sqlhelper语句:
public DataTable ExecuteQuery(string sql, SqlParameter[] paras)
{
DataTable dt = new DataTable();
cmd = new SqlCommand(sql, GetConn());
cmd.Parameters.AddRange(paras);
using (sdr = cmd.ExecuteReader(CommandBehavior.CloseConnection))
{
dt.Load(sdr);
}
return dt;
}
DAO语句
public DataTable SelectByNewId(string newsId)
{
DataTable dt = new DataTable();
string sql = "select * from comment where newsId=@newId";
SqlParameter[] paras = new SqlParameter[] {
new SqlParameter("@newsId",newsId)
};
dt = sqlhelper.ExecuteQuery(sql, paras);
return dt;
}
sql语句中用的是 @newId:
string sql = "select * from comment where newsId=@newId";定义参数用的是 @newsId
new SqlParameter("@newsId",newsId)多一个 s