blocks|key|1080338|text|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1080339|，因为当有‘字符时，代码将失败|blockquote|1080340|1080341|1080342|然后试试这个：|1080343|internal+bool+AddRecord()
++++++++{
+++++++++++++string+SQL+=+"exec+SqlInsert+";

+++++++++++++SQL+%2B=+"'"+%2B+PrepeareForSql(_sqlComputer)+%2B+"',+";
+++++++++++++SQL+%2B=+"'"+%2B+PrepeareForSql(_lastUpdatedBy)+%2B+"',+";
+++++++++++++SQL+%2B=+"'"+%2B+DateTime.Now+%2B+"',+";
+++++++++++++SQL+%2B=+"'"+%2B+PrepeareForSql(_softwareName)+%2B+"'+";

+++++++++++++return+SqlDatabase.Overig(SQL);
++++++++}

private+string+PrepeareForSql(string+s)
{
+++return+s.Replace("'","''");
}|code-block|syntax|javascript|1080344|entityMap^0|0|0|0|0|0|0^^$0|@$1|2|3|-4|4|5|6|O|7|@]|8|@]|9|$]]|$1|A|3|B|4|C|6|P|7|@]|8|@]|9|$]]|$1|D|3|-4|4|5|6|Q|7|@]|8|@]|9|$]]|$1|E|3|-4|4|5|6|R|7|@]|8|@]|9|$]]|$1|F|3|G|4|5|6|S|7|@]|8|@]|9|$]]|$1|H|3|I|4|J|6|T|7|@]|8|@]|9|$K|L]]|$1|M|3|-4|4|5|6|U|7|@]|8|@]|9|$]]]|N|$]]

<blockquote>
 Because when there is a ' character then the code will fail
</blockquote>

Then try this:

<pre><code>internal bool AddRecord()
 {
 string SQL = "exec SqlInsert ";

 SQL += "'" + PrepeareForSql(_sqlComputer) + "', ";
 SQL += "'" + PrepeareForSql(_lastUpdatedBy) + "', ";
 SQL += "'" + DateTime.Now + "', ";
 SQL += "'" + PrepeareForSql(_softwareName) + "' ";

 return SqlDatabase.Overig(SQL);
 }

private string PrepeareForSql(string s)
{
 return s.Replace("'","''");
}
</code></pre>

blocks|key|3205719|text|像这样|type|unstyled|depth|inlineStyleRanges|entityRanges|data|3205720|SqlCommand+cmd+=+new+SqlCommand("SqlInsert",+sqlCon);
cmd.CommandType+=+CommandType.StoredProcedure;
cmd.Parameters.Add("@Param1",+SqlDbType.VarChar,+25).Value+=+_sqlComputer+;
cmd.Parameters.Add("@Param2",+SqlDbType.VarChar,+50).Value+=+_lastUpdatedBy+;
cmd.Parameters.Add("@Param3",+SqlDbType.DateTime).Value+=+DateTime.Now
cmd.Parameters.Add("@Param4",+SqlDbType.Varchar,50).Value+=+_softwareName+;

sqlCon.Open();
SqlDataReader+dr+=+cmd.ExecuteReader();
DataTable+dt+=+new+DataTable();
dt.Load(dr);
sqlCon.Close();
dr.Dispose();
cmd.Dispose();|code-block|syntax|javascript|3205721|根据您的需求进行编辑|offset|length|style|BOLD|3205722|而不是像这样传递值|3205723|SqlDatabase.Overig(SQL);|3205724|执行此操作|3205725|SqlDatabase.Overig(_sqlComputer,_lastUpdatedBy,DateTime.Now,_softwareName);|3205726|并在Overig方法中进行更改，如|3205727|Overig(String+sqlCom,+string+UpdatedBy,+DateTime+dat,+string+software)
{
SqlCommand+cmd+=+new+SqlCommand("SqlInsert",+sqlCon);
cmd.CommandType+=+CommandType.StoredProcedure;
cmd.Parameters.Add("@Param1",+SqlDbType.VarChar,+25).Value+=+sqlCom;
cmd.Parameters.Add("@Param2",+SqlDbType.VarChar,+50).Value+=+UpdatedBy;
cmd.Parameters.Add("@Param3",+SqlDbType.DateTime).Value+=+dat
cmd.Parameters.Add("@Param4",+SqlDbType.Varchar,50).Value+=+software;

sqlCon.Open();
SqlDataReader+dr+=+cmd.ExecuteReader();
DataTable+dt+=+new+DataTable();
dt.Load(dr);
sqlCon.Close();
dr.Dispose();
cmd.Dispose();

+}|3205728|entityMap^0|0|0|0|A|0|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|10|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|11|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|12|8|@$I|13|J|14|K|L]]|9|@]|A|$]]|$1|M|3|N|5|6|7|15|8|@]|9|@]|A|$]]|$1|O|3|P|5|D|7|16|8|@]|9|@]|A|$E|F]]|$1|Q|3|R|5|6|7|17|8|@]|9|@]|A|$]]|$1|S|3|T|5|D|7|18|8|@]|9|@]|A|$E|F]]|$1|U|3|V|5|6|7|19|8|@]|9|@]|A|$]]|$1|W|3|X|5|D|7|1A|8|@]|9|@]|A|$E|F]]|$1|Y|3|-4|5|6|7|1B|8|@]|9|@]|A|$]]]|Z|$]]

