//string BYSql = "select * from T_ZY01_PRODUCT where cellcode=:CELLCODE";
//using (OracleCommand cmd = new OracleCommand())
//{
// OracleParameter oracleParameter = new OracleParameter(":CELLCODE", OracleDbType.Varchar2);
// oracleParameter.Value = lab_cellcode;
// cmd.Parameters.Add(oracleParameter);
// cmd.ExecuteNonQuery();
//}
c#防止注入SQL语句写法
最新推荐文章于 2024-05-10 16:38:29 发布