using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Text; using System.Data.SqlClient; using System.Data; using System.Configuration; namespace ParaMeter {     public partial class Test : System.Web.UI.Page     {         private string connectionStr;  //链接数据库的字符串         private SqlConnection conDB;   //数据库的链接         private SqlTransaction _trans; //事务对象         protected void Page_Load(object sender, EventArgs e)         {             //connectionStr = ConfigurationSettings.AppSettings["constr"];             connectionStr = "server=10.11.43.189\\SQL2008;database=OA_WEB_DB;uid=sa;pwd=123456";             conDB = new SqlConnection(connectionStr);         }         protected void Button1_Click(object sender, EventArgs e)         {             StringBuilder strSql = new StringBuilder();             strSql.Append("INSERT INTO [OA_WEB_DB].[dbo].[OA_RT_FileType]([FileTypeName],[Deleted])");             strSql.Append("VALUES(@fileName,@delete)");             SqlParameter[] parameters = {                                  new SqlParameter("@fileName", SqlDbType.NVarChar,100),                                  new SqlParameter("@delete",SqlDbType.Bit),                              };             parameters[0].Value = "文件类型";             parameters[1].Value = false;           bool IsSucc =   ExecUpdateSql(strSql.ToString(), parameters);           if (IsSucc)           {              Label1.Text =  "插入成功";           }           else           {               Label1.Text = "插入失败";           }         }         /// 执行一条更新语句         /// </summary>         /// <param name="SQLString">需要执行的SQL语句。</param>         /// <param name="cmdParms">执行参数数组</param>         /// <returns>成功返回True，失败返回False。</returns>         private bool ExecUpdateSql(string SQLString, params SqlParameter[] cmdParms)         {             using (SqlCommand cmd = new SqlCommand())             {                 try                 {                     PrepareCommand(cmd, conDB, _trans, SQLString, cmdParms);                     int iret = cmd.ExecuteNonQuery();                     return true;                 }                 catch (System.Data.SqlClient.SqlException e)                 {                     return false;                 }             }         }         private void PrepareCommand(SqlCommand cmd, SqlConnection conn, SqlTransaction trans, string cmdText, SqlParameter[] cmdParms)         {             if (conn.State != ConnectionState.Open)                 conn.Open();             cmd.Connection = conn;             cmd.CommandText = cmdText;             if (trans != null)                 cmd.Transaction = trans;             cmd.CommandType = CommandType.Text;//cmdType;             if (cmdParms != null)             {                 foreach (SqlParameter parameter in cmdParms)                 {                     if ((parameter.Direction == ParameterDirection.InputOutput || parameter.Direction == ParameterDirection.Input) &&                         (parameter.Value == null))                     {                         parameter.Value = DBNull.Value;                     }                     cmd.Parameters.Add(parameter);                 }             }         }     } }