SQL ExecuteNonQuery会在' 0'附近抛出"语法不正确。"

时间:2014-04-28 13:48:47

标签: c# sql executenonquery sqlparameter

我使用以下代码将大量行插入数据库:

   _conn.Open();
   SqlCommand command = new SqlCommand(_insert[0].ToString(), _conn);
   command.Parameters.AddRange((_insert[1] as List<SqlParameter>).ToArray());
   Int32 rowsAffected = command.ExecuteNonQuery();
   _conn.Close();

命令(_insert [1] .ToString())是:

"INSERT INTO Candidate (id, name) VALUES ({0},{1}),({2},{3}),({4},{5}),({6},{7}),
({8},{9}),({10},{11}),({12},{13}),({14},{15}),({16},{17}),({18},{19}),({20},{21}),
({22},{23}),({24},{25}),({26},{27}),({28},{29}),({30},{31}),({32},{33}),({34},{35}),
({36},{37}),({38},{39})"

并且命令参数是这样的(来自VS debug):

[0] - ParameterName = "0", SqlDbType = BigInt, Value = 21400
[1] - ParameterName = "1", SqlDbType = NVarChar, Value = "Dan Smith"
[2] - ParameterName = "2", SqlDbType = BigInt, Value = 21401
[3] - ParameterName = "3", SqlDbType = NVarChar, Value = "Doug Smith"
[4] - ParameterName = "4", SqlDbType = BigInt, Value = 21402
[5] - ParameterName = "5", SqlDbType = NVarChar, Value = "Danielle Smith"

我得到的错误是&#34;&#39; 0&#39;附近的语法不正确。&#34;有人能告诉我是什么导致了这个吗?

如果这里重要的是我在创建参数数组的地方(迭代从API返回的JSON的单独函数):

    foreach (KeyValuePair<string, object> _attribute in _field)
    {
        // '_score' is an attribute included with each entity when doing a search
        // indicating the matching score of the query, we don't want this in the database
        if (_attribute.Key.ToString() != "_score")
        {
            _insertQuery.AppendFormat("{{{0}}},", _paramNumber);
            _paramValues.Add(new SqlParameter(_paramNumber.ToString(), _attribute.Value));
            _paramNumber++;
        }
    }
    return new object[] {_insertQuery.ToString(), _paramValues };

我正在这样做,因为我从API检索各种对象,然后插入本地数据库。我不能为每个对象创建一个类(要求是使这个通用)。

更新

我更新了代码,以便将#paramNumber添加到&#34; @&#34;所以每个参数现在都是@ 0,@ 1等,我现在收到这个错误:

"Incorrect syntax near '@0'."

insert语句如下:

"INSERT INTO Candidate (id, name) VALUES ({@0},{@1}),({@2},{@3}),({@4},{@5}),({@6},{@7}),
({@8},{@9}),({@10},{@11}),({@12},{@13}),({@14},{@15}),({@16},{@17}),({@18},{@19}),
({@20},{@21}),({@22},{@23}),({@24},{@25}),({@26},{@27}),({@28},{@29}),({@30},{@31}),
({@32},{@33}),({@34},{@35}),({@36},{@37}),({@38},{@39})"

,参数如下:

[0] - ParameterName = "@0", SqlDbType = BigInt, Value = 21400
[1] - ParameterName = "@1", SqlDbType = NVarChar, Value = "Dan Smith"
[2] - ParameterName = "@2", SqlDbType = BigInt, Value = 21401
[3] - ParameterName = "@3", SqlDbType = NVarChar, Value = "Doug Smith"
[4] - ParameterName = "@4", SqlDbType = BigInt, Value = 21402
[5] - ParameterName = "@5", SqlDbType = NVarChar, Value = "Danielle Smith"

2 个答案:

答案 0 :(得分:1)

根据我从您的问题推断,您尝试使用{number}作为参数名称。我个人认为不合适。

您应该使用@yourParameterName

答案 1 :(得分:1)

如果在查询中使用直接参数而不使用String.Format格式化查询字符串本身,则只应在查询中使用格式为@parameterName的参数,如此。

"INSERT INTO Candidate (id, name) VALUES (@0,@1),(@2,@3),(@4,@5),(@6,@7),
(@8,@9),(@10,@11),(@12,@13),(@14,@15),(@16,@17),(@18,@19),
(@20,@21),(@22,@23),(@24,@25),(@26,@27),(@28,@29),(@30,@31),
(@32,@33),(@34,@35),(@36,@37),(@38,@39)"