我有一个SQL数据库,它存储来自上传的excel文件的数据。我已经放了一个子句,如果数据已经存在于特定日期和ID,那么代码应该更新数据库,否则应该插入。一切都运行正常,只是更新语句实际上没有更新数据库中的值。
if (userCount > 1)
{
Label4.Text = "Record Already Exists in the database. Overwriting the previous existing files.";
//UPDATE STATEMENT
string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
string ip = Request.UserHostAddress;
SqlCommand upd = new SqlCommand("UPDATE DoctorActivity SET(Computer_Id=@Computer_Id, Duty_Date=@Duty_Date, Duty_Type=@Duty_Type, OPD=@OPD, Minor_OT=@Minor_OT, Major_OT=@Major_OT, Normal_Delivery=@Normal_Delivery, Cesarean_Delivery=@Cesarean_Delivery, DateOfEntry=@DateOfEntry, IP=@IP, User_Id=@User_Id)", con);
upd.CommandType = CommandType.Text;
upd.Parameters.AddWithValue("@Computer_Id", GridView1.Rows[i].Cells[0].Text);
upd.Parameters.AddWithValue("@Duty_Date", GridView1.Rows[i].Cells[1].Text);
upd.Parameters.AddWithValue("@Duty_Type", GridView1.Rows[i].Cells[2].Text);
upd.Parameters.AddWithValue("@OPD", GridView1.Rows[i].Cells[3].Text);
upd.Parameters.AddWithValue("@Minor_OT", GridView1.Rows[i].Cells[4].Text);
upd.Parameters.AddWithValue("@Major_OT", GridView1.Rows[i].Cells[5].Text);
upd.Parameters.AddWithValue("@Normal_Delivery", GridView1.Rows[i].Cells[6].Text);
upd.Parameters.AddWithValue("@Cesarean_Delivery", GridView1.Rows[i].Cells[7].Text);
upd.Parameters.AddWithValue("@IP", ip);
upd.Parameters.AddWithValue("@DateOfEntry", entrytime);
upd.Parameters.AddWithValue("@User_Id", GetUsername());
}
else{
//INSERT STATEMENT
string statment = string.Format("INSERT INTO DoctorActivity(Computer_Id, Duty_Date, Duty_Type, OPD, Minor_OT, Major_OT, Normal_Delivery, Cesarean_Delivery,DateOfEntry, IP, User_Id) VALUES ('" + GridView1.Rows[i].Cells[0].Text + "', '" + GridView1.Rows[i].Cells[1].Text + "', '" + GridView1.Rows[i].Cells[2].Text + "', '" + GridView1.Rows[i].Cells[3].Text + "', '" + GridView1.Rows[i].Cells[4].Text + "', '" + GridView1.Rows[i].Cells[5].Text + "', '" + GridView1.Rows[i].Cells[6].Text + "', '" + GridView1.Rows[i].Cells[7].Text + "',@DateOfEntry, @IP, @User_Id)");
string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
string ip = Request.UserHostAddress;
SqlCommand cmd = new SqlCommand(statment, con);
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@IP", ip);
cmd.Parameters.AddWithValue("@DateOfEntry", entrytime);
cmd.Parameters.AddWithValue("@User_Id", GetUsername());
cmd.ExecuteNonQuery();
con.Close();
cmd.Dispose();
Label1.Text = "File Uploaded Succesfully";
}
答案 0 :(得分:6)
你错过了
upd.ExecuteNonQuery();
在if块的更新部分。
在处理实现using的类型IDisposable时,您应该使用SqlCommand块。此外,Microsoft建议根据需要创建和销毁SqlConnection类型,基本上在使用它们后立即销毁它们。 Sql Server将处理连接池(默认情况下启用),因此这不是一项昂贵的操作。将代码更改为以下内容可确保即使在发生异常或忘记执行此操作的情况下也始终关闭和清除连接和命令对象(请参阅原始代码中的第1个if语句结尾)。
using(var con = new SqlConnection("connectionStringHere"))
{
if (userCount > 1)
{
Label4.Text = "Record Already Exists in the database. Overwriting the previous existing files.";
//UPDATE STATEMENT
string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
string ip = Request.UserHostAddress;
// Your update statement has no WHERE clause, this will currently update all table record!
using(SqlCommand upd = new SqlCommand("UPDATE DoctorActivity SET(Computer_Id=@Computer_Id, Duty_Date=@Duty_Date, Duty_Type=@Duty_Type, OPD=@OPD, Minor_OT=@Minor_OT, Major_OT=@Major_OT, Normal_Delivery=@Normal_Delivery, Cesarean_Delivery=@Cesarean_Delivery, DateOfEntry=@DateOfEntry, IP=@IP, User_Id=@User_Id)", con))
{
upd.CommandType = CommandType.Text;
upd.Parameters.AddWithValue("@Computer_Id", GridView1.Rows[i].Cells[0].Text);
upd.Parameters.AddWithValue("@Duty_Date", GridView1.Rows[i].Cells[1].Text);
upd.Parameters.AddWithValue("@Duty_Type", GridView1.Rows[i].Cells[2].Text);
upd.Parameters.AddWithValue("@OPD", GridView1.Rows[i].Cells[3].Text);
upd.Parameters.AddWithValue("@Minor_OT", GridView1.Rows[i].Cells[4].Text);
upd.Parameters.AddWithValue("@Major_OT", GridView1.Rows[i].Cells[5].Text);
upd.Parameters.AddWithValue("@Normal_Delivery", GridView1.Rows[i].Cells[6].Text);
upd.Parameters.AddWithValue("@Cesarean_Delivery", GridView1.Rows[i].Cells[7].Text);
upd.Parameters.AddWithValue("@IP", ip);
upd.Parameters.AddWithValue("@DateOfEntry", entrytime);
upd.Parameters.AddWithValue("@User_Id", GetUsername());
upd.ExecuteNonQuery(); // added
}
}
else{
//INSERT STATEMENT
// ******************
//This should be changed to use all parameterized query. Never use string concatenation for your parameter values.
// ******************
string statment = string.Format("INSERT INTO DoctorActivity(Computer_Id, Duty_Date, Duty_Type, OPD, Minor_OT, Major_OT, Normal_Delivery, Cesarean_Delivery,DateOfEntry, IP, User_Id) VALUES ('" + GridView1.Rows[i].Cells[0].Text + "', '" + GridView1.Rows[i].Cells[1].Text + "', '" + GridView1.Rows[i].Cells[2].Text + "', '" + GridView1.Rows[i].Cells[3].Text + "', '" + GridView1.Rows[i].Cells[4].Text + "', '" + GridView1.Rows[i].Cells[5].Text + "', '" + GridView1.Rows[i].Cells[6].Text + "', '" + GridView1.Rows[i].Cells[7].Text + "',@DateOfEntry, @IP, @User_Id)");
string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
string ip = Request.UserHostAddress;
using(SqlCommand cmd = new SqlCommand(statment, con))
{
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@IP", ip);
cmd.Parameters.AddWithValue("@DateOfEntry", entrytime);
cmd.Parameters.AddWithValue("@User_Id", GetUsername());
cmd.ExecuteNonQuery();
}
Label1.Text = "File Uploaded Succesfully";
}
}
答案 1 :(得分:1)
您是否在WHERE User_ID = @User_ID AND Computer_ID = @Computer_ID声明中遗漏了UPDATE条款?
此外,声明的实际执行在哪里?即upd.ExecuteNonQuery();