求高手帮我解决下这个问题。。输入符号就这样的错误:Line 1: Incorrect syntax near '**'.
Unclosed quotation before the character string ')'.
public int addproduct()
{
Database db = DatabaseFactory.CreateDatabase(); string sql = "insert into [news]([newName],[newClsId],[newBody]) values('" + _newname + "'," + _newclsid + ",'" + _newbody + "')"; _newbody.Replace("'", "''"); DbCommand com = db.GetSqlStringCommand(sql); com.Parameters.Add(new SqlParameter("newName", _newname)); com.Parameters.Add(new SqlParameter("newClsId", _newclsid)); com.Parameters.Add(new SqlParameter("newBody", _newbody)); return db.ExecuteNonQuery(com);
}
求高手帮我解决下~~~非常感谢
Unclosed quotation before the character string ')'.
public int addproduct()
{
Database db = DatabaseFactory.CreateDatabase(); string sql = "insert into [news]([newName],[newClsId],[newBody]) values('" + _newname + "'," + _newclsid + ",'" + _newbody + "')"; _newbody.Replace("'", "''"); DbCommand com = db.GetSqlStringCommand(sql); com.Parameters.Add(new SqlParameter("newName", _newname)); com.Parameters.Add(new SqlParameter("newClsId", _newclsid)); com.Parameters.Add(new SqlParameter("newBody", _newbody)); return db.ExecuteNonQuery(com);
}
求高手帮我解决下~~~非常感谢
public int addproduct()
{
Database db = DatabaseFactory.CreateDatabase(); string sql = "insert into [news]([newName],[newClsId],[newBody]) values('@newname',@newclsid,'@newbody')"; _newbody.Replace("'", "''"); DbCommand com = db.GetSqlStringCommand(sql); com.Parameters.Add(new SqlParameter("newName", _newname)); com.Parameters.Add(new SqlParameter("newClsId", _newclsid)); com.Parameters.Add(new SqlParameter("newBody", _newbody)); return db.ExecuteNonQuery(com);
}