1. 首页
  2. 问答
  3. 如何基于用户提供的输入形成sql查询

如何基于用户提供的输入形成sql查询

2016-04-30 96 views
0

我正在创建一个由admin创建用户的创建用户页面。在该页面中,6个字段是强制性的,4个字段是可选的。如何基于用户提供的输入形成sql查询

我很难根据管理员提供的输入来编写sql查询。首先,我必须检查哪些输入是由管理员提供的,然后我必须根据该查询运行查询。由管理员输入的值分配给属性,然后根据属性中存在的值构建查询。

我现在使用效率非常低的代码。它运行良好,但它可以更好。

我插入数据的代码是:

public void InsertData() 
    { 
     try 
     { 
      var cn = ConfigurationManager.AppSettings["SGSDataBase_CN"]; 
      con = new SqlConnection(cn); 
      con.Open(); 

      com = new SqlCommand(); 
      com.Connection = con; 
      com.CommandType = CommandType.Text; 

      if (ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email == null) 
      { 

       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.ExecuteNonQuery(); 
      } 

      else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email == null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.ExecuteNonQuery(); 
      } 

      else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth, @MobileNo)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.ExecuteNonQuery(); 
      } 

      else if (ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth, @MobileNo, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, DateOfBirth, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @DateOfBirth, @MobileNo, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @MobileNo, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if (ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email == null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, DateOfBirth) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @DateOfBirth)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 


      else if(ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @MobileNo)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 

      } 

      else if(ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin,DateOfBirth, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin,@DateOfBirth, @MobileNo)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email == null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, MobileNo) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @MobileNo)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       //com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 


      else if(ClsCreateUsersProperty.ImageArray == null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, DateOfBirth, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @DateOfBirth, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       //com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 


      else if(ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth != null && ClsCreateUsersProperty.PhoneNumber == null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, DateOfBirth, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @DateOfBirth, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       //com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else if (ClsCreateUsersProperty.ImageArray != null && ClsCreateUsersProperty.DateOfBirth == null && ClsCreateUsersProperty.PhoneNumber != null && ClsCreateUsersProperty.Email != null) 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin, Image, MobileNo, Email) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin, @Image, @MobileNo, @Email)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.Parameters.AddWithValue("@Image", ClsCreateUsersProperty.ImageArray); 
       //com.Parameters.AddWithValue("@DateOfBirth", ClsCreateUsersProperty.DateOfBirth); 
       com.Parameters.AddWithValue("@MobileNo", ClsCreateUsersProperty.PhoneNumber); 
       com.Parameters.AddWithValue("@Email", ClsCreateUsersProperty.Email); 
       com.ExecuteNonQuery(); 
      } 

      else 
      { 
       com.CommandText = "INSERT INTO dms.Users_Table (UserId, UserName, Password, Department, CreatedOn, ExpiredOn, IsAdmin) VALUES (@UserID, @UserName, @Password, @Department, @CreatedOn, @ExpiredOn, @IsAdmin)"; 
       com.Parameters.AddWithValue("@UserID", ClsCreateUsersProperty.UserId); 
       com.Parameters.AddWithValue("@UserName", ClsCreateUsersProperty.UserName); 
       com.Parameters.AddWithValue("@Password", ClsCreateUsersProperty.Password); 
       com.Parameters.AddWithValue("@Department", ClsCreateUsersProperty.Department); 
       com.Parameters.AddWithValue("@CreatedOn", ClsCreateUsersProperty.CreatedOn); 
       com.Parameters.AddWithValue("@ExpiredOn", ClsCreateUsersProperty.ExpiredOn); 
       com.Parameters.AddWithValue("@IsAdmin", ClsCreateUsersProperty.IsAdmin); 
       com.ExecuteNonQuery(); 
      } 
     } 
     catch (Exception ex) 
     { 
      throw ex; 
     } 
     finally 
     { 
      if (com != null) 
       com.Dispose(); 

      if (con != null) 
       con.Dispose(); 

      com = null; 
      con = null; 
     } 

    }

请建议执行此操作的有效方式。

在此先感谢

来源

2016-04-30 Jitender Singh

+0

如果将所有的参数可以使用。只需将每个变量声明为空字符串,然后用您需要的数据填充每个变量。执行后,每个空信息将只是一个空字符串。如果他们通过为空只是如果空使它成为'' – Matt

+0

嗨马特说正确的方法为什么你不尝试呢? –

+0

@Matt你可以举一个例子..请... ??? –

回答

0

没有写东西展现出来,这将是想法:

声明空的变量:(?假设你使用的函数)

int UserId = 0; 
string userName = "";

填写变量与您的数据:

private void function(int id, string name, ...further params...) { 
    int UserId = 0; 
    string userName = ""; 

    UserId = (id!=null) ? id : 0; /*Shorthand if statement to handle null values*/ 
    userName = name; 
    /*further params*/

添加到查询:

private void function(int id, string name ...further params...) { 
    int UserId = 0; 
    string userName = ""; 

    int UserID = id; 
    string userName = name; 
    /*further params*/ 

    com.CommandText = "INSERT INTO dms.Users_Table (all of your columns here) VALUES (@UserID, @UserName, ...all params declared above...)"; 
    com.Parameters.AddWithValue("@UserID", UserID); 
    com.Parameters.AddWithValue("@UserName", userName); 
    /*further adding*/ 
}

说完看了看四周,我发现,使用.add().value.AddWithValue更好,所以也许看一看到这个变化,以及

.add()com.Parameters.Add("@UserID", SqlDbType.Int).value = UserID;

来源

2016-04-30 08:27:39 Matt

+0

非常感谢... –

相关问题

 相关问题