在执行数据库操作时,用参数是很方便的,如:
1。sql server 数据库
SELECT top 5 *
FROM products
WHERE Id = @Id
SqlConnection conn = new SqlConnection();
conn.ConnectionString = "";
conn.Open();
SqlCommand cmd = conn.CreateCommand( );
cmd.Parameters.Clear();
//传入
cmd.Parameters.Add( "@Id", SqlDbType.Int ).Value = id;
//输出
cmd.Parameters.Add( "@OutId", SqlDbType.VarChar, 100 ).Direction = ParameterDirection.Output;
2。oracle
SELECT *
FROM products
WHERE Id = :Id and rownum <10
OracleConnection conn = new OracleConnection();
conn.ConnectionString = "";
OracleCommand cmd = conn.CreateCommand();
cmd.Parameters.Add( ":Id", OracleType.Int32 ).Value = Id;
3.mysql
SELECT *
FROM products
WHERE Id = ?Id
MySqlConnection conn = new MySqlConnection();
conn.ConnectionString = "";
MySqlCommand cmd = conn.CreateCommand();
cmd.Parameters.Add( "?Id", MySqlDbType.Int32 ).Value = Id;
oracle 和 mysql 的输出参数还没有测试!!