it should be like this,

应该是这样的

cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = ("insert_questions") ;
cmd.Parameters.AddWithValue("@value", valueHere);
cmd.Parameters.AddWithValue("@value2", valueHere);

note that @valueand @value2are the parameters declared in your stored procedure.

请注意，@value和@value2是在您的存储过程中声明的参数。

Try this:

尝试这个：

        cmd.CommandText = ("insert_questions @store_result, @store_title, @store_des");
        cmd.Parameters.AddWithValue("@store_result", store_result);
        cmd.Parameters.AddWithValue("@store_title", store_title);
        cmd.Parameters.AddWithValue("@store_des", store_des);

You don't concatenate the SqlParameter instances; instead:

您不连接 SqlParameter 实例；反而：

cmd.CommandText = "insert_questions @store_result, @store_title, @store_des";
cmd.Parameters.AddWithValue("store_result", store_result);
cmd.Parameters.AddWithValue("store_title", store_title);
cmd.Parameters.AddWithValue("store_des", store_des);

The names used in AddWithValueare used in the TSQL as @store_result, etc.

中使用的名称在AddWithValueTSQL 中使用为@store_result等。

If we assume that inert_questionsis actually a proc, then it is even simpler:

如果我们假设这inert_questions实际上是一个过程，那么它甚至更简单：

cmd.CommandText = "insert_questions";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("store_result", store_result);
cmd.Parameters.AddWithValue("store_title", store_title);
cmd.Parameters.AddWithValue("store_des", store_des);

Alternatively, if all of that seems tedious, tools like dapper-dot-net make this easier:

或者，如果所有这些看起来很乏味，像 dapper-dot-net 这样的工具可以让这变得更容易：

someOpenConnection.Execute("insert_questions",    
      new { store_result, store_title, store_des },
      commandType: CommandType.StoredProcedure);

the correct way to go is

正确的做法是

using(var connection = new SqlConnection(ConnectionString))
{
    connection.Open();
    using(var command = new SqlCommand("SELECT * FROM Table WHERE ID=@someID",connection))
    {
        command.Parameters.AddWithValue("someID",1234);
        var r = command.ExecuteQuery();
    }
}

this means it works even with text queries. it's even easier with stored procedures - instead of sql query you just provide stored procedure name:

这意味着它甚至可以用于文本查询。使用存储过程更容易 - 而不是 sql 查询，您只需提供存储过程名称：

using(var connection = new SqlConnection(ConnectionString))
{
    connection.Open();
    using(var command = new SqlCommand("insert_sproc",connection))
    {
        command.CommandType = CommandType.StoredProcedure;
        command.Parameters.AddWithValue("someID",1234);
        var r = command.ExecuteQuery();
    }
}

 private void ProcessData(MerchantLead data)
        {            
            var cmdCardJournal = new SqlCommand { CommandText = "BusinessLeadsInsert" };
            var sql = new Sqlquery();
            sql._cn = new SqlConnection(ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString);
            cmdCardJournal.Parameters.AddWithValue("@Name", data.FirstName);
            cmdCardJournal.Parameters.AddWithValue("@LastName", data.LastName);
            cmdCardJournal.Parameters.AddWithValue("@BusinessName", data.BusinessName);
            cmdCardJournal.Parameters.AddWithValue("@PhoneNumber", data.PhoneNumber);
            cmdCardJournal.Parameters.AddWithValue("@Email", data.Email);
            cmdCardJournal.Parameters.AddWithValue("@Website", data.Website);
            cmdCardJournal.Parameters.AddWithValue("@OTP", data.OTP);
            cmdCardJournal.Parameters.AddWithValue("@OTPExpired", DateTime.UtcNow.AddMinutes(30));

            sql.SpCommandExeNon(cmdCardJournal);
}