在FirebirdSql中正确使用参数 [英] Proper use of parameters in FirebirdSql
问题描述
我想知道是否有人可以帮助下列操作。
I wonder if anyone can help with the following.
using (FbConnection conn = new FbConnection(ConnectionString))
{
conn.Open();
// --------------------------------------------------------------------------
FbCommand command1 = new FbCommand("SELECT @AN_INT FROM RDB$DATABASE", conn);
command1.Parameters.Add("AN_INT", FbDbType.Integer);
try
{
command1.Prepare(); // Message=Dynamic SQL Error
//SQL error code = -804
//Data type unknown
// Source=FirebirdSql.Data.FirebirdClient
// ErrorCode=335544569
// SQLSTATE=42000
}
catch(Exception E)
{
MessageBox.Show(E.Message);
}
// --------------------------------------------------------------------------
FbCommand command2 = new FbCommand("SELECT 123 FROM RDB$DATABASE WHERE 789 >= @AN_INT", conn);
command2.Parameters.Add("AN_INT", FbDbType.Integer);
try
{
command2.Prepare(); // No Problem
}
catch (Exception E)
{
MessageBox.Show(E.Message);
}
}
我的问题是这 - 从另一个编码器,我认为,如果可能,我应该更改数据库组件使用参数化查询;现有的技术是将值注入到Sql字符串中。任务是重构一个类在现有项目中工作。
My problem is this - I have picked up a project from another coder and I think that, if possible, I should change the database component to use parameterised queries; the existing technique is to inject values into Sql strings. The task is to refactor a class to work in an existing project.
上面的代码示例演示了一个我必须解决的问题,我想知道还有其他问题。问题主要是创建一个类,将字符串转换为参数化的查询。
The code sample above demonstrates one problem that I must resolve and I wonder of there are others. The issue is, essentially, to create a class that will turn strings into parameterised queries. Has anyone done this, and what traps or tricks might there be along the way?
推荐答案
您的第一个查询需要 SELECT cast(@AN_INT as int)FROM RDB $ DATABASE
。 Else Firebird不知道参数类型是什么(即使它是在C#代码中指定的)。
Your first query needs to be SELECT cast(@AN_INT as int) FROM RDB$DATABASE
. Else Firebird doesn't know what the parameter type is (even if it's specified in C# code).
您可以尝试直接在Firebird中运行这段代码发动机本身的限制。
You can try to run this piece of code directly in Firebird to see the limitation of engine itself.
execute block
as
begin
execute statement ('select :foobar from rdb$database')(foobar := 10);
end
这篇关于在FirebirdSql中正确使用参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!