许多关于SQL中带有C#的参数的帖子,但我仍然遗漏了一些东西。我没有收到错误消息但没有插入数据。缺什么?我有名为fname,lname,address,city,state和zip的文本框。
private void enter_button_Click(object sender, EventArgs e)
{
string first, last, addy, city1, stat, zippy;
first = fname.Text;
SqlParameter firstparam;
firstparam = new SqlParameter();
firstparam.ParameterName = "@first";
firstparam.Value = first;
last = lname.Text;
SqlParameter lastparam;
lastparam = new SqlParameter();
lastparam.ParameterName = "@last";
lastparam.Value = last;
addy = address.Text;
SqlParameter addressparam;
addressparam = new SqlParameter();
addressparam.ParameterName = "@addy";
addressparam.Value = addy;
city1 = city.Text;
SqlParameter cityparam;
cityparam = new SqlParameter();
cityparam.ParameterName = "@city1";
cityparam.Value = city1;
stat = state.Text;
SqlParameter stateparam;
stateparam = new SqlParameter();
stateparam.ParameterName = "@stat";
stateparam.Value = stat;
zippy = zip.Text;
SqlParameter zipparam;
zipparam = new SqlParameter();
zipparam.ParameterName = "@zippy";
zipparam.Value = zippy;
try
{
Validate(fname);
Validate(lname);
Validate(city);
Validate(state);
}
catch (Exception ex)
{
throw new Exception(ex.ToString(), ex);
}
try
{
exValidate(address);
}
catch (Exception ex1)
{
throw new Exception(ex1.ToString(), ex1);
}
try
{
numValidate(zip);
}
catch (Exception ex2)
{
throw new Exception(ex2.ToString(), ex2);
}
string connection = "Data Source=TX-MANAGER;Initial Catalog=Contacts;Integrated Security=True";
var sqlstring = string.Format("INSERT INTO Contacts ([First] ,[Last] ,[Address] ,[City] ,[State],[ZIP]) VALUES {0}, {1}, {2}, {3}, {4}, {5})", @first, @last, @addy, @city1, @stat, @zippy);
SqlConnection conn = new SqlConnection(connection);
SqlCommand comm = new SqlCommand();
comm.CommandText = sqlstring;
try
{
conn.Open();
//SqlTransaction trans = conn.BeginTransaction();
//comm.Transaction = trans;
comm.Parameters.Add("@first", SqlDbType.Text);
comm.Parameters.Add("@last", SqlDbType.Text);
comm.Parameters.Add("@addy", SqlDbType.Text);
comm.Parameters.Add("@city1", SqlDbType.Text);
comm.Parameters.Add("@stat", SqlDbType.Text);
comm.Parameters.Add("@zippy", SqlDbType.SmallInt);
}
catch (Exception commex)
{
throw new Exception(commex.ToString(), commex);
}
conn.Close();
}
所以我改变了这一点,但仍然没有任何反应。
string connection = "Data Source=TX-MANAGER;Initial Catalog=Contacts;Integrated Security=True";
var sqlstring = string.Format("INSERT INTO Contacts ([First] ,[Last] ,[Address] ,[City] ,[State],[ZIP]) VALUES {0}, {1}, {2}, {3}, {4}, {5})", @first, @last, @addy, @city1, @stat, @zippy);
SqlConnection conn = new SqlConnection(connection);
SqlCommand comm = conn.CreateCommand();
comm.CommandText = sqlstring;
try
{
conn.Open();
//SqlTransaction trans = conn.BeginTransaction();
//comm.Transaction = trans;
comm.Parameters.AddWithValue("@first", first);
comm.Parameters.AddWithValue("@last", last);
comm.Parameters.AddWithValue("@addy", addy);
comm.Parameters.AddWithValue("@city1", city1);
comm.Parameters.AddWithValue("@stat", stat);
comm.Parameters.AddWithValue("@zippy", zippy);
comm.ExecuteNonQuery();
答案 0 :(得分:6)
您忘记执行命令;)
编辑:您也没有使用在方法开头创建的参数。
...
