string sConnect;
sConnect = string.Format("Server={0};Database={1};{2}",
"localhost",
"Sales",
"Integrated Security=SSPI"); //id=sa;pwd=????
dbConn = new SQL.SqlConnection(sConnect);
dbConn.Open();
//parameter begin
sql = "Select * From Customers Where CID=@CID Order By LastName Asc, FirstName Asc;";
SQL.SqlCommand dbCmd;
dbCmd = new SQL.SqlCommand(sql, dbConn);
dbCmd.Parameters.Add("@CID", SqlDbType.BigInt);
dbCmd.Parameters[0].Value = 1;
//parameter end
*/
/*
//procedure begin
SQL.SqlCommand dbCmd =dbConn.CreateCommand();
dbCmd.CommandText = "GetCustomer";
dbCmd.CommandType = CommandType.StoredProcedure;
dbCmd.Parameters.Add("@CID", SqlDbType.BigInt);
dbCmd.Parameters[0].Value = 1;
//precedure end
*/
//Transaction
SQL.SqlTransaction txn = dbConn.BeginTransaction();
string strSQL = "INSERT INTO Customers VALUES(100,'Hui','Yu',1000000,1000000,'01-Jan-2005','money')";
SQL.SqlCommand dbCmd;
dbCmd = new SQL.SqlCommand(strSQL, dbConn,txn);
int intRecord = dbCmd.ExecuteNonQuery();
if(intRecord ==1)
{
SWF.MessageBox.Show( "Update Successful");
txn.Commit();
}
else
{
SWF.MessageBox.Show( "Update Failed");
txn.Rollback();
}
/*
}

本文介绍了一种使用SQL参数化查询的方法,并演示了如何通过事务处理来确保数据库操作的一致性和可靠性。具体包括连接字符串配置、参数化查询实现及存储过程调用等关键步骤。

1419

被折叠的 条评论
为什么被折叠?