Like this

<pre><code>SqlCommand cmd = new SqlCommand("SqlInsert", sqlCon);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@Param1", SqlDbType.VarChar, 25).Value = _sqlComputer ;
cmd.Parameters.Add("@Param2", SqlDbType.VarChar, 50).Value = _lastUpdatedBy ;
cmd.Parameters.Add("@Param3", SqlDbType.DateTime).Value = DateTime.Now
cmd.Parameters.Add("@Param4", SqlDbType.Varchar,50).Value = _softwareName ;

sqlCon.Open();
SqlDataReader dr = cmd.ExecuteReader();
DataTable dt = new DataTable();
dt.Load(dr);
sqlCon.Close();
dr.Dispose();
cmd.Dispose();
</code></pre>

Edit As Per Your Requirement

Instead of Passing Values like

<pre><code>SqlDatabase.Overig(SQL);
</code></pre>

Do this

<pre><code>SqlDatabase.Overig(_sqlComputer,_lastUpdatedBy,DateTime.Now,_softwareName);
</code></pre>

and make changes in Overig method like

<pre><code>Overig(String sqlCom, string UpdatedBy, DateTime dat, string software)
{
SqlCommand cmd = new SqlCommand("SqlInsert", sqlCon);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@Param1", SqlDbType.VarChar, 25).Value = sqlCom;
cmd.Parameters.Add("@Param2", SqlDbType.VarChar, 50).Value = UpdatedBy;
cmd.Parameters.Add("@Param3", SqlDbType.DateTime).Value = dat
cmd.Parameters.Add("@Param4", SqlDbType.Varchar,50).Value = software;

sqlCon.Open();
SqlDataReader dr = cmd.ExecuteReader();
DataTable dt = new DataTable();
dt.Load(dr);
sqlCon.Close();
dr.Dispose();
cmd.Dispose();

 }
</code></pre>

blocks|key|1362785|text|处理‘的一个简单方法是添加.Replace("'"，"''")。这将替换SQL可以处理的“with”的所有实例。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1362786|SQL+%2B=+"'"+%2B+_sqlComputer.Replace("'",+"''")+%2B+"',+";
SQL+%2B=+"'"+%2B+_lastUpdatedBy.Replace("'",+"''")+%2B+"',+";
SQL+%2B=+"'"+%2B+DateTime.Now+%2B+"',+";
SQL+%2B=+"'"+%2B+_softwareName.Replace("'",+"''")+%2B+"'+";|code-block|syntax|javascript|1362787|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|I|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|J|8|@]|9|@]|A|$E|F]]|$1|G|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|H|$]]

A simple way to handle ' is just to add .Replace("'", "''"). This will replace all instances of ' with '' which SQL can handle.

<pre><code>SQL += "'" + _sqlComputer.Replace("'", "''") + "', ";
SQL += "'" + _lastUpdatedBy.Replace("'", "''") + "', ";
SQL += "'" + DateTime.Now + "', ";
SQL += "'" + _softwareName.Replace("'", "''") + "' ";
</code></pre>

blocks|key|1366500|text|如果通过构建SQLCommand对象并向其添加参数来执行SQL，则使用特殊字符作为参数会更容易。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1366501|在这个相关的问题中有一个很好的例子来说明如何做到这一点：Call+a+stored+procedure+with+parameter+in+c#|offset|length|1366502|entityMap|0|LINK|mutability|MUTABLE|url|https://stackoverflow.com/questions/7542517/call-a-stored-procedure-with-parameter-in-c-sharp^0|0|S|18|0|0^^$0|@$1|2|3|4|5|6|7|N|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|O|8|@]|9|@$D|P|E|Q|1|R]]|A|$]]|$1|F|3|-4|5|6|7|S|8|@]|9|@]|A|$]]]|G|$H|$5|I|J|K|A|$L|M]]]]

If you execute the SQL by building a SQLCommand object and adding parameters to it, it'll be easier to use special characters as parameters.

There's a good example of how to do this in this related question: <a href="https://stackoverflow.com/questions/7542517/call-a-stored-procedure-with-parameter-in-c-sharp">Call a stored procedure with parameter in c#</a>

I have a problem with a special character. Because when there is a ' character then the code will fail. How can I make it work with special characters by using a stored procedure below.

<pre><code> internal bool AddRecord()
 {
 string SQL = "exec SqlInsert ";

 SQL += "'" + _sqlComputer + "', ";
 SQL += "'" + _lastUpdatedBy + "', ";
 SQL += "'" + DateTime.Now + "', ";
 SQL += "'" + _softwareName + "' ";

 return SqlDatabase.Overig(SQL);
 }
</code></pre>

Stored procedure is failing when one of the values contains specials characters

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

我对一个特殊的角色有个问题。因为当有‘字符时，代码将失败。如何通过使用下面的存储过程使其与特殊字符一起工作。        internal bool AddRecord()        {             string SQL = "exec SqlInsert ";             SQL += ...

问当其中一个值包含特殊字符时，存储过程将失败
EN

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问当其中一个值包含特殊字符时，存储过程将失败EN