在FirebirdSql中正确使用参数 [英] Proper use of parameters in FirebirdSql

问题描述

我想知道是否有人可以帮助下列操作。

I wonder if anyone can help with the following.

using (FbConnection conn = new FbConnection(ConnectionString))
{
    conn.Open();

    // --------------------------------------------------------------------------
    FbCommand command1 = new FbCommand("SELECT @AN_INT FROM RDB$DATABASE", conn);
    command1.Parameters.Add("AN_INT", FbDbType.Integer);
    try
    {
        command1.Prepare();  //  Message=Dynamic SQL Error
                            //SQL error code = -804
                            //Data type unknown
                            //  Source=FirebirdSql.Data.FirebirdClient
                            //  ErrorCode=335544569
                            //  SQLSTATE=42000
    }
    catch(Exception E)
    {
        MessageBox.Show(E.Message);
    }
    // --------------------------------------------------------------------------
    FbCommand command2 = new FbCommand("SELECT 123 FROM RDB$DATABASE WHERE 789 >= @AN_INT", conn);
    command2.Parameters.Add("AN_INT", FbDbType.Integer);
    try
    {
        command2.Prepare();  // No Problem
    }
    catch (Exception E)
    {
        MessageBox.Show(E.Message);
    }
}

我的问题是这 - 从另一个编码器，我认为，如果可能，我应该更改数据库组件使用参数化查询;现有的技术是将值注入到Sql字符串中。任务是重构一个类在现有项目中工作。

My problem is this - I have picked up a project from another coder and I think that, if possible, I should change the database component to use parameterised queries; the existing technique is to inject values into Sql strings. The task is to refactor a class to work in an existing project.

上面的代码示例演示了一个我必须解决的问题，我想知道还有其他问题。问题主要是创建一个类，将字符串转换为参数化的查询。

The code sample above demonstrates one problem that I must resolve and I wonder of there are others. The issue is, essentially, to create a class that will turn strings into parameterised queries. Has anyone done this, and what traps or tricks might there be along the way?

推荐答案

您的第一个查询需要 SELECT cast（@AN_INT as int）FROM RDB $ DATABASE 。 Else Firebird不知道参数类型是什么（即使它是在C＃代码中指定的）。

Your first query needs to be SELECT cast(@AN_INT as int) FROM RDB$DATABASE. Else Firebird doesn't know what the parameter type is (even if it's specified in C# code).

您可以尝试直接在Firebird中运行这段代码发动机本身的限制。

You can try to run this piece of code directly in Firebird to see the limitation of engine itself.

execute block
as
begin
    execute statement ('select :foobar from rdb$database')(foobar := 10);
end

这篇关于在FirebirdSql中正确使用参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！