祝大家好,我正在使用Visual C#2010和MySQL版本5.1.48社区。我希望你能帮我解决这个问题。我发现它不适合我。我错过了什么?
string connString = ConfigurationManager.ConnectionStrings["default"].ConnectionString;
MySqlConnection conn = new MySqlConnection(connString);
conn.Open();
MySqlCommand comm = conn.CreateCommand();
comm.CommandText = "INSERT INTO room(person,address) VALUES(@person, @address)";
comm.Parameters.Add("@person", "Myname");
comm.Parameters.Add("@address", "Myaddress");
comm.ExecuteNonQuery();
conn.Close();
当我尝试编译它。它说:
Person column cannot be null
编辑:
但是,当我尝试这个代码。
comm.CommandText = "INSERT INTO room(person,address) VALUES('Myname', 'Myaddress')";
但是这段代码很容易受到sql注入攻击,但它有效,不会给我一个错误。
编辑:
我试着用这个。我发现它here所以我认为它会工作,但给了我这个错误
Index (zero based) must be greater than or equal to zero and less than
the size of the argument list.
任何想法?
string a = "myname";
MySqlCommand cmd = new MySqlCommand();
cmd.Connection = conn;
cmd.CommandText = "INSERT INTO room(person,address) VALUES(?,?)";
//cmd.Prepare();
cmd.Parameters.Add("person", MySqlDbType.VarChar).Value = a;
cmd.Parameters.Add("address", MySqlDbType.VarChar).Value = "myaddress";
cmd.ExecuteNonQuery(); // HERE I GOT AN EXCEPTION IN THIS LINE
任何帮助将非常感激。
编辑:
解决了
我用过这段代码:
cmd.CommandText = "INSERT INTO room(person,address) VALUES(?person,?address)";
cmd.Parameters.Add("?person", MySqlDbType.VarChar).Value = "myname";
cmd.Parameters.Add("?address", MySqlDbType.VarChar).Value = "myaddress";
cmd.ExecuteNonQuery();
谢谢!