我正在创建一个搜索栏,以便在我的学校项目中找到一些患者,但是当我搜索它有效时,但当我进行另一次搜索时,它向我发送了一条消息,好像该数字即使存在也不存在,这个是按钮的代码,希望你能帮助我。
Private Sub cmdIDBuscar_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdBuscarID.Click
Dim sqlCon As New SqlClient.SqlConnection
Dim sqlComm As New SqlClient.SqlCommand
'Ruta de la conección.
sqlCon.ConnectionString = ("Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Sistema para Hospitales.mdf;Integrated Security=True;User Instance=True")
'Instrucción con la que se trabajara.
sqlComm.CommandText = "SELECT * FROM [Pacientes] WHERE IDPaciente= '" & txtID.Text & "';"
'Abrir la coneccion SQL
sqlCon.Open()
Do Until txtID.Text = txtCompararID.Text
Me.PacientesBindingSource.MoveNext()
Exit Do
If EOF(True) Then KryptonMessageBox.Show("Error, no se encontro paciente.", "Error", MessageBoxButtons.AbortRetryIgnore, MessageBoxIcon.Error)
Loop
If txtID.Text = txtCompararID.Text Then
txtNombres.Text = txtCompararN1.Text & " " & txtCompararN2.Text & " " & txtCompararN3.Text
txtApellidos.Text = txtCompararAp1.Text & " " & txtCompararAp2.Text
txtEdad.Text = txtCompararEdad.Text
Select Case txtCompararSexo.Text
Case Is = "F"
txtSexo.Text = "Femenino"
Case Is = "M"
txtSexo.Text = "Masculino"
End Select
Select Case TipoAfiliacionTextBox.Text
Case Is = "1"
txtTAfiliacion.Text = "Cotizante"
Case Is = "2"
txtTAfiliacion.Text = "Beneficiario"
Case Is = "3"
txtTAfiliacion.Text = "Pensionado"
End Select
txtAltura.Text = AlturaTextBox1.Text
txtPeso.Text = PesoTextBox1.Text
txtPresion.Text = PresionTextBox.Text
txtTemperatura.Text = TemperaturaTextBox.Text
Else
KryptonMessageBox.Show("No se encontro el paciente", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
End If
End Sub
答案 0 :(得分:1)
在其他问题中,因为你在比较循环中间有一个Exit Do语句,你可能只会匹配第一条记录,因为你的do循环最多会执行一次。
我猜txtCompararID与您的PacientesBindingSource数据绑定,并且您的循环的意图是通过此绑定源移动,直到找到与txtID匹配的值。
如果是这种情况,你的do循环应该看起来更像:
' Get back to the top of the list
Me.PacientesBindingSource.MoveFirst()
Do Until txtID.Text = txtCompararID.Text
Me.PacientesBindingSource.MoveNext()
If EOF(True) Then
KryptonMessageBox.Show("Error, no se encontro paciente.", "Error", MessageBoxButtons.AbortRetryIgnore, MessageBoxIcon.Error)
Exit Do
End If
Loop
此外,您应该对连接和命令对象使用Using语句,以便在完成使用后正确关闭和处理它们。
例如:
Using sqlCon As New SqlClient.SqlConnection
Using sqlComm As New SqlClient.SqlCommand
... all of your code
End Using
End Using
最后,最重要的是,您应该使用参数化查询语句以防止SQL注入攻击,因为您允许直接输入值。这句话:
sqlComm.CommandText = "SELECT * FROM [Pacientes] WHERE IDPaciente= '" & txtID.Text & "';"
应改为:
sqlComm.CommandText = "SELECT * FROM [Pacientes] WHERE IDPaciente= ?"
sqlComm.Parameters.AddWithValue("IDPaciente", txtID.text)