System.Data.SQLite 参数未被替换
conn = new SQLiteConnection("Data Source=nk.db");
var items = from n in internalMap.storage select n.paramName;
conn.Open();
cmd = new SQLiteCommand("CREATE TABLE @table_name (name TEXT)",conn);
//create table for the index
cmd.Parameters.AddWithValue("@table_name", j);
cmd.ExecuteNonQuery();
当执行此行时“cmd.ExecuteNonQuery();”我收到以下异常
“@table_name 附近的 SQLite 错误:语法错误”
我所做的所有搜索似乎都表明您就是这样做的。
我不知道出了什么问题
conn = new SQLiteConnection("Data Source=nk.db");
var items = from n in internalMap.storage select n.paramName;
conn.Open();
cmd = new SQLiteCommand("CREATE TABLE @table_name (name TEXT)",conn);
//create table for the index
cmd.Parameters.AddWithValue("@table_name", j);
cmd.ExecuteNonQuery();
When this line gets executed "cmd.ExecuteNonQuery();" I get the following exception
"SQLite error near \"@table_name\": syntax error"
All the searches I have done seem to indicate that is how you do it.
I have no idea what is wrong
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
在我使用过的大多数数据库中,DDL命令不能像这样参数化,甚至DML语句也不能通过表名(或字段名等)参数化。通常只有表达式值可以被参数化。
在大多数情况下,这是可以的,因为您通常没有用户提供的数据(例如名称中的表格),并且没有格式注意事项,因为可能存在数字和日期/时间之类的数据...所以纯字符串SQL 语句中的替换可能是您能做的最好的事情,尽管它可能很丑。
In most databases I've worked with, DDL commands can't be parameterized like this, and even DML statements can't be parameterized by table name (or field name, etc). Generally only expression values can be parameterized.
In most cases this is okay, as you usually don't have user-provided data for things like table in names, and there aren't formatting considerations as there could be for things like numbers and dates/times... so plain string substitution in the SQL statement is probably the best you can do, ugly though it may be.