Question

我希望在appSettings项目（ASP.NET和C＃）的web.config部分中使用动态where子句获取key的值，如下所示：

key="test" value="Select * from table where id=Textbox1.Text"

我怎样才能做到这一点？

Answer 1

你可以这样做：

// Get sql query and add where clause to it.
string sqlString = System.Configuration.ConfigurationManager.AppSettings["test"] + " where id=@id";


// Execute sqlString 
SqlConnection sqlConnection1 = new SqlConnection("Your Connection String");
SqlCommand cmd = new SqlCommand();

SqlParameter param  = new SqlParameter();
param.ParameterName = "@id";
param.Value = Textbox1.Text;
cmd.Parameters.Add(param);
SqlDataReader reader;

cmd.CommandText = sqlString;
cmd.CommandType = CommandType.Text;
cmd.Connection = sqlConnection1;

sqlConnection1.Open();

reader = cmd.ExecuteReader();
// Data is accessible through the DataReader object here.

sqlConnection1.Close();

修改

C＃for prevent SQL injection，停止执行执行此操作的命令。您应该使用SqlParameter。

使用Appsettings中的dynamic where子句获取key的值

1 个答案: