private void AddStudent(){
string strName =txtName.Text.Trim();
string strPwd = txtPwd.Text.Trim();
string strSql ="insert into Student (name,pwd) values(@name,@pwd) ";
SqlConnection conn = new SqlConnection(" server=.;database=TestDB;uid=sa;pwd=pwd123 ");
SqlCommand cmd = new SqlCommand(strSql,conn);
//参数数组 对应Sql语句中的参数
SqlParameter [] paras ={
new SqlParameter("@name",strName),
new SqlParameter("@pwd",strPwd)
};
cmd.Parameters.AddRange(paras);
conn.Open();
int result = Convert.ToInt32(cmd.ExecuteScalar());
conn.Close();
if(result>0){
...
}eles{
...
}
}
原文:http://www.cnblogs.com/zhangruiBlog/p/4251678.html