UC知道.net这两种写入数据库有什么区别,请教高手
来源:百度知道 编辑:UC知道 时间:2024/07/04 08:12:37
方法一:
string sql = "insert into Student(stuEmail,stuPassword,stuRealName,stuSex,stuBirthday,stuClass,stuArea,stuAddress,stuZip,stuTel,stuMobile,stuSituation,stuTraffic,stuRemark,stuDate,stuLoginTimes,stuLastLogin,stuState,stuToken) values(@stuEmail,@stuPassword)";
Database db = DatabaseFactory.CreateDatabase();
DbCommand comm = db.GetSqlStringCommand(sql);
db.AddInParameter(comm, "@stuEmail", DbType.String, stuEmail);
db.AddInParameter(comm, "@stuPassword", DbType.String, stuPassword);
方法二:
SqlConnection con=conndb.db();
con.Open();
SqlCommand cmd=new SqlCommand("select count(*) from gameadmin where admin_username='"+adminuid+"' and admin_password='"+adminpwd+"'",con);
方法二: SqlConnection con=conndb.gamedb();
con.Open();
SqlCommand cmd=new SqlCommand("insert into alluser (loginname,password,email,sex,ipa
string sql = "insert into Student(stuEmail,stuPassword,stuRealName,stuSex,stuBirthday,stuClass,stuArea,stuAddress,stuZip,stuTel,stuMobile,stuSituation,stuTraffic,stuRemark,stuDate,stuLoginTimes,stuLastLogin,stuState,stuToken) values(@stuEmail,@stuPassword)";
Database db = DatabaseFactory.CreateDatabase();
DbCommand comm = db.GetSqlStringCommand(sql);
db.AddInParameter(comm, "@stuEmail", DbType.String, stuEmail);
db.AddInParameter(comm, "@stuPassword", DbType.String, stuPassword);
方法二:
SqlConnection con=conndb.db();
con.Open();
SqlCommand cmd=new SqlCommand("select count(*) from gameadmin where admin_username='"+adminuid+"' and admin_password='"+adminpwd+"'",con);
方法二: SqlConnection con=conndb.gamedb();
con.Open();
SqlCommand cmd=new SqlCommand("insert into alluser (loginname,password,email,sex,ipa
效果上没区别都能执行功能
方法一:"@stuEmail", DbType.String, stuEmail
是更安全的你如果看过sql驻入的书就明白了
:"@stuEmail"可以把参数形参化防止驻入!
方法一是向数据库中写入数据,也就是新增一行
方法二是查询数据库中已有的数据
第二个应该是查询吧