C#中SQL语句的参数写法
- MySql语句参数写法总结:
前者不支持参数,后者支持,这是我测试的结果;
2.参数变量使用跟SqlServer一样,只需把@变为?,
如,mysql中写为:insert into test values (?id,?title,?type,now())";
3.使用mysql-connector-net驱动很简单,到网上下载mysql-connector-net-5.2.3-src,
解压后,把mysql.data.dll添加到项目的bin文件夹即可使用;
4.连接本机mysql数据库方法例子如下:
string connStr = "server=localhost;user id=root; password=yourPassword;database=yourDatabase";
MySqlConnection conn = new MySqlConnection(connStr);
下面附上测试通过的代码:
string connStr = "server=localhost;user id=root; password=***; database=test";
MySqlConnection conn = new MySqlConnection(connStr);
if (conn != null)
conn.Open();
else
return;
string SQL_INSERT_TOPIC = "insert into test values (null,?title,?type,now())";
string PARM_TITLE = "?title";
string PARM_TYPE = "?type";
MySqlParameter[] parms = new MySqlParameter[]
{
new MySqlParameter(PARM_TITLE,MySqlDbType.VarChar,80),
new MySqlParameter(PARM_TYPE,MySqlDbType.VarChar,1)
};
parms[0].Value = "welcome to beijing";
parms[1].Value = "C";
MySqlCommand cmd = new MySqlCommand();
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
cmd.CommandText = SQL_INSERT_TOPIC;
foreach (MySqlParameter pram in parms)
cmd.Parameters.Add(pram);
cmd.ExecuteNonQuery();
conn.Close();
还可以这样写:
MySqlParameter name = new MySqlParameter("?name", txtName.Text);
command.Parameters.Add(name);
command.Parameters.AddWithValue("?sex", cmbSex.Text);
- C#中SQL语句参数写法
leConnection oc=new OracleConnection("data source=osserver;User Id=****;password=**");
OracleCommand cmd=new OracleCommand("insert into cym1.uploadfile (filename,filecontent) values (:filename,:filecontent)",oc);
OracleParameter op1=new OracleParameter("filename",OracleType.VarChar,256);
OracleParameter op2=new OracleParameter("filecontent",OracleType.Blob,filedata.Length);
op1.Value=System.IO.Path.GetFileName(File1.Value);
cmd.Parameters.Add(op1);
op2.Value=filedata;
cmd.Parameters.Add(op2);
oc.Open();
cmd.ExecuteNonQuery();
oc.Close();
在ORACLE中,SQL语句参数是:+参数名,
insert into cym1.uploadfile (filename,filecontent) values (:filename,:filecontent)
在定义此参数的参数变量里面参数名不用写:
OracleParameter op1=new OracleParameter("filename",OracleType.VarChar,256);
SqlConnection conn=new SqlConnection("data source=ccserver;user id=sa;password=****;initial catalog=cym1");
SqlCommand cmd =new SqlCommand("insert into uploadfile (filename) values (@filename)",conn);
SqlParameter sp=new SqlParameter("@filename",SqlDbType.VarChar,256);
sp.Value="1.jpg";
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
在SQLSERVER中,SQL语句参数是@+参数名,
insert into uploadfile (filename) values (@filename)
在定义此参数的参数变量里面参数要写@
SqlParameter sp=new SqlParameter("@filename",SqlDbType.VarChar,256);
string id = "zawp";
string name = "wwwwwww";
string strCon = @"Data Source=(local);Integrated Security=SSPI;Initial Catalog =northwind";
// 直接在sql语句中写添加的参数名,这里没有做任何类型验证,在定义参数时需要准确的类型定义和长度设置
string delegeSql = "insert into Customers(CompanyName,CustomerID) values(@Name,@id)";
SqlConnection strConn = new SqlConnection(strCon);
strConn.Open();
SqlDataAdapter thisAdapter = new SqlDataAdapter(delegeSql, strCon);
SqlCommandBuilder thisBuilder = new SqlCommandBuilder(thisAdapter);
Console.WriteLine(thisAdapter.SelectCommand.CommandText);
SqlCommand strComm = new SqlCommand(delegeSql, strConn);
//生成一个名字为@Id的参数,在这里必须要准确设定参数类型和类型长度,并且必须以@开头表示是添加的参数
//注意可以用一个SqlParameter对像来添加多个参数,并且这里的参数定义、添加可以不安照sql语句里参数值的顺序(如果是存储过程的话,要注意顺序)
SqlParameter para = new SqlParameter("@id", SqlDbType.NChar, 5);
para.Value = id;
strComm.Parameters.Add(para);
para = new SqlParameter("@name", SqlDbType.NVarChar, 40);
para.Value = name;
strComm.Parameters.Add(para);
strComm.ExecuteNonQuery();
strConn.Close();