Every day is wonderful

分享与创新 并大胆的去尝试新鲜事物。。。。

asp.net的简易的参数化查询

2021-04-21 0 Comments 343 Views 0 Times 
protected void btnInsert_Click(object sender, EventArgs e)
     {
        string sql = "insert into contactgroup(groupname,memo) values(@groupName,@memo)";
        string groupName = txtGroupName.Text.Trim();
         string memo = txtMemo.Text.Trim();
        if (groupName != "" || memo != "")
        {
            using (SqlConnection conn = new SqlConnection(DBHelper.ContactsConnstr))
            {
                 conn.Open();
                 SqlCommand cmd = new SqlCommand(sql, conn);
                 cmd.Parameters.AddWithValue("@groupName", groupName);
                 cmd.Parameters.AddWithValue("@memo", memo);
                if (cmd.ExecuteNonQuery() > 0)
                 {
                     Response.Write("成功写入!");
                }
                 else
                 {
                     Response.Write("写入失败!");
                }
             }
        }
         else
         {
            Response.Write("输入不能为空!");
            txtGroupName.Focus();
         } 
     }
点赞
No Tag

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注