Name: Cngothic 
17th
08.08
Ado.net 介绍:使用参数化查询
以get方式传递参数.后获取参数当作条件合并到SQL语句中.查询想要的数据.
URL表现形式:http://www.cngothic.com/search.aspx?customerid=TOMSP
代码如下:
- SqlConnection conn = new SqlConnection();
- conn.ConnectionString = ConfigurationManager.ConnectionStrings["strcon"].ConnectionString;
- conn.Open();
- //打开数据库
- string SqlStr;
- SqlStr = "SELECT OrderID,CustomerID,OrderDate,EmployeeID FROM Orders WHERE CustomerID=@CustomerID";
- //带参数的SQL语句
- SqlCommand SqlCmd = new SqlCommand(SqlStr, conn);
- SqlCmd.Parameters.AddWithValue"("@CustomerID", TOMSP");
- //在customerid参数没有值的情况下为其赋个值为:TOMSP
- SqlDataReader redr = SqlCmd.ExecuteReader();
- while (redr.Read())
- {
- Response.Write(redr["OrderID"] + "<br />");
- Response.Write(Request.QueryString["CustomerID"]);
- }