C# 如何在包含变量的逐字字符串中转义双引号
我有一个逐字字符串,其中包含一些变量,我的问题是我总是从编译器中得到这个错误:C# 如何在包含变量的逐字字符串中转义双引号,c#,escaping,verbatim-string,C#,Escaping,Verbatim String,我有一个逐字字符串,其中包含一些变量,我的问题是我总是从编译器中得到这个错误: ; expected 那么我怎样才能正确地逃脱它呢 int teacherId = sqlStatus = (int)sqlCmd.LastInsertedId; sqlCmd.CommandText = @"INSERT INTO report (report_type, report_date, semester, report_details, teacher_id)
; expected
int teacherId = sqlStatus = (int)sqlCmd.LastInsertedId;
sqlCmd.CommandText = @"INSERT INTO report (report_type, report_date, semester, report_details, teacher_id)
VALUES (0, ""2018-01-01"", 1, '{
""teacherId"": "" " + teacherId.ToString() + " "", <=== error here (; expected)
""mahderDate"": """",
""teacherShool"": """",
""baladia"": """",
""wilaya"": """",
""moufatecheReport"": """"
}'," + teacherId + ");";
int teacherId=sqlStatus=(int)sqlCmd.LastInsertedId;
sqlCmd.CommandText=@“插入报告(报告类型、报告日期、学期、报告详细信息、教师id)
数值(0),“2018-01-01”,“1,”{
“teacherId”:“+teacherId.ToString()+”,使用@poke suggestion,我在行中放置了双引号和@:
int teacherId = sqlStatus = (int)sqlCmd.LastInsertedId;
sqlCmd.CommandText = @"INSERT INTO report (report_type, report_date, semester, report_details, teacher_id)
VALUES (0, ""2018-01-01"", 1, '{
""teacherId"": "" " + teacherId.ToString() + "," +
@" ""mahderDate"": """",
""teacherShool"": """",
""baladia"": """",
""wilaya"": """",
""moufatecheReport"": """"
}'," + teacherId + ");";
考虑使用string.Format?或插值字符串?总之,您可以使用“\”对字符进行转义。正确的方法是使用参数化查询,以避免SQL注入的可能性。无论如何,这里的问题是,您在teacherId.ToString()之后启动了一个新字符串
。但该字符串不是多行字符串:您需要再次将@
放在开头引号的前面。@Dave我尝试了“\”但仍然有相同的错误。参数化查询更好,不仅因为它们可以防止sql注入,所以我仍然在这里使用它们。不过,不需要将逗号放在自己的字符串中。