我在我的頁面上有文本區域。在那個領域我必須添加一些HTML代碼並將其保存到數據庫中。它適用於簡單的HTML,但是當我選擇「維基百科」,例如一些文本,粘貼並嘗試保存在SQL查詢需要執行我得到以下錯誤異常:如何在數據庫中保存HTML內容
Incorrect syntax near 's'.
The identifier that starts with '. Interestingly, old maps show the name as <em>Krakow</em>.</p>
<p>Kragujevac experienced a lot of historical turbulence, ' is too long. Maximum length is 128.
The identifier that starts with '>Paleolithic</a> era. Kragujevac was first mentioned in the medieval period as related to the public square built in a sett' is too long. Maximum length is 128.
The label 'http' has already been declared. Label names must be unique within a query batch or stored procedure.
The label 'http' has already been declared. Label names must be unique within a query batch or stored procedure.
Unclosed quotation mark after the character string '>Belgrade Pashaluk</a>.</p>'
我使用asp mvc和剃鬚刀引擎。我不知道也許我需要以某種方式編輯html。我也加入了這個爲ArticleText屬性:
[AllowHtml]
public string ArticleText { get; set; }
這是保存到數據庫代碼:
string sql = @"insert into tbl_articles
(Text) values
("'" + article.ArticleText"'"+")";
SqlCommand cmd = new SqlCommand(sql, conn);
cmd.ExecuteNonQuery();
問題是你的ArticleText Contai ns單引號(又名撇號),需要轉義。爲什麼要在這裏構建動態SQL而不是使用參數化查詢? –
製作一個proc,它完全符合你在字符串中的內容,並將HTML作爲參數傳遞......就像魔術一樣。 – SQLMason