插入参数,C#,T-Sql
我试图通过文本框通过aspx页面插入参数。我设置了参数,但每次执行ExecuteOnQuery时,@Username将显示在数据库中,而不是实际值。 下面是我的代码。谁能透露一点见解 这是完整的代码:插入参数,C#,T-Sql,c#,tsql,C#,Tsql,我试图通过文本框通过aspx页面插入参数。我设置了参数,但每次执行ExecuteOnQuery时,@Username将显示在数据库中,而不是实际值。 下面是我的代码。谁能透露一点见解 这是完整的代码: protected void btn_SubmitUserInfo_Click(object sender, EventArgs e) { SqlConnection conn = new SqlConnection(); conn = new SqlCon
protected void btn_SubmitUserInfo_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection();
conn = new SqlConnection("Data Source=.\\SQLEXPRESS;AttachDbFilename=c:\\Documents and Settings\\xm\\My Documents\\Visual Studio 2010\\Projects\\CreateUser\\CreateUser\\App_Data\\UserInformation.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True; Integrated Security=SSPI");
//Open the connection outside of the try statement
conn.Open();
try
{
//Create a command for the stored procedure and tie it into the connection
SqlCommand cmd = new SqlCommand("InsertUserValues", conn);
//Set the command type so it know to execute the stored proc
cmd.CommandType = CommandType.StoredProcedure;
//Declare Parameters
SqlParameter @UserID = new SqlParameter("@UserID", System.Data.SqlDbType.Int);
@UserID.Direction = ParameterDirection.Input;
@UserID.Value = txtUserID.Text;
SqlParameter @UserName = new SqlParameter("@UserName", System.Data.SqlDbType.VarChar);
@UserName.Direction = ParameterDirection.Input;
@UserName.Value = txtUserName.Text;
SqlParameter @UserPassword = new SqlParameter("@UserPassword", System.Data.SqlDbType.VarChar);
@UserPassword.Direction = ParameterDirection.Input;
@UserPassword.Value = txtPassword.Text;
SqlParameter @FirstName = new SqlParameter("@FirstName", System.Data.SqlDbType.VarChar);
@FirstName.Direction = ParameterDirection.Input;
@FirstName.Value = txtFirstName.Text;
SqlParameter @LastName = new SqlParameter("@LastName", System.Data.SqlDbType.VarChar);
@LastName.Direction = ParameterDirection.Input;
@LastName.Value = txtLastName.Text;
SqlParameter @Address = new SqlParameter("@Address", System.Data.SqlDbType.VarChar);
@Address.Direction = ParameterDirection.Input;
@Address.Value = txtAddress.Text;
SqlParameter @AptNum = new SqlParameter("@AptNum", System.Data.SqlDbType.VarChar);
@AptNum.Direction = ParameterDirection.Input;
@AptNum.Value = txtAptNumber.Text;
SqlParameter @City = new SqlParameter("@City", System.Data.SqlDbType.VarChar);
@City.Direction = ParameterDirection.Input;
@City.Value = txtCity.Text;
SqlParameter @State = new SqlParameter("@State", System.Data.SqlDbType.VarChar);
@State.Direction = ParameterDirection.Input;
@State.Value = txtState.Text;
//SqlParameter @Zip = new SqlParameter("@Zip", System.Data.SqlDbType.Int);
//@Zip.Direction = ParameterDirection.Input;
//@Zip.Value = Convert.ToInt32(txtZip.Text);
//add new parameter command to object
cmd.Parameters.Add(@UserID);
cmd.Parameters.Add(@UserName);
cmd.Parameters.Add(@UserPassword);
cmd.Parameters.Add(@FirstName);
cmd.Parameters.Add(@LastName);
cmd.Parameters.Add(@Address);
cmd.Parameters.Add(@AptNum);
cmd.Parameters.Add(@City);
cmd.Parameters.Add(@State);
//cmd.Parameters.Add(@Zip);
//execute nonquery
cmd.ExecuteNonQuery();
}
finally
{
lblSucess.Text = "Your information has been submitted";
//Close the connection
if (conn != null)
{
conn.Close();
}
}
这是存储过程:
ALTER PROCEDURE dbo.InsertUserValues
@UserID int,
@UserName varchar(50),
@UserPassword varchar(100),
@FirstName varchar(50),
@LastName varchar(50),
@Address varchar(50),
@AptNum varchar(50),
@City varchar(50),
@State varchar(50)
AS
INSERT INTO tb_User( user_Name, password, f_Name, l_Name, address, apt_Number, city, state)
VALUES ( '@UserName', '@UserPassword', '@FirstName', '@LastName', '@Address', '@AptNum', '@City', '@State')
您的参数名称不正确-不应该在C#变量的开头使用@。应该是:
SqlParameter UserName = new SqlParameter("@UserName", System.Data.SqlDbType.VarChar);
UserName.Direction = ParameterDirection.Input;
UserName.Value = txtUserName.Text;
cmd.Parameters.Add(UserName);
我不认为这是你问题的根源,但我注意到了这一点。
我们需要更多的代码来查看问题所在您的SQL语句中引用了您的参数。删除存储过程定义中参数周围的单引号。引用它们将它们视为文字字符串,而不是要替换的参数
ALTER PROCEDURE dbo.InsertUserValues
@UserID int,
@UserName varchar(50),
@UserPassword varchar(100),
@FirstName varchar(50),
@LastName varchar(50),
@Address varchar(50),
@AptNum varchar(50),
@City varchar(50),
@State varchar(50)
AS
INSERT INTO tb_User( user_Name, password, f_Name, l_Name, address, apt_Number, city, state)
VALUES (@UserName, @UserPassword, @FirstName, @LastName, @Address, @AptNum, @City, @State)
请张贴插入声明。我猜你写了“@UserName”,应该删除引号。是的,这就是你所做的。。。删除你参数周围的引号。哦,天哪。在过去的4个小时里,我一直在努力解决这个问题。在本例中,在变量的开头使用@符号是否不切实际?我是否应该按照安德烈给我的建议,将它们重新命名为,并继续进行这项实践?谢谢。在c#variables的开头使用“@”是一种不好的做法-只有当您想使用保留关键字作为变量时才应该使用它,但在9999999%的情况下更糟糕。您的代码不会崩溃,但它并不好,就像使用goto语句一样。别那么做。谢谢Andrey,我还是新手…在C变量的开头有@是有效的…@相当于。在一些模糊的情况下很有用(例如,使用关键字作为标识符)。在这种情况下,我不会使用@,但这不是问题所在。我怀疑问题出在SQL语句本身。我有点喜欢@here,因为它反映了SQL中的@,但可能这就是我。其他地方肯定不喜欢它。我没说它无效——我说你不应该用它。使用“goto”也完全有效,但我相信你不会接近它:)