SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = "INSERT INTO Tuser(uname,upassword,did,pid) values('@uname','@upwd','@did','@pid')";
cmd.Parameters.Add("@uname", SqlDbType.VarChar, 50).Value=txtUser.Text;
cmd.Parameters.Add("@upwd", SqlDbType.VarChar, 50).Value = "888888";
cmd.Parameters.Add("@did", SqlDbType.Int, 4).Value= Convert.ToInt16(ddlDepartment.SelectedValue);
cmd.Parameters.Add("@pid", SqlDbType.Int,4).Value= Convert.ToInt16(ddlPosition.SelectedValue);
conn.Open();
try
{
if (cmd.ExecuteNonQuery() > 0)
Response.Write("<script language='javascript'>alert('succes!');</script>");
}
我不知道parameters应该怎么使用?
这段代码运行了以后,cmd.CommandTest的值还是:INSERT INTO Tuser(uname,upassword,did,pid) values('@uname','@upwd','@did','@pid'),也就是说追加的参数没有添加进去。
是不是缺了什么?
cmd.Connection = conn;
cmd.CommandText = "INSERT INTO Tuser(uname,upassword,did,pid) values('@uname','@upwd','@did','@pid')";
cmd.Parameters.Add("@uname", SqlDbType.VarChar, 50).Value=txtUser.Text;
cmd.Parameters.Add("@upwd", SqlDbType.VarChar, 50).Value = "888888";
cmd.Parameters.Add("@did", SqlDbType.Int, 4).Value= Convert.ToInt16(ddlDepartment.SelectedValue);
cmd.Parameters.Add("@pid", SqlDbType.Int,4).Value= Convert.ToInt16(ddlPosition.SelectedValue);
conn.Open();
try
{
if (cmd.ExecuteNonQuery() > 0)
Response.Write("<script language='javascript'>alert('succes!');</script>");
}
我不知道parameters应该怎么使用?
这段代码运行了以后,cmd.CommandTest的值还是:INSERT INTO Tuser(uname,upassword,did,pid) values('@uname','@upwd','@did','@pid'),也就是说追加的参数没有添加进去。
是不是缺了什么?
SqlParameter pram1 = new SqlParameter("UserID", SqlDbType.BigInt);
SqlParameter pram2 = new SqlParameter("UserName", SqlDbType.NVarChar);
SqlParameter pram3 = new SqlParameter("UserPwd", SqlDbType.NVarChar);
SqlParameter pram4 = new SqlParameter("DptName", SqlDbType.NVarChar);
SqlParameter pram5 = new SqlParameter("PopeDom", SqlDbType.NVarChar); pram1.Value = comboBoxAddID.Text;
pram2.Value = empNameStr;
pram3.Value = textBoxAddPwd1.Text;
pram4.Value = dptNameStr;
pram5.Value = comboBoxAddPope.Text; com.Parameters.Add(pram1);
com.Parameters.Add(pram2);
com.Parameters.Add(pram3);
com.Parameters.Add(pram4);
com.Parameters.Add(pram5);
cmd.Parameters.Add("@ContentType", System.Data.SqlDbType.VarChar)
cmd.Parameters.Add("@Photo", System.Data.SqlDbType.Image)
cmd.Parameters("@Title").Value = TextBox1.Text
cmd.Parameters("@ContentType").Value = ContentType
cmd.Parameters("@Photo").Value = fileData
cmd.ExecuteNonQuery()
Parameters["@uname"].Value=txtUser.Text;
SqlParameter[] paras ={
new SqlParameter("@uname",SqlDbType.NVarChar,200),
new SqlParameter("@upwd",SqlDbType.NVarChar,200),
new SqlParameter("@did",SqlDbType.Int)
new SqlParameter("@pid",SqlDbType.Int)
};
paras[0].Value = txtUser.Text;
paras[1].Value = "888888";
paras[2].Value = Convert.ToInt16(ddlDepartment.SelectedValue);
paras[2].Value = Convert.ToInt16(ddlPosition.SelectedValue);
{
cmd.Parameters.Add(p);
}
cmd.ExecuteNonQuery();
string sql;
sql = "INSERT INTO UserList (Title,ContentType,Photo) Values(@Title,@ContentType,@Photo)";
string ConnectionString = "Data Source=.;Initial Catalog=pubs;User Id=sa;Password=;";
SqlConnection cn = new SqlConnection(ConnectionString);
cn.Open();
SqlCommand cmd = new SqlCommand(sql, cn);
cmd.Parameters.Add("@Title", System.Data.SqlDbType.NVarChar);
cmd.Parameters.Add("@ContentType", System.Data.SqlDbType.VarChar);
cmd.Parameters.Add("@Photo", System.Data.SqlDbType.Image);
cmd.Parameters["@Title"].Value = TextBox1.Text;
cmd.Parameters["@ContentType"].Value = ContentType;
cmd.Parameters["@Photo"].Value = fileData;
cmd.ExecuteNonQuery();
cn.Close();