string strsql = "Insert into News(TypeId,NewsCaption,NewsContent) values(@TypeId,@NewsCaption,@NewsContent)";
   sqlParameter[] paras ={
    new sqlParameter("@TypeId",sqlDbType.Int),
    new sqlParameter("@NewsCaption",sqlDbType.NVarChar,200),
    new sqlParameter("@NewsContent",sqlDbType.NText)
   };
   paras[0].Value = typeId;
   paras[1].Value = caption;
   paras[2].Value = content;

   int rows = new sqlHelp().ExecuteNonQuery(strsql,paras);

public sqlHelp() {
      connString = ConfigurationManager.AppSettings["sqlServer2005dbname"];

 }

public int ExecuteNonQuery(string strQuery,sqlParameter[] paras) {
  int rows = 0; //影响行数
  try {
   using (sqlConnection conn = new sqlConnection(connString)) {
    using (sqlCommand command = new sqlCommand()) {
     PrepareCommand(conn,command,strQuery,paras);
     rows = command.ExecuteNonQuery();
     return rows;
    }
   }
  } catch {
   throw;
  }
 }

//带参数的DML操作  private void PrepareCommand(sqlConnection conn,sqlCommand command,string strQuery,sqlParameter[] paras) {   if (conn.State != ConnectionState.Open) {    conn.open();   }   command.Connection = conn;   command.CommandText = strQuery;   command.CommandType = CommandType.Text;   if (paras != null) {    foreach (sqlParameter parm in paras)     command.Parameters.Add(parm);   }  }