string sql = "SELECT * FROM table WHERE (D_DealerID=@DealerID and sss=@sid)";
string connectionStr = "Data Source=127.0.0.1;Initial Catalog=dbName;uid=sa;password=sa123456";
using (SqlConnection connection = new SqlConnection(connectionStr))
{
SqlCommand command = new SqlCommand();
command.CommandText = sql;
command.Connection = connection;
command.Parameters.Add(new SqlParameter("@DealerID", SqlDbType.VarChar)).Value = dealerId;
command.Parameters.Add(new SqlParameter("@sid", SqlDbType.VarChar)).Value = sid;
connection.Open();
using (SqlDataReader reader = command.ExecuteReader())
{
while (reader.Read())
{
if (false == reader.IsDBNull(0))
{
fullName = reader.GetString(0);
}
}
}
}
记录一下