涓嶅悓鐨勬暟鎹彁渚涚▼搴忥紝鍙傛暟鍖栨暟鎹懡浠ょ殑璇硶鏄笉鍚岀殑銆傚浜巗qlserver鏁版嵁鎻愪緵紼嬪簭錛屽弬鏁板寲鐨勬暟鎹懡浠ゆ槸浣跨敤鍞竴鐨勫懡鍚嶅崰浣嶇浣滀負鍙傛暟銆傚弬鏁板悕鍙互浠繪剰閫夊彇錛屼絾鏄繀欏繪槸浠瀛楃寮澶淬傞氬父鎯呭喌涓嬫垜浠槸浠ュ瓧孌靛悕浣滀負鐩稿簲鐨勫弬鏁板悕錛堟瘮濡備笂闈㈢殑璇彞涓嬌鐢ˊcustomerID浣滀負customerID瀛楁鐨勫弬鏁板悕錛夈俹le DB鏁版嵁鎻愪緵紼嬪簭鍒欓噰鐢ㄤ簡涓嶅悓鐨勮娉曘傚畠瑕佹眰姣忎竴涓弬鏁頒嬌鐢ㄤ竴涓棶鍙鳳紙錛燂級鏉ヨ〃紺猴紝鍦ㄥ叾sql璇彞涓紝鍙傛暟騫朵笉鏄氳繃鍙傛暟鍚嶆潵鏍囪瘑鐨勶紝鑰屾槸鏍規嵁鍙傛暟鍦╯ql璇彞涓嚭鐜扮殑浣嶇疆鏉ユ爣璇嗙殑銆傚涓嬮潰錛歴elect * from customers where customerID=?
鏃犺鐢ㄥ摢縐嶆柟寮忔潵鏍囪瘑鏁版嵁鍛戒護涓殑鍙傛暟錛岄兘闇瑕佷負sql璇彞涓殑姣忎竴涓弬鏁版彁渚涚浉搴旂殑Parameter瀵硅薄錛屾瘡涓涓狿arameter瀵硅薄閮藉皢琚坊鍔犲埌Command.Parameters鍙傛暟闆嗗悎涓傚浜巓le DB鏁版嵁鎻愪緵紼嬪簭錛屼竴瀹氳鎸夌収鍙傛暟鍦╯ql璇彞涓嚭鐜扮殑欏哄簭鏉ユ坊鍔犵浉搴旂殑Parameter瀵硅薄銆傚浜巗ql銆server鏁版嵁鎻愪緵紼嬪簭鏉ヨ錛屾坊鍔犲弬鏁扮殑欏哄簭鏄棤鍏崇揣瑕佺殑錛屽洜涓哄弬鏁板皢鏍規嵁鍙傛暟鍚嶆潵鍖歸厤鐩稿簲鐨勫崰浣嶇銆?/p>
protected void cmdInsert_Click(object sender, EventArgs e)
{
string insertSQL;
insertSQL="insert into authors(";
insertSQL+="au_id,au_fname,au_lname, contract ) ";
insertSQL+="values(@au_id,@au_fname,@au_lname,@contract)";
sqlConnection con=new sqlConnection(connectionstring);
sqlCommand cmd=new sqlCommand(insertSQL,con);
//娣誨姞鐩稿簲鐨勫弬鏁?/p>
cmd.Parameters.AddWithValue("@au_id",txtID.text);
cmd.Parameters.AddWithValue("@au_fname",txtFirstName.text);
cmd.Parameters.AddWithValue("@au_lname",txtLastName.text);
cmd.Parameters.AddWithValue("@ contract ",Convert.ToInt16(chkContract.Checked));
int added=0;
try
{
con.Open();
added=cmd.ExecuteNonQuery();
lblstatus.Text=added.ToString()+"鏉¤褰曞凡鎻掑叆";
}
銆Catch(Exception err)
{
lblstatus.Text="閿欒錛?+err.Message;
}
銆銆銆銆finally
{
con.Close();
}
}
浣跨敤鍙傛暟鍖栫殑鏁版嵁鍛戒護錛屽弬鏁板煎凡緇忎粠sql鍛戒護涓Щ闄わ紝騫舵坊鍔犲埌浜哖arameters闆嗗悎涓傝繖鏍鳳紝鍦ㄥ弬鏁板間腑鍑虹幇鐨勫紩鍙鋒垨鑰卻ql璇彞鐗囨灝嗕笉浼氬sql鍛戒護鐨勬墽琛岄犳垚浠諱綍闂銆傝繖鏍蜂篃灝卞彲浠ラ槻sql娉ㄥ叆寮忔敾鍑匯?/p>
澧炪佸垹銆佹敼鍔熻兘閮藉彲浠ョ敤榪欑鍙傛暟鍖栨暟鎹懡浠ゅ啓sql璇彞銆?/p>