ASP.NET 中的参数化几何 sql 命令 c#,无法正常工作

Parametrizing geometry sql command c# in ASP.NET, not working

我已经使用了这个字符串并用字符串 concatenation.But 测试了它,因为你知道用它来格式化 sql 命令是不安全的。

 SqlCommand param = new SqlCommand();
        param.CommandText = "INSERT INTO Circle (Center_Point, Circle_Data) VALUES (geometry::STGeomFromText('POINT(@center_lat @center_lng)',0),geometry::STGeomFromText('POLYGON((@polygon))',0));";
        param.Parameters.Add(new SqlParameter("@center_lat", center_lat));
        param.Parameters.Add(new SqlParameter("@center_lng", center_lng));
        param.Parameters.Add(new SqlParameter("@polygon", polygon));

我去参数化字符串并得到以下错误:

System.Data.SqlClient.SqlException (0x80131904): A .NET Framework error occurred during execution of user-defined routine or aggregate "geometry": System.FormatException: 24141: A number is expected at position 17 of the input. The input has @center_lat.

看起来它还没有将值放入字符串中。但是当我逐步执行代码时,它确实具有价值。

可能是什么问题?

谢谢

感谢 Me.Name. I had to add the correct assemblies ASP.net 项目,它使我能够正确设置 UDT 类型。更新代码如下。

SqlCommand param = new SqlCommand();
        SqlGeometry point = SqlGeometry.Point(center_lat,center_lng,0);
        SqlGeometry poly = SqlGeometry.STPolyFromText(new SqlChars(new SqlString(polygon)),0);
        param.CommandText = "INSERT INTO Circle (Center_Point, Circle_Data) VALUES (@point,@poly);";
        param.Parameters.Add(new SqlParameter("@point", SqlDbType.Udt));
        param.Parameters.Add(new SqlParameter("@poly", SqlDbType.Udt));
        param.Parameters["@point"].UdtTypeName = "geometry";
        param.Parameters["@poly"].UdtTypeName = "geometry";
        param.Parameters["@point"].Value = point;
        param.Parameters["@poly"].Value = poly;

对我来说,使用 MySQL 几何图形,我不得不使用 MySqlGeometry class 而不是 @SammyG

的回答中的 SqlGeometry
parameters.Add(new
{
   ...
   MyGeometryObject = MySqlGeometry.Parse($"POINT({point.WGS84Lon} {point.WGS84Lat})").Value,
});