µÝ¹éС̸×Ô±¸C#¸¨Öúº¯Êý
ʮ08
±ÜÃâSQL×¢ÈëºÍÌØÊâ×Ö·ûµÄÒ»ÖÖ·½·¨
C#Add comments
±ÜÃâSQL×¢ÈëºÍÌØÊâ×Ö·ûµÄ°ì·¨Óкܶ࣬²»Í¬Êý¾Ý¿âÒ²Óв»Í¬Êý¾Ý¿âµÄ½â¾ö·½°¸£¬ADO.NETÖÐʹÓÃDbCommand.Parameters½â¾öÕâ¸öÎÊÌ⣬ΪÁËÁ˽âËûµÄÔÀí£¬ÎÒ²éÁËÒ»ÏÂ.NETÖÐSQLCommandµÄÔ´´úÂëºÍMySQL.NETÖÐMySQLCommandµÄÔ´´úÂë¡£
.NETÔ´´úÂ볬¼¶ÄѸú×Ù£¬Ã²ËÆÊÇÓÃÁËSQL Server¶ÀÓеÄÌØÐÔ£¬°Ñ²ÎÊýµÄÃû³Æ¡¢ÀàÐÍ¡¢°ÑÖµµÄ¶þ½øÖƶ¼´«¸øÁËSQL Server API£¬¾ßÌåûÓиúµ½¡£
MySQLʵÏ־ͺܼòµ¥ÁË£¬Ëû»á°Ñ×Ö·û´®ÀàÐ͵IJÎÊývalueʹÓÃÒ»¸ö¹ýÂËÊý×éÀ´¹ýÂË£¬ÔÚ¹ýÂË×Ö·ûÇ°Ãæ¼ÓÉÏ“\”£¬ÎÒÈÏΪÕâÊÇÒ»ÖÖͨÓõÄ×ö·¨£¬ËäȻЧÂÊÉϲ»ÈçSQLCommandºÃ£¬µ«ÊǺÍÈÝÒ×ÒÆÖ²¸üÈÝÒ׿´¶®£¡
ʹÓÃPHP+MySQL×öÍøÕ¾µÄͬѧҲ¿ÉÒÔÀûÓÃ×ÅÀàËƵÄ˼ÏëÉú³É°²È«µÄSQLÁ¬½Ó´®£¬ÎÒ¿´ÁËPHPWindÊý¾Ý¿â´¦Àíº¯Êý£¬Ã²ËƲ¢Ã»ÓжÔËùÓеĹýÂË×Ö·û½øÐд¦Àí£¬Õâ¾Í´æÔÚ×ÅһЩ°²È«Òþ»¼¡£
Ô´´úÂë
private static string stringOfBackslashChars = "\u005c\u00a5\u0160\u20a9\u2216\ufe68\uff3c";
private static string stringOfQuoteChars =
"\u0027\u00b4\u02b9\u02ba\u02bb\u02bc\u02c8\u02ca\u02cb\u02d9\u0300\u0301\u2018\u2019\u201a\u2032\u2035\u275b\u275c\uff07";
/// <summary>
/// Escapes the string.
/// </summary>
/// <param name="value" />The string to escape</param>
/// <returns>The string with all quotes escaped.</returns>
public static string EscapeString(string value)
{
StringBuilder sb = new StringBuilder();
foreach (char c in value)
{
if (stringOfQuoteChars.IndexOf(c) >= 0 ||
stringOfBackslashChars.IndexOf(c) >= 0)
sb.Append("\\");
sb.Append(c);
}
return sb.ToString();
}
ÈçºÎÔÚVS2008ÖпªÆô.NETÔ´´úÂëµ÷ÊÔ
¹¤¾ß->Ñ¡Ïî->
µ÷ÊÔ->ÆôÓÃÔ´·þÎñÆ÷Ö§³Ö
·ûºÅ->Ìí¼ÓPDBλÖÃhttp://referencesource.microsoft.com/symbols
±¾µØ»º´æĿ¼
