int Id =1; string Name="lui"; cmd.CommandText="insert into TUserLogin values(@Id,@Name)"; //上条语句中直接在sql语句中写添加的参数名,不论参数类型都是如此. SqlParameter para=new SqlParameter("@Id",SqlDbType.int,4);//生成一个名字为@Id的参数,必须以@开头表示是添加的参数,并设置其类型长度,类型长度与数据库中对应字段相同 para.Value=Id;//给参数赋值 cmd.Parameters.Add(para);//必须把参数变量添加到命令对象中去。 //以下类似 para=new SqlParameter("@Name",SqlDbType.VarChar,16); para.Value=Name; com.Parameters.Add(para);
一、Add方法
SqlParameter sp = new SqlParameter("@name","Pudding"); cmd.Parameters.Add(sp); sp = new SqlParameter("@ID","1"); cmd.Parameters.Add(sp);二、AddRange方法
SqlParameter[] paras = new SqlParameter[] { new SqlParameter("@name","Pudding"),new SqlParameter("@ID","1") }; cmd.Parameters.AddRange(paras);
//获取学生登陆名和密码 public static DataTable GetLoginInformation(string studentNumber,string studentPassword) { //bool success = false; DbCommand dbComm = SqlHelper.CreateDbCommand(); dbComm.CommandText = "UserInformationOfLogining"; //第一个参数 DbParameter param = dbComm.CreateParameter(); param.ParameterName = "@StudentNumber"; param.Value = studentNumber; param.DbType = DbType.String; dbComm.Parameters.Add(param); //第二个参数 param = dbComm.CreateParameter(); param.ParameterName = "@StudentPassword"; param.Value = studentPassword; param.DbType = DbType.String; dbComm.Parameters.Add(param); //执行存储过程 DataTable table = SqlHelper.ExecuteSelectCommand(dbComm); return table; }