你应该
- 在查询中使用 参数 - 总是! - 没有例外
- 创建一个处理 服务器上
IF EXISTS()
零件的单个查询 __ - 使用公认的ADO.NET最佳实践将事物放入
using() {....}块等。
试试下面的代码:
public void SaveData(string filename, string jsonobject){ // define connection string and query string connectionString = "Data Source=.;Initial Catalog=;Integrated Security=True"; string query = @"IF EXISTS(SELECt * FROM dbo.T_Pages WHERe pagename = @pagename) UPDATE dbo.T_Pages SET pageinfo = @PageInfo WHERe pagename = @pagename ELSE INSERT INTO dbo.T_Pages(PageName, PageInfo) VALUES(@PageName, @PageInfo);"; // create connection and command in "using" blocks using (SqlConnection conn = new SqlConnection(connectionString)) using (SqlCommand cmd = new SqlCommand(query, conn)) { // define the parameters - not sure just how large those // string lengths need to be - use whatever is defined in the // database table here! cmd.Parameters.Add("@PageName", SqlDbType.VarChar, 100).Value = filename; cmd.Parameters.Add("@PageInfo", SqlDbType.VarChar, 200).Value = jsonobject; // open connection, execute query, close connection conn.Open(); int rowsAffected = cmd.ExecuteNonQuery(); conn.Close(); }}
