string TheName = "David"; string UserTable = "INSERT INTO USER (name) values (TheName)"; SQLiteCommand command2 = new SQLiteCommand(UserTable,m_dbConnection); command2.ExecuteNonQuery();
我想知道是否可以在我的SQLite表中插入变量(如示例代码中的TheName),如果它是如何做到的?
解决方法
您需要参数化查询:
command2.CommandText = "INSERT INTO User (name) VALUES(@param1)"; command2.CommandType = CommandType.Text; command2.Parameters.Add(new SQLiteParameter("@param1",TheName));