如何根据用户

时间:2016-04-30 06:54:57

标签: mysql asp.net

我正在创建一个创建用户页面,其中用户是由admin创建的。在该页面中,6个字段是必填字段,4个字段是可选字段。

我根据admin提供的输入编写sql查询有困难。首先,我必须检查管理员提供哪些输入,然后我必须根据它运行查询。 admin输入的值将分配给属性,然后根据属性中的值构建查询。

我现在使用非常低效的代码。它运行良好,但可能会更好。

我的插入数据代码是:

public void InsertData()
    {
        try
        {
            var cn = ConfigurationManager.AppSettings["SGSDataBase_CN"];
            con = new SqlConnection(cn);
            con.Open();

            com = new SqlCommand();
            com.Connection = con;
            com.CommandType = CommandType.Text;

            if (ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email == null)
            {

                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.ExecuteNonQuery();
            }

            else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email == null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.ExecuteNonQuery();
            }

            else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth, @MobileNo)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.ExecuteNonQuery();
            }

            else if (ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth, @MobileNo, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, DateOfBirth, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @DateOfBirth, @MobileNo, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @MobileNo, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email == null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, DateOfBirth) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @DateOfBirth)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }


            else if(ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @MobileNo)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();

            }

            else if(ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin,DateOfBirth, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin,@DateOfBirth, @MobileNo)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @MobileNo)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }


            else if(ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, DateOfBirth, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @DateOfBirth, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }


            else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else if (ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null)
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @MobileNo, @Email)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray);
                //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth);
                com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber);
                com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email);
                com.ExecuteNonQuery();
            }

            else
            {
                com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin)";
                com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId);
                com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName);
                com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password);
                com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department);
                com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn);
                com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn);
                com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin);
                com.ExecuteNonQuery();
            }
        }
        catch (Exception ex)
        {
            throw ex;
        }
        finally
        {
            if (com != null)
                com.Dispose();

            if (con != null)
                con.Dispose();

            com = null;
            con = null;
        }

    }

请建议执行此操作的有效方法。

提前致谢

1 个答案:

答案 0 :(得分:0)

如果不写出所有内容,那就是这个想法:

声明空变量:

int UserId = 0;
string userName = "";

用您的数据填充变量(假设您使用的是函数?):

private void function(int id, string name, ...further params...) {
    int UserId = 0;
    string userName = "";

    UserId = (id!=null) ? id : 0; /*Shorthand if statement to handle null values*/
    userName = name;
    /*further params*/

添加到查询:

private void function(int id, string name ...further params...) {
    int UserId = 0;
    string userName = "";

    int UserID = id;
    string userName = name;
    /*further params*/

    com.CommandText = "INSERT INTO dms.Users_Table (all of your columns here) VALUES (@UserID, @UserName, ...all params declared above...)";
    com.Parameters.AddWithValue("@UserID", UserID);
    com.Parameters.AddWithValue("@UserName", userName);
    /*further adding*/
}

环顾四周后,我发现使用.add().value.AddWithValue好,所以也可以考虑改变这个

.add()将为com.Parameters.Add("@UserID", SqlDbType.Int).value = UserID;