delphi - 如何将字符串参数传递给 TADOQuery？

Question

使用德尔福 2010

谁能告诉我我的代码在这里做错了什么。注释显示了我使用尝试将参数传递给 ADOQuery 的特定方法时收到的错误

procedure CreateAdminLogin(const APasswd: string);
var
  qry: TADOQuery;
  //P1, P2: TParameter;
begin
  qry := TADOQuery.Create(nil);
  try
    qry.Connection := frmDataModule.conMain;
    qry.SQL.Text := 'INSERT INTO Users (User_Id, Password) VALUES (:u, :p)';

    //Syntax error in INTO statement
    qry.Parameters.ParamByName('u').Value:= 'Admin';
    qry.Parameters.ParamByName('p').Value:= GetMd5(APasswd);


    //invalid variant operation
    {qry.Parameters.ParamByName('u').Value.AsString:= 'Admin';
    qry.Parameters.ParamByName('p').Value.AsString:= GetMd5(APasswd);}

    //invalid variant operation
    {P1:= qry.Parameters.ParamByName('u');
    P1.Value.asString:= 'Admin';
    P2:= qry.Parameters.ParamByName('p');
    P2.Value.asString:= GetMd5(APasswd);}


    qry.Prepared := True;
    qry.ExecSQL;
  finally
    qry.Free;
  end;

end;

注意：GetMD5 声明如下

function GetMd5(const Value: String): string;
var
  hash: MessageDigest_5.IMD5;
  fingerprint: string;
begin
  hash := MessageDigest_5.GetMd5();
  hash.Update(Value);
  fingerprint := hash.AsString();
  Result := fingerprint;
end;

谢谢

Answer 1

这对我来说很好，使用DBDemos.MDBDelphi 附带的文件（C:\Users\Public\Documents\RAD Studio\9.0\Samples\Data\dbdemos.mdb默认安装）

ADOQuery1.SQL.Clear;
ADOQuery1.SQL.Add('INSERT INTO Country (Name, Capital, Continent, Area, Population)');
ADOQuery1.SQL.Add('VALUES (:Name, :Capital, :Continent, :Area, :Population)');

ADOQuery1.Parameters.ParamByName('Name').Value := 'SomePlace';
ADOQuery1.Parameters.ParamByName('Capital').Value := 'Pitsville';
ADOQuery1.Parameters.ParamByName('Continent').Value := 'Floating';
ADOQuery1.Parameters.ParamByName('Area').Value := 1234;
ADOQuery1.Parameters.ParamByName('Population').Value := 56;
ADOQuery1.ExecSQL;
ADOQuery1.Close;

// Open it to read the data back
ADOQuery1.SQL.Text := 'SELECT * FROM Country WHERE Name = :Name';
ADOQuery1.Parameters.ParamByName('Name').Value := 'SomePlace';
ADOQuery1.Open;
ShowMessage(ADOQuery1.FieldByName('Name').AsString);

Answer 2

对于使用like额外的东西要知道：

像这样的数据源 SQL

select * from Table where Phone like :param

DataModule.findQuery.Parameters.ParamByName('param').Value:= '%%'+yourEdit.Text + '%%';

Answer 3

您应该首先创建参数：

procedure CreateAdminLogin(const APasswd: string);
var
  qry: TADOQuery;
begin
  qry := TADOQuery.Create(nil);
  try

   // this part is missed in your code
   with qry.Parameters.AddParameter do
    begin
      Name := 'u';
      DataType := ftString;
    end;
    with qry.Parameters.AddParameter do
    begin
      Name := 'p';
      DataType := ftString;
    end;

    qry.Connection := frmDataModule.conMain;
    qry.SQL.Text := 'INSERT INTO Users (User_Id, Password) VALUES (:u, :p)';

    // Now it will be ok!
    qry.Parameters.ParamByName('u').Value:= 'Admin';
    qry.Parameters.ParamByName('p').Value:= GetMd5(APasswd);

    qry.Prepared := True;
    qry.ExecSQL;
  finally
    qry.Free;
  end;
end;