惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Security Affairs
N
News and Events Feed by Topic
T
Tenable Blog
P
Proofpoint News Feed
W
WeLiveSecurity
Simon Willison's Weblog
Simon Willison's Weblog
Google DeepMind News
Google DeepMind News
C
CERT Recently Published Vulnerability Notes
Help Net Security
Help Net Security
I
Intezer
T
Threat Research - Cisco Blogs
S
Secure Thoughts
C
Cyber Attacks, Cyber Crime and Cyber Security
L
Lohrmann on Cybersecurity
AWS News Blog
AWS News Blog
Google Online Security Blog
Google Online Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Project Zero
Project Zero
The Hacker News
The Hacker News
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Tor Project blog
N
News | PayPal Newsroom
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Hacker News - Newest:
Hacker News - Newest: "LLM"
A
Arctic Wolf
Forbes - Security
Forbes - Security
O
OpenAI News
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Latest
Security Latest
P
Palo Alto Networks Blog
S
Schneier on Security
S
Securelist
C
Cybersecurity and Infrastructure Security Agency CISA
H
Heimdal Security Blog
V
Vulnerabilities – Threatpost
www.infosecurity-magazine.com
www.infosecurity-magazine.com
博客园_首页
T
Troy Hunt's Blog
Latest news
Latest news
Recent Announcements
Recent Announcements
MyScale Blog
MyScale Blog
人人都是产品经理
人人都是产品经理
L
LINUX DO - 热门话题
M
MIT News - Artificial intelligence
N
Netflix TechBlog - Medium
V
Visual Studio Blog
H
Hacker News: Front Page

博客园 - 江宇旋

查询反模式 - GroupBy、HAVING的理解 T-SQL 公用表表达式(CTE) SQL语句 - 嵌套查询 SQL 操作结果集 -并集、差集、交集、结果集排序 疑难杂症 - SQL语句整理 SQL查询 - 表连接 SQL语句 - 数据操作 SQL语句 - 基本查询 SQL Server 事务语法 SQL 存储过程入门(事务)(四) SQL Server 中的事务与事务隔离级别以及如何理解脏读, 未提交读,不可重复读和幻读产生的过程和原因 SQL Server 的事务和锁(二)-Range S-S锁 SQL Server 的事务和锁(一) winform窗体间传值 C#获取存储过程的 Return返回值和Output输出参数值 SQL函数说明大全 C#操作字符串方法总结<转> C#调用存储过程带输出参数或返回值 车辆售票坐位图
C#操作SQL Server通用类
江宇旋 · 2016-01-24 · via 博客园 - 江宇旋

using System;

using System.Data;

using System.Configuration;

using System.Web;

using System.Web.Security;

using System.Collections;

using System.Data.SqlClient;

/// <summary>

/// 数据库的通用访问代码

/// 此类为抽象类,不允许实例化,在应用时直接调用即可

/// </summary>

public abstract class SqlHelper

{

    public static readonly string ConnectionStringLocalTransaction = ConfigurationManager.ConnectionStrings["pubsConnectionString"].ConnectionString;

    private static Hashtable parmCache = Hashtable.Synchronized(new Hashtable());

    /// <summary>

    ///执行一个不需要返回值的SqlCommand命令,通过指定专用的连接字符串。

    /// 使用参数数组形式提供参数列表

    /// </summary>

    /// <remarks>

    /// 使用示例:

    ///  int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));

    /// </remarks>

    /// <param name="connectionString">一个有效的数据库连接字符串</param>

    /// <param name="commandType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="commandText">存储过程的名字或者 T-SQL 语句</param>

    /// <param name="commandParameters">以数组形式提供SqlCommand命令中用到的参数列表</param>

    /// <returns>返回一个数值表示此SqlCommand命令执行后影响的行数</returns>

    public static int ExecuteNonQuery(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)

    {

        SqlCommand cmd = new SqlCommand();

        using (SqlConnection conn = new SqlConnection(connectionString))

        {

            PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);

            int val = cmd.ExecuteNonQuery();

            cmd.Parameters.Clear();

            return val;

        }

    }

    /// <summary>

    ///执行一条不返回结果的SqlCommand,通过一个已经存在的数据库连接

    /// 使用参数数组提供参数

    /// </summary>

    /// <remarks>

    /// 使用示例: 

    ///  int result = ExecuteNonQuery(conn, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));

    /// </remarks>

    /// <param name="conn">一个现有的数据库连接</param>

    /// <param name="commandType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="commandText">存储过程的名字或者 T-SQL 语句</param>

    /// <param name="commandParameters">以数组形式提供SqlCommand命令中用到的参数列表</param>

    /// <returns>返回一个数值表示此SqlCommand命令执行后影响的行数</returns>

    public static int ExecuteNonQuery(SqlConnection connection, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)

    {

        SqlCommand cmd = new SqlCommand();

        PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);

        int val = cmd.ExecuteNonQuery();

        cmd.Parameters.Clear();

        return val;

    }

    /// <summary>

    /// 执行一条不返回结果的SqlCommand,通过一个已经存在的数据库事物处理

    /// 使用参数数组提供参数

    /// </summary>

    /// <remarks>

    /// 使用示例:

    ///  int result = ExecuteNonQuery(trans, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));

    /// </remarks>

    /// <param name="trans">一个存在的 sql 事物处理</param>

    /// <param name="commandType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="commandText">存储过程的名字或者 T-SQL 语句</param>

