我遇到下面参数绑定的问题。连接有效,因为我在不使用参数的情况下测试了它。但是,执行前查询的值仍然使用'@userName'而不是'jsmith'。
有什么问题?这不是绕过绑定的正确方法吗?
public static String GetFullName(String domainUser)
{
DataTable dT;
String fullName = "";
OracleConnection db = DatabaseAdapter.GetConn();
db.Open();
OracleCommand oraCommand = new OracleCommand("SELECT fullname FROM user_profile WHERE domain_user_name = '@userName'", db);
oraCommand.BindByName = true;
oraCommand.Parameters.Add(new OracleParameter("@userName", domainUser));
OracleDataReader oraReader = null;
oraReader = oraCommand.ExecuteReader();
if (oraReader.HasRows)
{
while (oraReader.Read())
{
fullName = oraReader.GetString(0);
}
}
else
{
return "No Rows Found";
}
oraReader.Close();
db.Close();
db.Dispose();
return fullName;
}
编辑:我将@添加到参数字段名称,但它仍然无法修复它。
答案 0 :(得分:67)
删除@username,周围的单引号,并使用参数名称而不是:来使用@,例如:
OracleCommand oraCommand = new OracleCommand("SELECT fullname FROM sup_sys.user_profile
WHERE domain_user_name = :userName", db);
oraCommand.Parameters.Add(new OracleParameter("userName", domainUser));
答案 1 :(得分:19)
Oracle的参数语法与Sql-Server不同。所以使用:而不是@
using(var con=new OracleConnection(connectionString))
{
con.open();
var sql = "insert into users values (:id,:name,:surname,:username)";
using(var cmd = new OracleCommand(sql,con)
{
OracleParameter[] parameters = new OracleParameter[] {
new OracleParameter("id",1234),
new OracleParameter("name","John"),
new OracleParameter("surname","Doe"),
new OracleParameter("username","johnd")
};
cmd.Parameters.AddRange(parameters);
cmd.ExecuteNonQuery();
}
}
在OracleCommand中使用命名参数时,必须在参数名称前面加冒号(:)。
http://msdn.microsoft.com/en-us/library/system.data.oracleclient.oraclecommand.parameters.aspx
答案 2 :(得分:1)
您需要使用以下内容:
OracleCommand oraCommand = new OracleCommand("SELECT fullname FROM sup_sys.user_profile
WHERE domain_user_name = :userName", db);
在此MSDN文章中可以找到更多内容: http://msdn.microsoft.com/en-us/library/system.data.oracleclient.oraclecommand.parameters%28v=vs.100%29.aspx
建议您使用:字符代替 @ 代替Oracle。
答案 3 :(得分:1)
string strConn = "Data Source=ORCL134; User ID=user; Password=psd;";
System.Data.OracleClient.OracleConnection con = newSystem.Data.OracleClient.OracleConnection(strConn);
con.Open();
System.Data.OracleClient.OracleCommand Cmd =
new System.Data.OracleClient.OracleCommand(
"SELECT * FROM TBLE_Name WHERE ColumnName_year= :year", con);
//for oracle..it is :object_name and for sql it s @object_name
Cmd.Parameters.Add(new System.Data.OracleClient.OracleParameter("year", (txtFinYear.Text).ToString()));
System.Data.OracleClient.OracleDataAdapter da = new System.Data.OracleClient.OracleDataAdapter(Cmd);
DataSet myDS = new DataSet();
da.Fill(myDS);
try
{
lblBatch.Text = "Batch Number is : " + Convert.ToString(myDS.Tables[0].Rows[0][19]);
lblBatch.ForeColor = System.Drawing.Color.Green;
lblBatch.Visible = true;
}
catch
{
lblBatch.Text = "No Data Found for the Year : " + txtFinYear.Text;
lblBatch.ForeColor = System.Drawing.Color.Red;
lblBatch.Visible = true;
}
da.Dispose();
con.Close();
答案 4 :(得分:0)
// PT:Eu tive este mesmo problema ao utilizar o Namespace Oracle.DataAccess.Client;
// ES:Teníaestemismo problema cuando se utiliza el Namespace Oracle.DataAccess.Client;
// EN:我使用Oracle.DataAccess.Client命名空间遇到了同样的问题;
// PT:Eu resolvi desta forma:
// ES:他resuelto de esta manera:
// EN:我这样解决了
使用Oracle.DataAccess.Client;
string strConnection = ConfigurationManager.ConnectionStrings["oConnection"].ConnectionString;
dataConnection = new OracleConnectionStringBuilder(strConnection);
OracleConnection oConnection = new OracleConnection(dataConnection.ToString());
oConnection.Open();
OracleCommand tmpCommand = oConnection.CreateCommand();
tmpCommand.Parameters.Add("user", OracleDbType.Varchar2, txtUser.Text, ParameterDirection.Input);
tmpCommand.CommandText = "SELECT USER, PASS FROM TB_USERS WHERE USER = :1";
try
{
OracleDataReader tmpReader = tmpCommand.ExecuteReader(CommandBehavior.SingleRow);
if (tmpReader.HasRows)
{
// PT: IMPLEMENTE SEU CÓDIGO
// ES: IMPLEMENTAR EL CÓDIGO
// EN: IMPLEMENT YOUR CODE
}
}
catch(Exception e)
{
// PT: IMPLEMENTE SEU CÓDIGO
// ES: IMPLEMENTAR EL CÓDIGO
// EN: IMPLEMENT YOUR CODE
}
答案 5 :(得分:-3)
您需要使用“@”符号:
oraCommand.Parameters.Add(new OracleParameter("@userName", domainUser));