1

我得到错误:

无法将参数值从 SqlParameter 转换为 String。

我传入:

TestUsername,
TestPassword,
TestFirstName,
TestLastName,
TestEmail@Email.Com

代码:

        try
        {

            Console.WriteLine("Inputs: Username, Password, First Name, Last Name, Email");
            Console.WriteLine("Username: ");
            string usernameInput = Console.ReadLine();
            Console.WriteLine("Password: ");
            string passwordInput = Console.ReadLine();
            Console.WriteLine("First Name: ");
            string firstNameInput = Console.ReadLine();
            Console.WriteLine("Last Name: ");
            string lastNameInput = Console.ReadLine();
            Console.WriteLine("Email: ");
            string emailInput = Console.ReadLine();

            SqlCommand createLogin = new SqlCommand("INSERT INTO [dbo].[Users] VALUES ('@username', '@password', '@firstname', '@lastname', '@email')", myConnection.SqlConnection);
            SqlParameter usernameParam = createLogin.Parameters.Add("@username", SqlDbType.VarChar, 40);
            SqlParameter passwordParam = createLogin.Parameters.Add("@password", SqlDbType.VarChar, 50);
            SqlParameter firstNameParam = createLogin.Parameters.Add("@firstname", SqlDbType.VarChar, 40);
            SqlParameter lastNameParam = createLogin.Parameters.Add("@lastname", SqlDbType.VarChar, 40);
            SqlParameter emailParam = createLogin.Parameters.Add("@email", SqlDbType.VarChar, 40);

            usernameParam.Value = usernameInput;
            passwordParam.Value = passwordInput;
            firstNameParam.Value = firstNameInput;
            lastNameParam.Value = lastNameInput;
            emailParam.Value = emailParam;


            createLogin.ExecuteNonQuery();
            Console.WriteLine("Username: {0} with Password: {1} created.", usernameInput, EncDec.Decrypt(passwordInput, "testEncryption"));
        }
        catch (Exception CreateLoginException)
        {
            Console.WriteLine(CreateLoginException);
        }
4

2 回答 2

7

您的参数声明和值设置很好。您的代码的唯一问题是,您将参数括在单引号中,这使其成为字符串而不是参数。删除查询中参数周围的单引号,

SqlCommand createLogin = new SqlCommand(
                 "INSERT INTO [dbo].[Users] 
                  VALUES (@username, @password, @firstname, @lastname, @email",
                 myConnection.SqlConnection);

Command对象会自动为您处理它。

于 2012-10-12T01:01:54.277 回答
1

它应该是

createLogin.Parameters.AddwithValue("@parameter", parametervalue)

并删除其余参数代码。

你不需要那么复杂的使用,AddWithValue而不是Add(

于 2012-10-12T01:05:03.993 回答