SqlParameter

string strSql = "Insert into News(TypeId,NewsCaption,NewsContent) values(@TypeId,@NewsCaption,@NewsContent)";
   SqlParameter[] paras ={
    new SqlParameter("@TypeId",SqlDbType.Int),
    new SqlParameter("@NewsCaption",SqlDbType.NVarChar,200),
    new SqlParameter("@NewsContent",SqlDbType.NText)
   };
   paras[0].Value = typeId;
   paras[1].Value = caption;
   paras[2].Value = content;

   int rows = new SqlHelp().ExecuteNonQuery(strSql, paras);

 

 

public SqlHelp() {
      connString = ConfigurationManager.AppSettings["sqlServer2005DbName"];

 }

 

public int ExecuteNonQuery(string strQuery, SqlParameter[] paras) {
  int rows = 0; //影响行数
  try {
   using (SqlConnection conn = new SqlConnection(connString)) {
    using (SqlCommand command = new SqlCommand()) {
     PrepareCommand(conn, command, strQuery, paras);
     rows = command.ExecuteNonQuery();
     return rows;
    }
   }
  } catch {
   throw;
  }
 }

 

//带参数的DML操作
 private void PrepareCommand(SqlConnection conn, SqlCommand command, string strQuery, SqlParameter[] paras) {
  if (conn.State != ConnectionState.Open) {
   conn.Open();
  }
  command.Connection = conn;
  command.CommandText = strQuery;
  command.CommandType = CommandType.Text;
  if (paras != null) {
   foreach (SqlParameter parm in paras)
    command.Parameters.Add(parm);
  }
 }

你可能感兴趣的:(String,command,null,insert,sqlserver)