代码:
com.CommandText = "select username, pass from Employees where lastName like '@Last' and firstName like '@First'";
com.Parameters.AddWithValue("@Last", lastName); // lastName is a method argument
SqlParameter param = new SqlParameter();
param.ParameterName = "@First";
param.Value = firstName;
com.Parameters.Add(param);
无论我做什么,都不插入参数。是什么给了什么?
答案 0 :(得分:4)
不要在参数周围加上单引号,无论如何都暗示这些。
另外,尝试使用SqlCommand.CreateParameter:
com.CommandText = "select username, pass from Employees where lastName like @Last and firstName like @First";
com.Parameters.AddWithValue("@Last", lastName); // lastName is a method argument
SqlParameter param = com.CreateParameter();
param.ParameterName = "@First";
param.Value = firstName;
com.Parameters.Add(param);
答案 1 :(得分:2)
尝试将'@Last'更改为@Last,同样适用于First ...