在我的项目中,我需要记录针对我的数据库执行的所有查询.作为示例,我们可以在此处使用人员用户数据.在该类中,我有一个函数生成带有如下参数的命令:
Public Function SQLUpdate(ByVal conn As SqlClient.SqlConnection) As SqlClient.SqlCommand Implements IDbConnected.SQLUpdate
Dim sqlstatement As String = "UPDATE Persons SET Active=@act, Abbreviation=@abbr, FirstName=@first, LastName=@last, " & _
"Birthday=@bday, Email=@email,Tel=@tel, Fax=@fax, Registered=@reg, Admin=@adm"
sqlstatement &= " WHERE ID=" & Me.ID
Dim comm As New SqlClient.SqlCommand(sqlstatement, conn)
With comm.Parameters
.Add("@act", SqlDbType.Bit).Value = Me.Active
.Add("@abbr", SqlDbType.VarChar).Value = Me.Abbreviation
.Add("@first", SqlDbType.VarChar).Value = Me.FirstName
.Add("@last", SqlDbType.VarChar).Value = Me.LastName
.Add("@bday", SqlDbType.SmallDateTime).Value = Me.Birthday
.Add("@email", SqlDbType.VarChar).Value = Me.Email
.Add("@tel", SqlDbType.VarChar).Value = Me.Telephone
.Add("@fax", SqlDbType.VarChar).Value = Me.Fax
.Add("@reg", SqlDbType.Bit).Value = Me.Registered
.Add("@adm", SqlDbType.Bit).Value = Me.Administrator
End With
Return comm
End Function
当我请求命令文本时
comm.CommandText
然后我仍然得到参数化查询
UPDATE Persons SET Active = @ act,Abbreviation = @ abbr,FirstName = @ first,LastName = @ last,Birthday = @ bday,Email = @ email,Tel = @ tel,Fax = @ fax,Registered = @ reg,Admin = @adm WHERE ID = 2
当然我需要查询,其中参数被值替换.有没有一种简单的方法可以做到这一点,还是我需要编写一个自己进行替换的函数?
查询以参数作为参数下载到服务器(这有助于重新使用安全性和查询计划).因此,不需要你要求存在的东西 - 因此它不存在.
就个人而言,即使在伐木时我也不会取而代之; 我只需在记录时附加名称/值对,即记录如下内容:
UPDATE Persons SET Active = @ act,Abbreviation = @ abbr,FirstName = @ first,LastName = @ last,Birthday = @ bday,Email = @ email,Tel = @ tel,Fax = @ fax,Registered = @ reg,Admin = @adm WHERE ID = 2 || @ act = 1 @ abbr = mjg @ first = Fred ...
| 归档时间: |
|
| 查看次数: |
141 次 |
| 最近记录: |