try
{
conn.Open();
//SqlTransaction trans = conn.BeginTransaction();
//comm.Transaction = trans;
comm.Parameters.Add(firstparam);
comm.Parameters.Add(lastparam);
comm.Parameters.Add(addressparam);
comm.Parameters.Add(cityparam);
comm.Parameters.Add(stateparam);
comm.Parameters.Add(zipparam);
// This is what you forgot:
comm.ExecuteNonQuery();
}
...
catch (Exception ex1)
{
throw new Exception(ex1.ToString(), ex1);
}
它没用,它只是添加了一个新级别的异常,而没有添加任何有用的东西。只是让异常在堆栈中冒泡,直到它到达一个实际上有用的catch块。
答案 1 :(得分:4)
提供的样本中的关键问题是:
sqlstring的定义应该在字符串SqlConnection和SqlCommand对象未正确处理(例如,conn.Close()调用不属于异常处理程序的Finally部分。Value的{{1}}未设置SqlParameters对象上的Execute xx方法未开始调用SqlCommand类型中,而不是varchar。 Text是用于存储blob的不推荐使用的SQL Server数据类型。我会按如下方式重构代码:
Text注意:我更喜欢提供参数的数据类型,因为当没有提供类型时SqlCE并不总能正常工作。
答案 2 :(得分:3)
这会短得多:
using (SqlConnection connection = new SqlConnection(connectionString))
using (SqlCommand command = connection.CreateCommand())
{
command.CommandText = "INSERT INTO Contacts ([First], [Last], [Address], [City], [State], [ZIP]) VALUES (@first, @last, @address, @city, @state, @zip)";
command.Parameters.AddWithValue("@first", first);
// or
// command.Parameters.Add("@first", SqlDbType.Type).Value = first;
// ...
connection.Open();
command.ExecuteNonQuery();
}
但首先,这是你错过的:
comm.Parameters.Add(firstparam);
// instead of
// comm.Parameters.Add("@first", SqlDbType.Text);
和
command.ExecuteNonQuery();
答案 3 :(得分:2)
有很多方法可以解决这个问题。其中一种方法是使用以下方法替换try块中的行:
comm.Parameters.AddWithValue("@first", first);
comm.Parameters.AddWithValue("@last", last);
comm.Parameters.AddWithValue("@addy", addy);
comm.Parameters.AddWithValue("@city1", city1);
comm.Parameters.AddWithValue("@stat", stat);
comm.Parameters.AddWithValue("@zippy", zippy);
如果您这样做,则不需要所有 SqlParameter 初始化
你显然需要执行命令:
comm.ExecuteNonQuery();
答案 4 :(得分:2)
首先你没有执行命令,你需要调用comm.ExecuteNonQuery();,其次你的SQL字符串是错误的。这一行:
var sqlstring = string.Format("INSERT INTO Contacts ([First] ,[Last] ,[Address] ,[City],
[State],[ZIP]) VALUES {0}, {1}, {2}, {3}, {4}, {5})", @first, @last, @addy, @city1,
@stat, @zippy)
可以是:
var sqlstring = "INSERT INTO Contacts ([First] ,[Last] ,[Address] ,[City] ,[State],[ZIP])
VALUES (@first, @last, @addy, @city1, @stat, @zippy)";
你实际上并没有将参数添加到命令中。您可以像这样创建一个参数:
SqlParameter zipparam;
zipparam = new SqlParameter();
zipparam.ParameterName = "@zippy";
zipparam.Value = zippy;
但是你要加上这个:
comm.Parameters.Add("@zippy", SqlDbType.SmallInt);
没有引用zipparam。这意味着值zippy永远不会实际添加到命令中。您可以使用以下方法在一行中完成此操作:
comm.Parameters.Add(new SqlParameter(@Zippy, SqlDbType.SmallInt)).Value = zippy;