你可以用SqlCommandBuilder做到這一點,並取消命令的CommandText。
例子:
using(SqlConnection connection = new SqlConnection("YOUR CONNECTION"))
{
connection.Open();
SqlDataAdapter thisAdapter = new SqlDataAdapter("SELECT ID from SOMETABLE", connection);
SqlCommandBuilder thisBuilder = new SqlCommandBuilder(thisAdapter);
Console.WriteLine("SQL SELECT Command is:\n{0}\n", thisAdapter.SelectCommand.CommandText);
SqlCommand updateCommand = thisBuilder.GetUpdateCommand();
Console.WriteLine("SQL UPDATE Command is:\n{0}\n", updateCommand.CommandText);
SqlCommand insertCommand = thisBuilder.GetInsertCommand();
Console.WriteLine("SQL INSERT Command is:\n{0}\n", insertCommand.CommandText);
SqlCommand deleteCommand = thisBuilder.GetDeleteCommand();
Console.WriteLine("SQL DELETE Command is:\n{0}", deleteCommand.CommandText);
}
嗨,克里斯,感謝您的回答。這個SQL語句不是很容易受到SQL注入攻擊嗎? –
@TiongGor哦,我不確定。如果有人能讓我知道這是否屬實,那將是一件好事 – chris