values(@ID,@name)与 values(1,'username')有什么区别
如果说我的 表是 table字段 ID,name我之前写代码插入数据库都是写
insert into table (ID,name) values(1,'yz');---》直接插入的值,
现在看到他们写的代码是
insert into table values(@ID,@name);
(@ID,@name)是什么意思,根据什么来的?
我不懂这个是什么意思? --------------------编程问答-------------------- 参数化提高安全性
string sql = "INSERT into " + _TableName + " (Id,NAME) VALUES (@Id, @name)";
SqlParameter[] paras =new SqlParameter[2];
paras[0] = new SqlParameter("@ID", SqlDbType.NVarChar);
paras[0].Value = 1;
paras[1] = new SqlParameter("@NAME", SqlDbType.Int);
paras[1].Value = "";
--------------------编程问答-------------------- 请教c#:箱排序,桶排序,堆排序写法
冒泡排序,插入排序,希尔排序,快速排序,基数排序
--------------------编程问答--------------------
/// <summary>
/// 冒泡排序
/// </summary>
/// <param name="arr"></param>
public void Sort(int[] arr)
{
for (int i = arr.Length - 1; i > 0; i--)
{
for (int j = 0; j < i; j++)
{
if (arr[i] < arr[j])
{
int temp = arr[i];
arr[i] = arr[j];
arr[j] = temp;
}
}
}
}
/// <summary>
/// 插入排序
/// </summary>
/// <param name="arr"></param>
public void Sort(int[] arr)
{
for (int i = 1; i < arr.Length; i++)
{
int t = arr[i];
int j = i;
while ((j > 0) && (arr[j - 1] > t))
{
arr[j] = arr[j - 1];//交换顺序
--j;
}
arr[j] = t;
}
}
/// <summary>
/// 快速排序
/// </summary>
/// <param name="list"></param>
/// <param name="low"></param>
/// <param name="high"></param>
public void Sort(int[] list, int low, int high)
{
int pivot;
int l, r;
int mid;
if (high <= low)
return;
else if (high == low + 1)
{
if (list[low] > list[high])
Swap(ref list[low], ref list[high]);
return;
}
mid = (low + high) >> 1;
pivot = list[mid];
Swap(ref list[low], ref list[mid]);
l = low + 1;
r = high;
do
{
while (l <= r && list[l] < pivot)
l++;
while (list[r] >= pivot)
r--;
if (l < r)
Swap(ref list[l], ref list[r]);
} while (l < r);
list[low] = list[r];
list[r] = pivot;
if (low + 1 < r)
Sort(list, low, r - 1);
if (r + 1 < high)
Sort(list, r + 1, high);
}
/// <summary>
/// 交换位置ExchageValue
/// </summary>
/// <param name="l"></param>
/// <param name="r"></param>
private void Swap(ref int l, ref int r)
{
int temp;
temp = l;
l = r;
r = temp;
}
/// <summary>
/// 希尔排序
/// </summary>
/// <param name="arr"></param>
public void Sort(int[] arr)
{
int inc;
for (inc = 1; inc <= arr.Length / 9; inc = 3 * inc + 1) ;
for (; inc > 0; inc /= 3)
{
for (int i = inc + 1; i <= arr.Length; i += inc)
{
int t = arr[i - 1];
int j = i;
while ((j > inc) && (arr[j - inc - 1] > t))
{
arr[j - 1] = arr[j - inc - 1];//交换数据
j -= inc;
}
arr[j - 1] = t;
}
}
}
/// <summary>
/// 基数排序
/// </summary>
/// <param name="arr"></param>
/// <param name="digit"></param>
/// <returns></returns>
public int[] Sort(int[] arr, int digit)
{
//low to high digit
for (int k = 1; k <= digit; k++)
{
//temp array to store the sort result inside digit
int[] tmpArray = new int[arr.Length];
//temp array for countingsort
int[] tmpCountingSortArray = new int[10] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
//CountingSort
for (int i = 0; i < arr.Length; i++)
{
//split the specified digit from the element
int tmpSplitDigit = arr[i] / (int)Math.Pow(10, k - 1) - (arr[i] / (int)Math.Pow(10, k)) * 10;
tmpCountingSortArray[tmpSplitDigit] += 1;
}
for (int m = 1; m < 10; m++)
{
tmpCountingSortArray[m] += tmpCountingSortArray[m - 1];
}
//output the value to result
for (int n = arr.Length - 1; n >= 0; n--)
{
int tmpSplitDigit = arr[n] / (int)Math.Pow(10, k - 1) - (arr[n] / (int)Math.Pow(10, k)) * 10;
tmpArray[tmpCountingSortArray[tmpSplitDigit] - 1] = arr[n];
tmpCountingSortArray[tmpSplitDigit] -= 1;
}
//copy the digit-inside sort result to source array
for (int p = 0; p < arr.Length; p++)
{
arr[p] = tmpArray[p];
}
}
return arr;
}
请教i --------------------编程问答-------------------- .. --------------------编程问答-------------------- insert into table values(@ID,@name);
这是参数方式
用这个可以避免注入 --------------------编程问答--------------------
请问如何把例如姓名文本框TextBox1中的值传入到@name --------------------编程问答-------------------- com.Parameters.AddWithValue("@name","txtUserName.text");
补充:.NET技术 , ASP.NET
