到哈巴两三 [英] To a ha pa two three
本文介绍了到哈巴两三的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
从此处移除.....................
我尝试了什么:
removed from here .....................
What I have tried:
Dim strSql As String = GetCaseSQL("12345")
推荐答案
删除前两行:
Remove the first two lines:
"DECLARE @PartyID INT " + vbCrLf + _
"SET @PartyID = 16482594 " + vbCrLf + _
然后在实际使用时将PartyID作为参数添加到SqlCommand:
Then add your PartyID as a parameter to the SqlCommand when you actually use it:
Using con As New SqlConnection(strConnect)
Dim myValue As Integer = 12345
con.Open()
Using cmd As New SqlCommand(strSQL, con)
cmd.Parameters.AddWithValue("@PartyID", myValue)
Using reader As SqlDataReader = cmd.ExecuteReader()
While reader.Read()
...
End While
End Using
End Using
End Using
不要将字符串值传递给方法并尝试连接它 - 这种方式太危险了:阅读SQL注入,你会看到我的意思。
Don't pass the string value to your method and try to concatenate it - that way is far too dangerous: read up on SQL Injection and you'll see what I mean.
这篇关于到哈巴两三的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文