如何在where子句中传递参数
本文关键字:参数 子句 where | 更新日期: 2023-09-27 18:05:12
这就是我所尝试的。但是我没有得到任何错误,也没有输出。我做错了什么。为什么这个查询不能工作
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "SELECT balance FROM PersonalLoan_tb WHERE emp_id = '@term' AND paid_or_unpaid = '@Paid' ORDER BY Id DESC";
cmd.Parameters.AddWithValue("@term", term);
cmd.Parameters.AddWithValue("@Paid", paid);
但是当我尝试查询没有参数,我得到输出。
不要在Query
参数中使用single Quotes
'SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "SELECT balance FROM PersonalLoan_tb WHERE emp_id = @term AND paid_or_unpaid = @Paid ORDER BY Id DESC";
cmd.Parameters.AddWithValue("@term", term);
cmd.Parameters.AddWithValue("@Paid", paid);
在单引号(')之间指定的任何内容都将被视为字符串。所以写参数名不带引号('),它会工作。
"SELECT balance FROM PersonalLoan_tb WHERE emp_id = @term AND paid_or_unpaid = @Paid ORDER BY Id DESC"
其余代码相同
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "SELECT balance FROM PersonalLoan_tb WHERE emp_id = @term AND paid_or_unpaid = @Paid ORDER BY Id DESC";
cmd.Parameters.AddWithValue("@term", term);
cmd.Parameters.AddWithValue("@Paid", paid);
根据我的评论-单引号不应该在那里-它们将参数更改为文字。因此,您的查询正在寻找emp_id是字符串"@term"的平衡,并且不会使用传入的参数。试着
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "SELECT balance FROM PersonalLoan_tb WHERE emp_id = @term AND paid_or_unpaid = @Paid ORDER BY Id DESC";
cmd.Parameters.AddWithValue("@term", term);
cmd.Parameters.AddWithValue("@Paid", paid);
首先,您不需要在查询字符串中使用单引号:
cmd.CommandText = "SELECT balance FROM PersonalLoan_tb WHERE emp_id = @term AND paid_or_unpaid = @Paid ORDER BY Id DESC";
也就是说,我警告您不要使用AddWithValue()
。这必须推断传递到字符串中的类型——任何时候代码不显式,都有误解的危险。例如,这里有一篇博客文章解释了为什么这不是一个好主意。