Deleting records from a table, is this correct?

2022-12-11 20:37 问答作者：

I want to delete some record from table ,by running this Query in C# is it Correct or not,

Please help me

开发者_C百科SqlCommand cmdRe = new SqlCommand("insert into msisdn_master SELECT *  from tblDeactive
where msisdn in (" + str_MSISDN + ")", cn);
SqlCommand cmdRed = new SqlCommand("delete from tblDeactive where msisdn in ("+str_MSISDN+")", cn);
cmdRe.CommandType = CommandType.Text;
cmdRed.CommandType = CommandType.Text;

note : str_MSISDN is the StringBuilder which stores the Number which is inserted in TextField.

You should be using proper SQL parameters. NEVER use string building since that leaves you open for injection attacks.

Read this tutorial to learn how to add parameters to SqlCommands.

继续阅读：sql

Deleting records from a table, is this correct?

更多精彩内容

精彩评论

最新问答

文字找茬大师黄拆解18个字通关攻略具体介绍？

《黑神话：悟空》臂甲玄铁硬手怎么获得？

郑慧媛（关于郑慧媛的介绍）？

鸡翅的做法大全家常红烧鸡翅（红烧鸡翅太美味了）？

16岁少年失联缅甸？

问答排行榜

王昌瑞《潜梦追凶》剧组庆生新锐演员未来可期？

Is it allowed to ask users to enter credit card details for own payment method?

Escaping "<" in Perl-generated XML

imessage会显示已读吗？

微信重新建群怎么建？