我使用 c# 动态对象(这里是 'string,string' 字典 - 'sql_fields_name,value_to_insert' )创建了 Sql Update 过程,效果很好。
public static string sp_UpdateDB(int ID, dynamic a, string procName, string connString)// update using stored procedures
{
string resp=string.Empty;
string conn_string = ConfigurationManager.AppSettings.Get(connString);
using (System.Data.SqlClient.SqlConnection conn = new SqlConnection(conn_string))
{
try
{
conn.Open();
SqlCommand cmd = new SqlCommand(procName, conn);
cmd.CommandType = CommandType.StoredProcedure;
// set id of updated record
cmd.Parameters.Add(new SqlParameter("@ID", SqlDbType.Int));
cmd.Parameters["@ID"].Value = ID;
// set all fields and values
var attribList = a.Keys;
foreach (var entry in attribList)
{
cmd.Parameters.Add(new SqlParameter("@" + entry, SqlDbType.NVarChar, -1));
cmd.Parameters["@" + entry].Value = (a[entry] == "") ? (object)System.DBNull.Value : a[entry];
}
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
resp += ex.Message;
}
}
return resp;
}
和 Sql 服务器过程
ALTER PROCEDURE [dbo].[UpdateDB]
-- Add the parameters for the stored procedure here
@ID int = null
,@JSON_Content nvarchar(max)= NULL
,@number nvarchar(max)= NULL
,@email nvarchar(max)= NULL
,@first_name nvarchar(max)= NULL
,@JSON_changes nvarchar(max)= NULL
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
-- Insert statements for procedure here
UPDATE [Intranet].[dbo].[Applications]
SET
[JSON_Content] = ISNULL(@JSON_Content ,[JSON_Content])
,[staff_number] = ISNULL(@staff_number ,[staff_number])
,[staff_email] = ISNULL(@staff_email ,[staff_email])
,[first_name] = ISNULL(@first_name ,[first_name])
,[JSON_changes] = ISNULL(@JSON_changes ,[JSON_changes])
WHERE
[ID]=@ID
END
现在,我想用 insert into 做同样的事情,但我被卡住了。有人可以把我引向正确的方向吗?我只有 c# 版本,我无法将其作为 sql 存储过程。
现在的代码:
public static string insertDB(dynamic a, out int id, string tableName, string connString)
{
string resp = "";
string strSQL = "";
id = 0;
try
{
var attribList = a.Keys;
string updateFields = "";
string updateValues = "";
foreach (var entry in attribList)
{
if (updateFields != "")
updateFields += ",";
if (updateValues != "")
updateValues += ",";
updateFields += "[" + entry + "]";
updateValues += "'" + a[entry] + "'";
}
string conn_string = ConfigurationManager.AppSettings.Get(connString);
SqlConnection conn = new SqlConnection(conn_string);
conn.Open();
strSQL = "insert into " + tableName + " ( " + updateFields + " ) VALUES ( " + updateValues + " )";
SqlCommand pushCommand = new SqlCommand(strSQL, conn);
pushCommand.ExecuteNonQuery();
pushCommand.CommandText = "Select @@Identity"; // get the just created record's ID
id = System.Convert.ToInt32(pushCommand.ExecuteScalar());
conn.Close();
}
catch (Exception ex) { resp += ex.ToString()+" id:"+id.ToString() + " " + strSQL; }
return resp;
}