如何在C＃中直接执行SQL查询？

若要直接从C＃中执行命令，可以使用SqlCommand类。

使用参数化的SQL（以避免注入攻击）的快速示例代码可能如下所示：

string queryString = "SELECt tPatCulIntPatIDPk, tPatSFirstname, tPatSName, tPatDBirthday  FROM  [dbo].[TPatientRaw] WHERe tPatSName = @tPatSName";string connectionString = "Server=.PDATA_SQLEXPRESS;Database=;User Id=sa;Password=2BeChanged!;";using (SqlConnection connection = new SqlConnection(connectionString)){    SqlCommand command = new SqlCommand(queryString, connection);    command.Parameters.AddWithValue("@tPatSName", "Your-Parm-Value");    connection.Open();    SqlDataReader reader = command.ExecuteReader();    try    {        while (reader.Read())        { Console.WriteLine(String.Format("{0}, {1}", reader["tPatCulIntPatIDPk"], reader["tPatSFirstname"]));// etc        }    }    finally    {        // Always call Close when done reading.        reader.Close();    }}