload;
            parameters[6].Value = model.IsCheck;
            parameters[7].Value = model.CycleTime;
            parameters[8].Value = model.IsSafe;
            parameters[9].Value = model.ColumnValue;

parameters[10].Value = model.IsApproval;
            parameters[11].Value = model.CheckUser;
            parameters[12].Value = model.CheckRealName;
            parameters[13].Value = model.Note;

int rows = DBHelper.ExecuteSql(strSql.ToString(), parameters);
            if (rows > 0)
            {
                return true;
            }
            else
            {
                return false;
            }
        }

参考博客:http://liuyuanjian82.blog.163.com/blog/static/40093839200942732222918/