使用ADO.NET执行带参数的Sql语句

不带参数的SQL语句

---

重载通用Update方法

  /// 

        /// 执行增、删、改 (带参数的SQL语句)
        /// 
        /// 
        /// 
        /// 
        public static int Update(string sql,SqlParameter[] parameter)
        {
            SqlConnection conn = new SqlConnection(connString);
            SqlCommand cmd = new SqlCommand(sql, conn);
            try
            {
                conn.Open();
                cmd.Parameters.AddRange(parameter);//添加参数数组
                return cmd.ExecuteNonQuery();
            }
            catch (Exception ex)
            {

                throw ex;
            }
            finally
            {
                conn.Close();
            }

        }

---

编写带参数的SQL语句

  string sql = "insert into Students (StudentName,Age,Gender,Birthday,";
            sql += "CardNo,ClassId,StudentIdNo,PhoneNumber,StudentAddress,StuImage) ";
            sql += " Values(@StudentName,@Age,@Gender,@Birthday,@CardNo,@ClassId,";
            sql += "@StudentIdNo,@PhoneNumber,@StudentAddress,@StuImage)";
            //创建参数数组
            SqlParameter[] parameter = new SqlParameter[]
            {
                new SqlParameter("@StudentName",objStudent.StudentName),
                new SqlParameter("@Age",objStudent.Age),
                new SqlParameter("@Gender",objStudent.Gender),
                new SqlParameter("@Birthday",objStudent.Birthday),
                new SqlParameter("@CardNo",objStudent.CardNo),
                new SqlParameter("@ClassId",objStudent.ClassId),
                new SqlParameter("@StudentIdNo",objStudent.StudentIdNo),
                new SqlParameter("@PhoneNumber",objStudent.PhoneNumber),
                new SqlParameter("@StudentAddress",objStudent.StudentAddress),
                new SqlParameter("@StuImage",objStudent.StuImage)
            };
            try
            {                           //调用带参数方法
                return SQLHelper.Update(sql,parameter);
            }
            catch (Exception ex)
            {
                throw new Exception("保存数据出现问题" + ex.Message);
            }

---

调试