你的位置:首页 > ASP.net教程

[ASP.net教程]SqlParameter 事务 批量数据插入


不错,很好,以后防注入批量事务提交虽然麻烦点研究了几个小时,但不会是问题了

 

 1  SqlCommand cmd; 2     HelpSqlServer helps = new HelpSqlServer(); 3     //定义SqlParameter数组 4     SqlParameter[] param = new SqlParameter[4]; 5  6  7     protected void Page_Load(object sender, EventArgs e) 8     { 9       var strsql = "";10       for (int i = 0; i < 4; i++)11       {12         strsql += "insert into Questions(PID) values";13         strsql += "(@PID" + i + ");";14 15         param[i] = new SqlParameter("@PID" + i + "", SqlDbType.UniqueIdentifier);16         param[i].Value = Guid.NewGuid();17 18       }19 20       using (SqlConnection conn = new SqlConnection(HelpSqlServer.ConnectionString))21       {22         cmd = new SqlCommand(strsql, conn);23 24 25         conn.Open();26         SqlTransaction transaction = conn.BeginTransaction();27 28         cmd.Transaction = transaction;29         foreach (SqlParameter para in param)30         {31           cmd.Parameters.Add(para);32         }33 34         try35         {36           cmd.ExecuteNonQuery();37           transaction.Commit();38         }39         catch40         {41           transaction.Rollback();42         }43       }44 45     }

View Code