Author: David Eulerdate: 2004/11 / 17email: de_euler-david@yahoo.com If you have any questions, please contact me :)
ASP.NET species uses C # to insert record values (Title, Content) [Title, Content) in the Coredb.mybbs table, because content, title may contain single quotes, directly using SQL's INSERT commands will report an error, There are two processing methods, one for replacing single quotes into two single quotes, and the second method is to use a stored procedure.
Table Mybbs is defined as follows: Create Table [DBO]. [Mybbs] ([ID] [Bigint] Identity (1, 1) Not null, [Title] [char] (160) Collate Chinese_PRC_CI_AS NULL, [Author] [char ] (20) COLLATE Chinese_PRC_CI_AS NULL, [Date_of_Created] [datetime] NULL, [Abstract] [char] (480) COLLATE Chinese_PRC_CI_AS NULL, [Content] [ntext] COLLATE Chinese_PRC_CI_AS NOT NULL) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
1. Replace the single quotes with two single quotes: sqlConnection CoredB = new sqlConnection (); COREDB.CONNECTIONSTRING = "Workstation ID = /" gqa-eric-lv / "; packet size = 4096; integrated security = SSPI;" "Data Source = /" GQA-Eric-LV / "; PERSIST Security Info = False; Initial Catalog = Coredb"; // single quotes Replace with "''" to insert 'to SQL Server; string title = textbox1. TEXT.REPLACE ("'", "'"); string content = textBox2.text.replace ("'", "' '"); if (title.trim () == "" || Content.trim ) == "") return; string insertcmd = @ "Insert INTO Mybbs (Title, Content) VALUES ('" Title ",'" Content ")"
Sqlcommand mycommand = new sqlcommand; coredb.open (); sqldataareader myreader = mycommand.executeReader (); myreader.close (); coredb.close (); Coredb.close ();
2, use the stored procedure to insert
1) Create a stored procedure: create proc insertmybbsproc (@title char (20), @AUTHOR CHAR (20), @AUTENT NTEXT) AS INSERT INTO Mybbs (Title, Author, Content) VALUES (@title, @Author, @content) 2) Query analyzer Test stored procedure: declare @Title Char (160) Declare @Author char (20) Declare @Content Char (600) set @ title = 'test title 3'set @ Author =' David Euler 3'set @ Content = 'it is The content 3'exec insertmybbsproc @title, @author, @content
3) C # Perform stored procedure by SQLCOMMAND: SqlConnection CoredB = New SqlConnection (); Coredb.connectionstring = "Workstation ID = /" gqa-eric-lv / "; packet size = 4096; Integrated Security = SSPI;" "Data Source = / "gqa-eric-lv /"; persist security info = false; initial catalog = coredb "; string title = textbox1.text; string content = textbox2.text;
IF (Title.trim () == "" || content.trim () == ""); // INSERTMYBBSPROC is procedure to insert data into Mybbs: SQLCommand INSERTCMD = New SQLCommand ("InsertmybbsProc", CoredB);
insertCMD.CommandType = CommandType.StoredProcedure; // command type is stored procedure; target parameters defined below: SqlParameter prm1 = new SqlParameter ( "@ Title", SqlDbType.Char, 160); SqlParameter prm2 = new SqlParameter ( "@ Author", SqlDbType.Char, 20); SqlParameter prm3 = new SqlParameter ( "@ Content", SqlDbType.NText, 1073741823); prm1.Direction = ParameterDirection.Input; prm2.Direction = ParameterDirection.Input; prm3.Direction = ParameterDirection.Input; / / Add SQL parameters for INSERTCMD: INSERTCMD.Parameters.Add (prm1); INSERTCMD.Parameters.Add (PRM2); INSERTCMD.Parameters.Add (PRM3); / / For SQL parameter: prm1.value = title; prm2.value = "David Euler"; prm3.value = content; coredb.open (); int recordsaffected = INSERTCMD.EXECUTENONQUERY (); if (Recordsaffected == 1) Response.write ("
