Prepared Statements in VB.NET

前端未结

关注

 3  677

挽巷 2020-12-03 23:11

I am new to prepared statements in vb.net and Microsoft SQL Server 2008. I can\'t really find any good sources for connecting to a database via connection string and executi

3条回答

情书的邮戳 (楼主)

2020-12-03 23:51

Prepared statements are nothing but Parametrized SqlCommands enclosed in a Transaction.

For example, this is a Prepared Statement:

Using c As New SqlConnection(ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString)
   c.Open()
using mytransaction = c.BeginTransaction()

   Dim command = New SqlCommand("INSERT INTO yourtable(image) values (@image)", c)
   ''# this is specific to the FileUploadControl but the idea is to get the
   ''#image in a byte array; however you do it, it doesn't matter
    Dim buffer(FileUpload1.PostedFile.ContentLength) As Byte
    FileUpload1.PostedFile.InputStream.Read(buffer, 0, buffer.Length)
    command.Parameters.AddWithValue("@image", buffer)
    command.ExecuteNonQuery()    
 mytransaction .Commit()
End Using
End Using

0 讨论(0)

查看其它3个回答