我正在为我的同事用SQL Server(Express)编写一种民主的程序。
因此我相处得很好,但是我失败了大约一个小时没有,创建一个使用带参数的SqlCommand的简单方法,可以为null,但不要总是。
我目前的解决方案"看起来像这样:
public bool CreateSubTopic(string subtopic, DateTime enddate, int maxParts, int BitKeepEntries)
{
Connected = true;
var myDict = GetSubtopics(HelpClass.TopicId);
if (myDict.ContainsKey(subtopic))
{
return false;
}
myCommand = null;
myCommand = new SqlCommand("insert into SubtopicsParameters(FK_Topic, Subtopic, StartDate, Enddate, MaxParticipants, KeepsEntries) values(" +
HelpClass.TopicId + "," +
subtopic + "," +
DateTime.Today + "," +
enddate + "," +
maxParts + "," +
BitKeepEntries + ")");
myCommand.ExecuteNonQuery();
Connected = false;
return true;
}
我写的表有额外的主键PK_ID。根据表单上的复选框,FK_Topic,Enddate和MaxParticipants列可以为空。
问题是,我可以写出7种不同的方法,但它会很脏。
你有解决方案吗?
€:我现在使用的解决方案如下:
public bool CreateSubTopic(string subtopic, DateTime enddate, int maxParts, bool KeepEntries)
{
var myDict = GetSubtopics(HelpClass.TopicId);
if (myDict.ContainsKey(subtopic))
{
return false;
}
Connected = true;
myCommand = null;
myCommand = new SqlCommand("insert into SubtopicsParameters(FK_Topic, Subtopic, StartDate, Enddate, MaxParticipants, KeepsEntries) values(" +
"@FKParam," + " @SubtopicParam," + "@Startdateparam," + "@Enddateparam," + "@MaxPartsParam," + "@KeepEntriesParam)", myConnection);
myCommand.Parameters.AddWithValue("FkParam", HelpClass.TopicId);
myCommand.Parameters.AddWithValue("SubtopicParam", subtopic);
myCommand.Parameters.AddWithValue("@Startdateparam", DateTime.Today);
if (enddate != DateTime.Today)
{
myCommand.Parameters.AddWithValue("@Enddateparam", enddate);
}
else
{
myCommand.Parameters.AddWithValue("@Enddateparam", DBNull.Value);
}
if (maxParts == 0)
{
myCommand.Parameters.AddWithValue("@MaxPartsParam", DBNull.Value);
}
else
{
myCommand.Parameters.AddWithValue("@MaxPartsParam", maxParts);
}
if(KeepEntries == true)
{
myCommand.Parameters.AddWithValue("@KeepEntriesParam", 1);
}
else
{
myCommand.Parameters.AddWithValue("@KeepEntriesParam", 0);
}
myCommand.ExecuteNonQuery();
Connected = false;
return true;
}
这是有效的,是安全的,并根据您的意见和答案:)谢谢。
答案 0 :(得分:1)
动态地将参数添加到SQLCommand.Parameters集合。
的示例答案 1 :(得分:0)
试试这个
public bool CreateSubTopic(string subtopic, DateTime enddate, int maxParts, int BitKeepEntries)
{
Connected = true;
var myDict = GetSubtopics(HelpClass.TopicId);
if (myDict.ContainsKey(subtopic))
{
return false;
}
myCommand = null;
myCommand = new SqlCommand("insert into SubtopicsParameters(FK_Topic, Subtopic, StartDate, Enddate, MaxParticipants, KeepsEntries) values(@topic,@stopic,@sd,@ed,@partici,@KEntries);
if(HelpClass.TopicId=="")
myCommand.Parameters.AddWithValue("@topic",System.DBNull.Value);
else
myCommand.Parameters.AddWithValue("@topic",HelpClass.TopicId);
if(subtopic=="")
myCommand.Parameters.AddWithValue("@stopic",System.DBNull.Value);
else
myCommand.Parameters.AddWithValue("@stopic",subtopic);
myCommand.Parameters.AddWithValue("@sd",DateTime.Today);
if(enddate=="")
myCommand.Parameters.AddWithValue("@ed",System.DBNull.Value);
else
myCommand.Parameters.AddWithValue("@ed",enddate);
if(maxParts=="")
myCommand.Parameters.AddWithValue("@partici",System.DBNull.Value);
else
myCommand.Parameters.AddWithValue("@partici",maxParts);
if(BitKeepEntries=="")
myCommand.Parameters.AddWithValue("@KEntries",System.DBNull.Value);
else
myCommand.Parameters.AddWithValue("@KEntries",BitKeepEntries);
myCommand.ExecuteNonQuery();
Connected = false;
return true;
}