在一个带参数的SQL语句中,使用方式1语句会提示查询语句有错,方式2就完全正确,但是我不知道方式2代码中那个sql1语句定义是采用什么方法的,希望能得到详细解释!方式1:
string sql1="select * from @para2 where @para1='@para3'";
OleDbCommand dbcmd=new OleDbCommand(sql1,dbconn); OleDbParameter p1 =new OleDbParameter("@para1",OleDbType.VarChar,50);
p1.Value=bl1;
dbcmd.Parameters.Add(p1); OleDbParameter p2 =new OleDbParameter("@para2",OleDbType.VarChar,50);
p2.Value=bl2;
dbcmd.Parameters.Add(p2); OleDbParameter p3 =new OleDbParameter("@para3",OleDbType.VarChar,50);
p2.Value=TextBox1.Text;
dbcmd.Parameters.Add(p3);
……
方式2:
string sql1= String.Format("select * from {0} where {1} = ?", bl2, bl1);
OleDbCommand dbcmd=new OleDbCommand(sql1,dbconn);
OleDbParameter p =new OleDbParameter("@para3",OleDbType.VarChar,50);
p.Value=TextBox1.Text;
dbcmd.Parameters.Add(p);
……
string sql1="select * from @para2 where @para1='@para3'";
OleDbCommand dbcmd=new OleDbCommand(sql1,dbconn); OleDbParameter p1 =new OleDbParameter("@para1",OleDbType.VarChar,50);
p1.Value=bl1;
dbcmd.Parameters.Add(p1); OleDbParameter p2 =new OleDbParameter("@para2",OleDbType.VarChar,50);
p2.Value=bl2;
dbcmd.Parameters.Add(p2); OleDbParameter p3 =new OleDbParameter("@para3",OleDbType.VarChar,50);
p2.Value=TextBox1.Text;
dbcmd.Parameters.Add(p3);
……
方式2:
string sql1= String.Format("select * from {0} where {1} = ?", bl2, bl1);
OleDbCommand dbcmd=new OleDbCommand(sql1,dbconn);
OleDbParameter p =new OleDbParameter("@para3",OleDbType.VarChar,50);
p.Value=TextBox1.Text;
dbcmd.Parameters.Add(p);
……
2、参数不用加引号
其实非常好理解:
1、不能用"a"代替a
2、不能用"a"代替0
应为:
string sql1= "select * from " + bl2.ToString() + " where " + bl1.ToString() + " = ?"
在帮助文档中搜索“格式化字符串”