insert into sql db a string that contain special character '

前端未结

关注

 4  1784

抹茶落季 2020-12-22 12:40

i want to insert to a sql table a string that might contain \' character.

what is my best way to do so ? should i insert a \\ before the \' ? here\'s my command i

4条回答

梦毁少年i (楼主)

2020-12-22 13:20

You should be using SqlParameter. http://msdn.microsoft.com/en-us/library/yy6y35y8.aspx

    string query = "insert into ACTIVE.dbo.Workspaces_WsToRefile values(@folderID, @newWorkSpace, @createDate)";

using(SqlCommand cmd = new SqlCommand(query, SqlConnection))
{

    SqlParameter param = new SqlParameter("@folderID", folderId);
    param.SqlDbType = SqlDbType.Int;
    cmd.Parameters.Add(param);
    .....
}

0 讨论(0)

查看其它4个回答