Right syntax of SqlParameter

问题

I'm trying to convert :

command.Parameters.Add (new SqliteParameter (DbType.Int32) { Value = id });

To a normal SqlParameter :

command.Parameters.Add(new SqlParameter(DbType.Int32) { Value = id });

I've managed to convert every line now besides this one, I'm getting these errors :

Error   3   Argument 1: cannot convert from 'System.Data.DbType' to 'object[]'
Error   2   The best overloaded method match for 'System.Data.SqlClient.SqlParameter.SqlParameter(object[])' has some invalid arguments

Full function code :

public User GetUser(int id)
{
    var u = new User();
    lock (locker)
    {
        connection = new SqlConnection("Data Source=" + path + ";Initial Catalog=DB;User ID=sa;Password=***********th");
        connection.Open();
        using (var command = connection.CreateCommand())
        {
            command.CommandText = "Select * from tblUsers WHERE UserID = ?";
            command.Parameters.Add(new SqlParameter(DbType.Int32) { Value = id });
            var r = command.ExecuteReader();
            while (r.Read())
            {
                u = FromReader(r);
                break;
            }
        }
        connection.Close();
    }
    return u;
}

回答1:

I think you are looking something this;

command.Parameters.Add(new SqlParameter("@YourParameterName", SqlDbType.Int32).Value = id;

After edit your question;

You can use AddWithValue method. Add(String, Object) method is obsolete. like;

command.CommandText = "Select * from tblUsers WHERE UserID = @id";
command.Parameters.AddWithValue("@id", id);

If you use SQL Server as a database, you should named your parameter add it to AddWithValue with the same name.

When you use OleDbCommand, order of parameter is important. Because as MSDN says:

The OLE DB .NET Provider does not support named parameters for passing parameters to an SQL statement or a stored procedure called by an OleDbCommand when CommandType is set to Text. In this case, the question mark (?) placeholder must be used. For example:

SELECT * FROM Customers WHERE CustomerID = ?

Therefore, the order in which OleDbParameter objects are added to the OleDbParameterCollection must directly correspond to the position of the question mark placeholder for the parameter in the command text.

来源：https://stackoverflow.com/questions/20870628/right-syntax-of-sqlparameter