Sql参数化 添加
Repository层
添加需要的类
然后在类里面实例化需要用到的上下文
接下来写方法
1 public int AddUserInfo(UserInfo userInfo) { 2 try 3 { 5 //SQL 6 //return db.Database.ExecuteSqlCommand($"insert into UserInfo values('{userInfo.Uname}','{userInfo.Upwd}','{userInfo.Udell}','{userInfo.Usex}','{userInfo.Email}','{userInfo.Utime}')"); 7 8 SqlParameter[] sqls = { 9 new SqlParameter("@Uname",userInfo.Uname), 10 new SqlParameter("@Upwd",userInfo.Upwd), 11 new SqlParameter("@Udell",userInfo.Udell), 12 new SqlParameter("@Usex",userInfo.Usex), 13 new SqlParameter("@Email",userInfo.Email), 14 new SqlParameter("@Utime",userInfo.Utime) 15 }; 16 17 return db.Database.ExecuteSqlCommand($"insert into UserInfo values(@Uname,@Upwd,@Udell,@Usex,@Email,@Utime)",sqls); 19 20 } 21 catch (Exception) 22 { 23 24 throw; 25 } 26 }
浙公网安备 33010602011771号