Current location - Plastic Surgery and Aesthetics Network - Plastic surgery and beauty - How to use in to pass sql statement parameters in C#
How to use in to pass sql statement parameters in C#
No, when in uses parameters, the parameter type will be forced to be consistent with the conditional field, and string construction is not supported (if the field itself is of varchar or char type, in is only equivalent to a conditional value, not a group).

You can use exec to execute the whole sql as a parameter, such as

exec(' SELECT * FROM table WHERE id IN('+@ ids+')')

But I feel that this is actually no different from directly constructing sql statements, and it can't prevent injection.

Related articles
  • Some problems about nasal bone reduction after nasal bone fracture. & lt high score reward! & gt
  • How did Japanese bonsai come into being?
  • What should I do if my toenail hurts in the meat? This will help you finish it.
  • Which gynecological hospital in Xiaogan is good?
  • Manufacturing process of fried dumplings
  • How to set the special effect font of ps poster ¡ª¡ª How to set the artistic font of PS
  • Inductive proximity switch
  • A baby in Henan is in scalding shock, and the mother wants to cut the skin to save the daughter. Will this affect the baby's later life?
  • Who should be responsible for the uneven face caused by plastic surgery failure and the collapse of Qingdao women?
  • Winners of the Nightingale Prize in Gansu Province

    • copyright 2024 Plastic Surgery and Aesthetics Network All rights reserved