• <i id='ckGLU'><tr id='ckGLU'><dt id='ckGLU'><q id='ckGLU'><span id='ckGLU'><b id='ckGLU'><form id='ckGLU'><ins id='ckGLU'></ins><ul id='ckGLU'></ul><sub id='ckGLU'></sub></form><legend id='ckGLU'></legend><bdo id='ckGLU'><pre id='ckGLU'><center id='ckGLU'></center></pre></bdo></b><th id='ckGLU'></th></span></q></dt></tr></i><div id='ckGLU'><tfoot id='ckGLU'></tfoot><dl id='ckGLU'><fieldset id='ckGLU'></fieldset></dl></div>

    <small id='ckGLU'></small><noframes id='ckGLU'>

    <legend id='ckGLU'><style id='ckGLU'><dir id='ckGLU'><q id='ckGLU'></q></dir></style></legend>
    • <bdo id='ckGLU'></bdo><ul id='ckGLU'></ul>

    1. <tfoot id='ckGLU'></tfoot>

      1. 向 SQL Server 中的存储过程添加参数的区别?

        时间:2024-04-15
      2. <tfoot id='oIzJT'></tfoot>

            <small id='oIzJT'></small><noframes id='oIzJT'>

                <tbody id='oIzJT'></tbody>

                <bdo id='oIzJT'></bdo><ul id='oIzJT'></ul>

                <i id='oIzJT'><tr id='oIzJT'><dt id='oIzJT'><q id='oIzJT'><span id='oIzJT'><b id='oIzJT'><form id='oIzJT'><ins id='oIzJT'></ins><ul id='oIzJT'></ul><sub id='oIzJT'></sub></form><legend id='oIzJT'></legend><bdo id='oIzJT'><pre id='oIzJT'><center id='oIzJT'></center></pre></bdo></b><th id='oIzJT'></th></span></q></dt></tr></i><div id='oIzJT'><tfoot id='oIzJT'></tfoot><dl id='oIzJT'><fieldset id='oIzJT'></fieldset></dl></div>
                • <legend id='oIzJT'><style id='oIzJT'><dir id='oIzJT'><q id='oIzJT'></q></dir></style></legend>
                  本文介绍了向 SQL Server 中的存储过程添加参数的区别?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  我想知道这两种符号之间的区别.

                  I would like to know the difference between these 2 notations.

                  首先我有一个存储过程

                  CREATE PROCEDURE AddSomething( @zonename varchar(50), @desc varchar(255), @TheNewId int OUTPUT ) AS 
                  BEGIN 
                     INSERT INTO a_zone(zonename, descr) VALUES(@zonename, @desc) 
                     SELECT @TheNewId = SCOPE_IDENTITY()         
                  END
                  

                  如果我以这种方式添加参数有什么区别

                  What is the difference if I add parameters in this manner

                  SqlCommand Cmd = new SqlCommand("AddSomething", oConn); 
                  Cmd.CommandType = CommandType.StoredProcedure; 
                  SqlParameter oParam1 = Cmd.Parameters.AddWithValue("@zonename", sName);
                  SqlParameter oParam2 = Cmd.Parameters.AddWithValue("@desc", description);
                  

                  SqlCommand Cmd2 = new SqlCommand("AddSomething", oConn); 
                  Cmd2.CommandType = CommandType.StoredProcedure;
                  cmd2.Parameters.Add("@zonename", SqlDbType.VarChar).Value = zonename.Text.Trim();
                  cmd2.Parameters.Add("@desc", SqlDbType.VarChar).Value = desc.Text.Trim();
                  

                  推荐答案

                  以下是一些说明:

                  Add 和 AddWithValue 命令的区别

                  Dim cmd as new SqlCommand("SELECT * FROM MyTable WHERE MyDate>@TheDate",conn)
                  cmd.Parameters.Add("@TheDate",SqlDbType.DateTime).Value="2/1/2007"
                  

                  对比

                  cmd.Parameters.AddWithValue("@TheDate","2/1/2007")
                  

                  Add 强制将字符串转换为日期,因为它进入参数.AddWithValue 会简单地将字符串传递给 SQL Server.

                  "Add forces the conversion from string to date as it goes into the parameter. AddWithValue would have simply passed the string on to the SQL Server.

                  当使用 Parameters.Add 时 - SqlDbType 在编译时是已知的

                  When using Parameters.Add - the SqlDbType is known at compile time

                  当使用 Parameters.AddWithValue 时,该方法必须对值进行装箱和拆箱以找出其类型.

                  When using Parameters.AddWithValue the method has to box and unbox the value to find out its type.

                  前者的额外好处是 Add 代码更安全并将协助抵御 SQL 注入攻击,代码安全如果您尝试传递与 SqlDb 类型不匹配的值已定义 - 错误将在 .Net 代码中捕获,您将不会有等待往返.

                  Additional benefits of the former is that Add is a bit more code safe and will assist against SQL injection attacks , code safe in terms that if you try to pass a value that doesn't match the SqlDb type defined - the error will be caught in .Net code and you will not have to wait for the round trip back.

                  • http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.parameters.aspx
                  • http://msdn.microsoft.com/en-us/library/yy6y35y8.aspx
                  • 编辑:

                    获取输出参数的示例:

                    C#

                    cmd.Parameters.Add(new SqlParameter("@TheNewId", SqlDbType.Int, int.MaxValue));
                    cmd.Parameters("@TheNewId").Direction = ParameterDirection.Output;
                    cmd.ExecuteNonQuery();
                    int theNewID = (int)cmd.Parameters("@TheNewId").Value;
                    

                    VB.Net

                    cmd.Parameters.Add(New SqlParameter("@TheNewId", SqlDbType.Int, Int32.MaxValue))
                    cmd.Parameters("@TheNewId").Direction = ParameterDirection.Output
                    cmd.ExecuteNonQuery()
                    Dim theNewID As Int32 = DirectCast(cmd.Parameters("@TheNewId").Value, Int32)
                    

                    这篇关于向 SQL Server 中的存储过程添加参数的区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  上一篇:在带有参数的存储过程中插入 MYSQL 不起作用 下一篇:如何将 Google Analytics 数据推送到 mysql 表中

                  相关文章

                  <small id='H9ZDD'></small><noframes id='H9ZDD'>

                  <i id='H9ZDD'><tr id='H9ZDD'><dt id='H9ZDD'><q id='H9ZDD'><span id='H9ZDD'><b id='H9ZDD'><form id='H9ZDD'><ins id='H9ZDD'></ins><ul id='H9ZDD'></ul><sub id='H9ZDD'></sub></form><legend id='H9ZDD'></legend><bdo id='H9ZDD'><pre id='H9ZDD'><center id='H9ZDD'></center></pre></bdo></b><th id='H9ZDD'></th></span></q></dt></tr></i><div id='H9ZDD'><tfoot id='H9ZDD'></tfoot><dl id='H9ZDD'><fieldset id='H9ZDD'></fieldset></dl></div>
                • <legend id='H9ZDD'><style id='H9ZDD'><dir id='H9ZDD'><q id='H9ZDD'></q></dir></style></legend>

                    • <bdo id='H9ZDD'></bdo><ul id='H9ZDD'></ul>

                      <tfoot id='H9ZDD'></tfoot>