The first is the code in the DAL data Access layer:
Methods for updating data
public static int shuxing_update (S_passnature model)
{
String sql = "Update s_passnature set [email protected]_name,[email protected]_content,[email Protected]_shuxing,[email Protected]_shiledaddress,[email protected]_cost,[email protected]_company,[email protected]_start,[email protected ],[email protected] Where [email protected]_id];
SqlParameter Object Additions
sqlparameter[] parameter = {
New SqlParameter ("@pass_name", sqldbtype.varchar,200),
New SqlParameter ("@pass_content", sqldbtype.varchar,5000),
New SqlParameter ("@pass_shuxing", sqldbtype.varchar,5000),
New SqlParameter ("@pass_shiledaddress", sqldbtype.varchar,5000),
New SqlParameter ("@pass_cost", Sqldbtype.decimal),
New SqlParameter ("@pass_company", sqldbtype.varchar,100),
New SqlParameter ("@is_start", sqldbtype.int,4),
New SqlParameter ("@remark", sqldbtype.varchar,5000),
New SqlParameter ("@operatorType", sqldbtype.varchar,50),
New SqlParameter ("@pass_id", sqldbtype.int,4)
};
//Object Assignment
Parameter[0]. Value = Model.pass_name;
Parameter[1]. Value = model.pass_content;
Parameter[2]. Value = model.pass_shuxing;
Parameter[3]. Value = model.shiledaddress;
Parameter[4]. Value = Model.pass_cost;
Parameter[5]. Value = Model.pass_company;
Parameter[6]. Value = Model.is_start;
Parameter[7]. Value = Model.remark;
Parameter[8]. Value = Model.operatortype;
Parameter[9]. Value = model.pass_id;
return COMMON.DBHELPERSQL.EXECUTESQL (sql, parameter);
}
Methods in DBHelper:
public static int ExecuteSQL (string SQLString, params sqlparameter[] cmdparms)
{
using (SqlC Onnection conn = new SqlConnection (dbhelpersql.connectionstring))
{
using (SqlCommand cmd = new SqlCommand ())
{
Try
{
Dbhelpersql. PrepareCommand (Cmd,connection, (sqltransaction) null,sqlstring,cmdparms);
int num = cmd. ExecuteNonQuery ();
//The cleanup resource must be freed after each execution, or it will cause the program to become blocked
Cmd. Parameters.clear ();
Return num;
}
catch (SqlException ex)
{
throw new Exception (ex. Message);
}
Finally
{
cmd. Dispose ();
Conn. Close ();
}
}
}
}
The data validation statement with parameters needs to call this method for validation
private static void PrepareCommand (SqlCommand cmd, SqlConnection conn, sqltransaction trans, string cmdtext, SqlParameter [] cmdparms)
{
IF (Conn. State = ConnectionState.Open)
Conn. Open ();
Cmd. Connection = conn;
Cmd.commandtext = Cmdtext;
if (trans! = null)
Cmd. Transaction = trans;
Cmd.commandtype = Commandtype.text;//cmdtype;
if (cmdparms! = null)
{
foreach (SqlParameter parameter in cmdparms)
{
if (parameter. Direction = = Parameterdirection.inputoutput | | Parameter. Direction = = ParameterDirection.Input) &&
(parameter. Value = = null))
{
Parameter. Value = DBNull.Value;
}
Cmd. Parameters.Add (parameter);
}
}
}
Full definition of. NET with parameter SQL statements