这是参数化查询吗

这是参数化查询吗

本文介绍了这是参数化查询吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

这是参数化查询吗?以下是代码

-------------------------------------- ----------------------

Is this a parameterized query ? Below is the code
------------------------------------------------------------

Try
            con.Open()
            ss = "UPDATE emp_master set empid=@empid,empname=@empname,pfno=@pfno,dob=@dob,gender=@gender,contact=@contact,email=@email,doj=@doj," & _
                "address=@address,edu=@edu,nationality=@nationality,bloodgroup=@bloodgroup,desig=@desig,exp=@exp,salary=@salary,dept=@dept,pic=@pic,usertype=@usertype WHERE empid=" & txtempid.Text & ""
            com = New SqlCommand(ss, con)
            com.Parameters.AddWithValue("@empid", txtempid.Text)
            com.Parameters.AddWithValue("@empname", txtename.Text)
            com.Parameters.AddWithValue("@pfno", txtpfno.Text)
            com.Parameters.AddWithValue("@dob", dtpdob.Value.Date)
            com.Parameters.AddWithValue("@gender", g)
            com.Parameters.AddWithValue("@contact", txtcontact.Text)
            com.Parameters.AddWithValue("@email", txtemail.Text)
            com.Parameters.AddWithValue("@doj", dtpdoj.Value.Date)
            com.Parameters.AddWithValue("@address", txtaddress.Text)
            com.Parameters.AddWithValue("@edu", txtedu.Text)
            com.Parameters.AddWithValue("@nationality", txtNation.Text)
            com.Parameters.AddWithValue("@bloodgroup", cmb_Bloodgrp.Text)
            com.Parameters.AddWithValue("@desig", txtdesig.Text)
            com.Parameters.AddWithValue("@exp", txtexp.Text)
            com.Parameters.AddWithValue("@salary", txtsalary.Text)
            com.Parameters.AddWithValue("@dept", txtdept.Text)
            com.Parameters.AddWithValue("@pic", arrImg)
            com.Parameters.AddWithValue("@usertype", Cmb_utype.Text)
            com.ExecuteNonQuery()
            MsgBox("Data Updated Successfully !", MsgBoxStyle.Information, MsgBoxStyle.OkCancel)
        Catch ex As Exception
            MsgBox(ex.Message())
        Finally
            con.Close()
        End Try

推荐答案



这篇关于这是参数化查询吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-29 04:13