参数化SQL查询

参数化SQL查询
using System;
using System.Collections.Generic;
using System.Text;
using System.Data;
using System.Data.SqlClient;


namespace DAL
{
    public class UserDal
    {
     
        /// <summary>
        /// 验证用户登陆
        /// </summary>
        /// <param name="users">用户信息</param>
        /// <returns>返回整数,大于0有数据</returns>
        public static int UserLogin(MODEL.users users)
        {           
            SqlParameter[] sqlpam = {
                                 new SqlParameter("c002",SqlDbType.VarChar),
                                 new SqlParameter("c003",SqlDbType.VarChar)                                                                
                                 };
            sqlpam[0].Value =users.c002;
            sqlpam[1].Value =Common.StringOption.StringToMd5(users.c003);
            string sql = "select c002 from cnxinwa002 where c002=@c002 and c003=@c003";
            return DBUtility.SqlCore.GetDataSet(sql, sqlpam).Tables[0].Rows.Count;
        }

    }
}
参数化SQL查询

 

参数化SQL查询
/// <summary>
        /// 查询结果返回DATASET-带参数
        /// </summary>
        /// <param name="sqlstr">SQL语句</param>
        /// <param name="cmdparms">参数</param>
        /// <returns></returns>
        public static DataSet GetDataSet(string sqlstr, params SqlParameter[] cmdparms)
        {
            using (connection())
            {
                DataSet dst = new DataSet();
                try
                {
                    SqlCommand cmd = new SqlCommand();
                    cmd.CommandType = CommandType.Text;
                    cmd.CommandText = sqlstr;
                    cmd.Connection = connection();
                    foreach (SqlParameter icmdparams in cmdparms)
                    {
                        cmd.Parameters.Add(icmdparams);
                    }
                    SqlDataAdapter dap = new SqlDataAdapter(cmd);
                    dap.Fill(dst);
                    cmd.Parameters.Clear();
                    connection().Close();
                }
                catch (System.Data.SqlClient.SqlException e)
                {
                    throw e;
                }
                finally
                {
                    connection().Close();
                }
                return dst;
            }
        }
参数化SQL查询

参数化SQL查询,布布扣,bubuko.com

参数化SQL查询

上一篇:Oracle性能调优自己总结的18条经验


下一篇:分享java操作mongodb的crud代码