方式一
SqlCommand command = new SqlCommand(sqlStr, DB.conn);
command.Parameters.Add("@Username", SqlDbType.VarChar);
command.Parameters.Add("@Pasword", SqlDbType.VarChar);
command.Parameters["@Username"].Value = loginId;
command.Parameters["@Pasword"].Value = loginPwd;
方式二
SqlCommand command = new SqlCommand();
command.Connection = DB.conn;
command.CommandText = sqlStr;
command.Parameters.Add(new SqlParameter("@Username", loginId));
command.Parameters.Add(new SqlParameter("@Pasword", loginPwd));
方式三
Sqlcommand cmd=new Sqlcommand(sqlStr, DB.conn);
cmd.parameters.add("@Username",DbType.varchar).value=loginId;
cmd.parameters.add("@Pasword",DbType.varchar).value=loginPwd;
方式四
Sqlcommand cmd=new Sqlcommand(sqlStr, DB.conn);
cmd.parameters.addwithvalue("@Username",loginId);
cmd.parameters.addwithvalue("@Pasword",loginPwd);
方式五
Sqlcommand cmd=new Sqlcommand(sqlStr, DB.conn);
SqlParameter para1=new SqlParameter("@Username",SqlDbType.VarChar,16);
para1.Value=loginId;
cmd.Parameters.Add(para1);
SqlParameter para2=new SqlParameter("@Pasword",SqlDbType.VarChar,16);
para2.Value=loginPwd;
cmd.Parameters.Add(para2);
方式六
SqlParameter[] parms = new SqlParameter[]
{
new SqlParameter("@Username", SqlDbType.NVarChar,20),
new SqlParameter("@Pasword", SqlDbType.NVarChar,20),
};
SqlCommand cmd = new SqlCommand(sqlStr, DB.conn);
// 依次给参数赋值
parms[0].Value = loginId;
parms[1].Value = loginPwd;
//将参数添加到SqlCommand命令中
foreach (SqlParameter parm in parms)
{
cmd.Parameters.Add(parm);
}
参考资料: SqlParameter用法 http://www.studyofnet.com/news/763.html