C# t方法比其他方法好。 public string select(string name) { string s = null; query = "select * from tablename where n
t方法比其他方法好。C# t方法比其他方法好。 public string select(string name) { string s = null; query = "select * from tablename where n,c#,.net,sql,database,sql-injection,C#,.net,Sql,Database,Sql Injection,t方法比其他方法好。 public string select(string name) { string s = null; query = "select * from tablename where name=@name"; con.Open(); com=new SqlCeCommand(query,con); com.Parameters.AddWithValue("@name",name)
public string select(string name)
{
string s = null;
query = "select * from tablename where name=@name";
con.Open();
com=new SqlCeCommand(query,con);
com.Parameters.AddWithValue("@name",name);
sdr=com.ExecuteReader();
while (sdr.Read())
{
s = sdr.GetString(0);
}
return s;
}
public string select(string query)
{
string s = null;
con.Open();
com=new SqlCeCommand(query,con);
sdr=com.ExecuteReader();
while (sdr.Read())
{
s = sdr.GetString(0);
}
return s;
}