C# Code Analysis CA2000

2019-06-21 03:15发布

站内文章 / C#
33 0 0

问题:

I have a function which I thought I had fixed the CA2000 warning in Code Analysis for, but it just won't go away. The warning is on SqlCommand. Here's the function:

protected internal void LogUserSession(int? managerID)
{
    using (var sqlCommand = new SqlCommand())
    {
        sqlCommand.SetCommand("usp_UserActivity_Create");

        SqlParameter prmSessionID = new SqlParameter();
        prmSessionID.ParameterName = "@sessionID";
        prmSessionID.Direction = ParameterDirection.Input;
        prmSessionID.SqlDbType = SqlDbType.VarChar;
        prmSessionID.Size = 32;
        prmSessionID.SetValue(SessionID);

        SqlParameter prmUsername = new SqlParameter();
        prmUsername.ParameterName = "@username";
        prmUsername.Direction = ParameterDirection.Input;
        prmUsername.SqlDbType = SqlDbType.VarChar;
        prmUsername.Size = 32;
        prmUsername.SetValue(Username);

        SqlParameter prmLoginID = new SqlParameter();
        prmLoginID.ParameterName = "@loginID";
        prmLoginID.Direction = ParameterDirection.Output;
        prmLoginID.SqlDbType = SqlDbType.Int;

        sqlCommand.Parameters.Add(prmSessionID);
        sqlCommand.Parameters.Add(prmUsername);
        sqlCommand.Parameters.Add(prmLoginID);

        using (sqlCommand.Connection = new SqlConnection(ConnectionStrings.MainApp))
        {
            sqlCommand.Connection.Open();
            sqlCommand.ExecuteNonQueryTryCatch();

            if (prmLoginID.Value != DBNull.Value) LoginID = Convert.ToInt32(prmLoginID.Value);
        }
    }
}

I have another function that to me looks no different but does not have a CA2000 warning associated to it. Here's that function:

public static bool IsAvailable(string username)
        {
            using (var sqlCommand = new SqlCommand())
            {
                sqlCommand.SetCommand("usp_UsernameIsAvailable");

                var prmUsername = new SqlParameter();
                prmUsername.ParameterName = "@username";
                prmUsername.Direction = ParameterDirection.Input;
                prmUsername.SqlDbType = SqlDbType.VarChar;
                prmUsername.Size = 32;
                prmUsername.SetValue(username);

                var prmReturnValue = new SqlParameter();
                prmReturnValue.ParameterName = "@returnValue";
                prmReturnValue.Direction = ParameterDirection.ReturnValue;
                prmReturnValue.SqlDbType = SqlDbType.Bit;

                sqlCommand.Parameters.Add(prmUsername);
                sqlCommand.Parameters.Add(prmReturnValue);

                using (sqlCommand.Connection = new SqlConnection(ConnectionStrings.ComplianceApps))
                {
                    sqlCommand.Connection.Open();
                    sqlCommand.ExecuteNonQueryTryCatch();

                    return Convert.ToBoolean(prmReturnValue.Value);
                }
            }
        }

I don't understand what's going on here and what I need to do to fix it.

回答1:

The CA2000 warning is notorious for causing false positives. One of the things it does is when it finds more than 16 possible locations that can throw an exception, it just stops looking and flags the CA warning.

A very similar question with a response from Microsoft can be found here: http://social.msdn.microsoft.com/Forums/en-US/vstscode/thread/90f993a3-6bdf-4b62-9982-9247a655406d/

Connect bug tracking this issue: https://connect.microsoft.com/VisualStudio/feedback/details/725836/warning-ca2000-is-fired-on-a-sqlcommand-with-many-sqlparameters#details



标签: c# code-analysis ca2000
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~