    /// <param name="commandParameters">以数组形式提供SqlCommand命令中用到的参数列表</param>

    /// <returns>返回一个数值表示此SqlCommand命令执行后影响的行数</returns>

    public static int ExecuteNonQuery(SqlTransaction trans, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)

    {

        SqlCommand cmd = new SqlCommand();

        PrepareCommand(cmd, trans.Connection, trans, cmdType, cmdText, commandParameters);

        int val = cmd.ExecuteNonQuery();

        cmd.Parameters.Clear();

        return val;

    }

    /// <summary>

    /// 执行一条返回结果集的SqlCommand命令,通过专用的连接字符串。

    /// 使用参数数组提供参数

    /// </summary>

    /// <remarks>

    /// 使用示例: 

    ///  SqlDataReader r = ExecuteReader(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));

    /// </remarks>

    /// <param name="connectionString">一个有效的数据库连接字符串</param>

    /// <param name="commandType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="commandText">存储过程的名字或者 T-SQL 语句</param>

    /// <param name="commandParameters">以数组形式提供SqlCommand命令中用到的参数列表</param>

    /// <returns>返回一个包含结果的SqlDataReader</returns>

    public static SqlDataReader ExecuteReader(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)

    {

        SqlCommand cmd = new SqlCommand();

        SqlConnection conn = new SqlConnection(connectionString);

        try

        {

            PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);

            SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.CloseConnection);

            cmd.Parameters.Clear();

            return rdr;

        }

        catch

        {

            conn.Close();

            throw;

        }

    }

    /// <summary>

    /// 执行一条返回第一条记录第一列的SqlCommand命令,通过专用的连接字符串。

    /// 使用参数数组提供参数

    /// </summary>

    /// <remarks>

    /// 使用示例: 

    ///  Object obj = ExecuteScalar(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));

    /// </remarks>

    /// <param name="connectionString">一个有效的数据库连接字符串</param>

    /// <param name="commandType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="commandText">存储过程的名字或者 T-SQL 语句</param>

    /// <param name="commandParameters">以数组形式提供SqlCommand命令中用到的参数列表</param>

    /// <returns>返回一个object类型的数据,可以通过 Convert.To{Type}方法转换类型</returns>

    public static object ExecuteScalar(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)

    {

        SqlCommand cmd = new SqlCommand();

        using (SqlConnection connection = new SqlConnection(connectionString))

        {

            PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);

            object val = cmd.ExecuteScalar();

            cmd.Parameters.Clear();

            return val;

        }

    }

    /// <summary>

    /// 执行一条返回第一条记录第一列的SqlCommand命令,通过已经存在的数据库连接。

    /// 使用参数数组提供参数

    /// </summary>

    /// <remarks>

    /// 使用示例:

    ///  Object obj = ExecuteScalar(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));

    /// </remarks>

    /// <param name="conn">一个已经存在的数据库连接</param>

    /// <param name="commandType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="commandText">存储过程的名字或者 T-SQL 语句</param>

    /// <param name="commandParameters">以数组形式提供SqlCommand命令中用到的参数列表</param>

    /// <returns>返回一个object类型的数据,可以通过 Convert.To{Type}方法转换类型</returns>

    public static object ExecuteScalar(SqlConnection connection, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)

    {

        SqlCommand cmd = new SqlCommand();

        PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);

        object val = cmd.ExecuteScalar();

        cmd.Parameters.Clear();

        return val;

    }

    /// <summary>

    /// 缓存参数数组

    /// </summary>

    /// <param name="cacheKey">参数缓存的键值</param>

    /// <param name="cmdParms">被缓存的参数列表</param>

    public static void CacheParameters(string cacheKey, params SqlParameter[] commandParameters)

    {

        parmCache[cacheKey] = commandParameters;

    }

    /// <summary>

    /// 获取被缓存的参数

    /// </summary>

    /// <param name="cacheKey">用于查找参数的KEY值</param>

    /// <returns>返回缓存的参数数组</returns>

    public static SqlParameter[] GetCachedParameters(string cacheKey)

    {

        SqlParameter[] cachedParms = (SqlParameter[])parmCache[cacheKey];

        if (cachedParms == null)

            return null;

        SqlParameter[] clonedParms = new SqlParameter[cachedParms.Length];

        for (int i = 0, j = cachedParms.Length; i < j; i++)

            clonedParms[i] = (SqlParameter)((ICloneable)cachedParms[i]).Clone();

        return clonedParms;

    }

    /// <summary>

    /// 为执行命令准备参数

    /// </summary>

    /// <param name="cmd">SqlCommand 命令</param>

    /// <param name="conn">已经存在的数据库连接</param>

    /// <param name="trans">数据库事物处理</param>

    /// <param name="cmdType">SqlCommand命令类型 (存储过程, T-SQL语句, 等等。)</param>

    /// <param name="cmdText">Command text,T-SQL语句 例如 Select * from Products</param>

    /// <param name="cmdParms">返回带参数的命令</param>

    private static void PrepareCommand(SqlCommand cmd, SqlConnection conn, SqlTransaction trans, CommandType cmdType, string cmdText, SqlParameter[] cmdParms)

    {

        if (conn.State != ConnectionState.Open)

            conn.Open();

        cmd.Connection = conn;

        cmd.CommandText = cmdText;

        if (trans != null)

            cmd.Transaction = trans;

        cmd.CommandType = cmdType;

        if (cmdParms != null)

        {

            foreach (SqlParameter parm in cmdParms)

                cmd.Parameters.Add(parm);

        }

    }

}