现有一条select语句:
string sql = "select "
+ "*"
+" from book where SH_ID = "
+ id
需要变成如下形式
string sql = "select "
+ "*"
+ " from book where SH_ID = id";
即将id包含到大括号里面但是C#会将所有用“”括起来的部分当成一个字符串,但是id是一个string的变量,如何能在执行这条SQL语句的时候让id变成变量里的值呢??
string sql = "select "
+ "*"
+" from book where SH_ID = "
+ id
需要变成如下形式
string sql = "select "
+ "*"
+ " from book where SH_ID = id";
即将id包含到大括号里面但是C#会将所有用“”括起来的部分当成一个字符串,但是id是一个string的变量,如何能在执行这条SQL语句的时候让id变成变量里的值呢??
+ "*"
+ " from book where SH_ID = "+id;
sql += " and SH_ID ="+id;
+ "*"
+ " from book where SH_ID = "+id+" ";
这就包括在里面了.不过这是多余的,没必要.
strSql.Append("uGUID,ParameterCode,ParameterName,Canceled,Locked,CreateTime,UpdateTime,PrivateKey,PublicKey)");
strSql.Append(" values (");
strSql.Append("@uGUID,@ParameterCode,@ParameterName,@Canceled,@Locked,@CreateTime,@UpdateTime,@PrivateKey,@PublicKey)");
SqlParameter[] parameters = {
new SqlParameter("@uGUID", SqlDbType.UniqueIdentifier,16),
new SqlParameter("@ParameterCode", SqlDbType.VarChar,30),
new SqlParameter("@ParameterName", SqlDbType.VarChar,200),
new SqlParameter("@Canceled", SqlDbType.Bit,1),
new SqlParameter("@Locked", SqlDbType.Bit,1),
new SqlParameter("@CreateTime", SqlDbType.SmallDateTime),
new SqlParameter("@UpdateTime", SqlDbType.SmallDateTime),
new SqlParameter("@PrivateKey", SqlDbType.Text),
new SqlParameter("@PublicKey", SqlDbType.Text)};
parameters[0].Value = model.uGUID;
parameters[1].Value = model.ParameterCode;
parameters[2].Value = model.ParameterName;
parameters[3].Value = model.Canceled;
parameters[4].Value = model.Locked;
parameters[5].Value = model.CreateTime;
parameters[6].Value = model.UpdateTime;
parameters[7].Value = model.PrivateKey;
parameters[8].Value = model.PublicKey;
string sql = "select "
+ "*"
+ " from book where SH_ID = {0}";string.format(sql,id);
是这样吗?
生成的SQL是select from book where SH_ID = id
这样的
string sql = "select "
+ "*"
+ " from book where SH_ID = ?";
有没有高手给讲解一下这什么意思啊……
其实和你第一次写的一样效果,只是另一种写法
string sql=string.Format("select * from book where sh_id='{0}'",id)
2.command.CommandText = "select ID, name, password, type from users where name = @name and password = @password ";
command.Parameters.Add("@name", SqlDbType.NVarChar).Value = TextBox1.Text;
command.Parameters.Add("@password", SqlDbType.NVarChar).Value = TextBox2.Text;