SQL命令:字符串查询-合并3个文本框 [英] SQL Command: String query -- combine 3 textboxes
本文介绍了SQL命令:字符串查询-合并3个文本框的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
请更正代码:
Please correct the code:
cmdupdate.CommandText = "Insert Into RawMat " +
" (ProductDimension) " +
" VALUES ('" + txtwidth.Text + "', '" + txtheight.Text + "', '" + txtunitofmeasurement.Text + "')";
cmdupdate.ExecuteNonQuery();
输出:
给出的:
高度= 5
宽度= 7
单位=英尺
答:
尺寸= 5 x 7英尺
Output:
Given:
height = 5
width = 7
unit = feet
Answer:
dimension = 5 x 7 feet
推荐答案
cmdupdate.CommandText = "Insert Into RawMat " +
" (ProductDimension) " +
" VALUES ('" + txtwidth.Text + " X " + txtheight.Text + " " + txtunitofmeasurement.Text + "')";
cmdupdate.ExecuteNonQuery();
1)您可以在tsql中使用+ sing
进行连接
2)为什么不连接C#?
3)使用参数进行语句构建(避免将您的应用程序暴露给SQLinjection)
1) you can concatenate in tsql with + sing
2) why don''t you concatenate in C#?
3) use parameters for statement building (avoid exposing your app to SQLinjection)
cmdupdate.CommandText = "Insert Into RawMat (ProductDimension) VALUES (@dim)";
cmdupdate.Parameters.AddWithValue("@dim", string.Format("{0} x {1} {2}", txtwidth.Text, txtheight.Text, txtunitofmeasurement.Text));
这篇关于SQL命令:字符串查询-合并3个文本框的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
