public int addSQL(string cmdText, params SqlParameter[] cmdParameters)
{
SqlCommand cmd = new SqlCommand(); using (SqlConnection cn = SqlOperation.GetConnection())
{
//通过PrePareCommand方法将参数逐个加入到SqlCommand的参数集合中
PrepareCommand(cmd, cn, null, CommandType.Text, cmdText, cmdParameters);
int i = cmd.ExecuteNonQuery(); //清空SqlCommand中的参数列表
cmd.Parameters.Clear();
return i;
}
}
private static void PrepareCommand(SqlCommand cmd, SqlConnection conn, SqlTransaction trans, CommandType cmdType, string cmdText, SqlParameter[] cmdParms)
{ //判断数据库连接状态
if (conn.State != ConnectionState.Open)
conn.Open();
cmd.Connection = conn;
cmd.CommandText = cmdText;
//判断是否需要事物处理
if (trans != null)
cmd.Transaction = trans;
cmd.CommandType = cmdType;
if (cmdParms != null)
{
foreach (SqlParameter parm in cmdParms)
cmd.Parameters.Add(parm);
}
}参数化插入数据的时候如何调用addSQL()?
addSQL("select * from a where id=@id and name=@name",parameters);