我正在使用CDATA“按原样”存储所有多行SQL字符串(感谢一些stackoverflow旧答案),如下所示:
Dim cmd As String = <![CDATA[
INSERT INTO devices
VALUES (
NULL ,
'ONE',
'TWO',
(
SELECT manufacturer_id FROM manufacturers WHERE manufacturer_name = "Bloom"
)
)
]]>.Value()
问题是我需要使用VB变量来制动它。还有另一种方法,而不是多个CDATA?
<![CDATA[ ...... ]]>.Value() + myVBvar + <![CDATA[ ...... ]]>.Value()
答案 0 :(得分:5)
尝试使用SqlParameters
Dim commandString As String = <![CDATA[
INSERT INTO blah VALUES (@One, @Two, @Three, @n)
]]>,Value()
Using command As SqlCommand = new SqlCommand(commandString, connection)
command.Parameters.AddWithValue("@One", valueOne)
command.Parameters.AddWithValue("@Two", valueTwo) ' etc...
' command.execute
End Using
答案 1 :(得分:1)
我正在重新发布“Multiline strings in VB.NET”的答案变体,因为它是相关的。
您基本上必须在VB变量之前终止CDATA标记,然后在CDATA不捕获VB代码之后重新添加它。您需要将整个代码块包装在一个标记中,因为您将拥有多个CDATA块。
Dim cmd As String = <sql><![CDATA[
INSERT INTO devices
VALUES (
NULL ,
']]><%= varOne %><![CDATA[',
']]><%= varTwo %><![CDATA[',
(
SELECT manufacturer_id
FROM manufacturers
WHERE manufacturer_name = "]]><%= manufacturerName %><![CDATA["
)
)
]]></sql>.value