就像标题一样(C#,Visual Studio 2015)。
我在Visual Studio中有一个Database.mdf文件。我有5个texbox,我想将这个texbox中的文本绑定到数据库表。
我的主键有IDENTITY(1,1)属性。我不知道如何解决这个问题。按下按钮即可按下绑定。
SqlConnection conn = new SqlConnection(@"Data Source = (LocalDB)\MSSQLLocalDB; AttachDbFilename = C:\Users\Mariusz\Desktop\SerwisKomputerowyDB\SerwisKomputerowyDB\SerwisKomputerowyDB\Database1.mdf; Integrated Security = True");
conn.Open();
SqlCommand newCmd = conn.CreateCommand();
newCmd.Connection = conn;
newCmd.CommandType = CommandType.Text;
newCmd.CommandText = "INSERT INTO [dbo].[KlienciIndywidualni] VALUES (,'" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "','" + textBox5.Text + "')";
newCmd.ExecuteNonQuery();
conn.Close();
抱歉我的英文。
答案 0 :(得分:1)
如果您的表格中包含IDENTITY列,则在插入数据时,需要确保 NOT 在该列中插入值。
所以你需要明确定义你插入的列名 - 这实际上总是一个好主意,你应该总是这样做:
// define query WITH PARAMETERS! Don't concatenate together your SQL - never EVER !
string insertQry = "INSERT INTO [dbo].[KlienciIndywidualni] (TextCol1, TextCol2, TextCol3, TextCol4, TextCol5) " +
"VALUES (@TextValue1, @TextValue2, @TextValue3, @TextValue4, @TextValue5);";
// create connection and command object
using (SqlConnection conn = new SqlConnection(@"Data Source = (LocalDB)\MSSQLLocalDB; AttachDbFilename = C:\Users\Mariusz\Desktop\SerwisKomputerowyDB\SerwisKomputerowyDB\SerwisKomputerowyDB\Database1.mdf; Integrated Security = True"))
using (SqlCommand cmd = new SqlCommand(insertQry, conn))
{
// set up parameters and define values
cmd.Parameters.Add("@TextValue1", SqlDbType.VarChar, 50).Value = textBox1.Text;
cmd.Parameters.Add("@TextValue2", SqlDbType.VarChar, 50).Value = textBox2.Text;
cmd.Parameters.Add("@TextValue3", SqlDbType.VarChar, 50).Value = textBox3.Text;
cmd.Parameters.Add("@TextValue4", SqlDbType.VarChar, 50).Value = textBox4.Text;
cmd.Parameters.Add("@TextValue5", SqlDbType.VarChar, 50).Value = textBox5.Text;
// open connection, execute INSERT command, close connection
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
}
答案 1 :(得分:0)
您必须使用带有列名的insert语句 例如
INSERT INTO [dbo].[KlienciIndywidualni](column2, column3) VALUES (value2, value3)";
参考w3school article - SQL INSERT INTO Statement
要防止sql注入漏洞check this Reference,即通过连接值,请使用参数化查询。 e.g。
newCmd.CommandType = CommandType.Text;
newCmd.CommandText = "INSERT INTO [dbo].[KlienciIndywidualni](column2, column3) VALUES (@val1, @val2)";
newCmd.Parameters.AddWithValue("@val1", textBox1.Text);
newCmd.Parameters.AddWithValue("@val2", textBox2.Text);
newCmd.ExecuteNonQuery();
答案 2 :(得分:0)
string insertQry = "INSERT INTO [dbo].[KlienciIndywidualni] (Imię, Nazwisko, Telefon, E-mail,Adres) " +
"VALUES (@Imię, @Nazwisko, @Telefon, @E-mail, @Adres);";
using (SqlConnection conn = new SqlConnection(@"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=C:\Users\Mariusz\Desktop\AplikacjaNaInzynierie\AplikacjaNaInzynierie\Baza.mdf;Integrated Security=True"))
using (SqlCommand cmd = new SqlCommand(insertQry, conn))
{
cmd.Parameters.Add("@Imię", SqlDbType.VarChar, 50).Value = textBox1.Text;
cmd.Parameters.Add("@Nazwisko", SqlDbType.VarChar, 50).Value = textBox2.Text;
cmd.Parameters.Add("@Telefon", SqlDbType.VarChar, 50).Value = textBox3.Text;
cmd.Parameters.Add("@E-mail", SqlDbType.VarChar, 50).Value = textBox4.Text;
cmd.Parameters.Add("@Adres", SqlDbType.VarChar, 50).Value = textBox5.Text;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
我还有错误......