将数据插入数据库的最佳方法是什么?
这就是我所拥有的,但这是错误的..
cmd.CommandText = "INSERT INTO klant(klant_id,naam,voornaam) VALUES(@param1,@param2,@param3)";
cmd.Parameters.Add(new SqlParameter("@param1", klantId));
cmd.Parameters.Add(new SqlParameter("@param2", klantNaam));
cmd.Parameters.Add(new SqlParameter("@param3", klantVoornaam));
该函数将数据添加到listBox
http://www.pictourl.com/viewer/37e4edcf (link is dead)
但不是进入数据库..
http://www.pictourl.com/viewer/4d5721fc (link is dead)
完整功能:
private void Form1_Load(object sender, EventArgs e)
{
conn2 = new SqlConnection();
conn2.ConnectionString = ConfigurationManager.ConnectionStrings["connSpionshopString"].ConnectionString;
}
private void button2_Click(object sender, EventArgs e)
{
string sqlCmd = "SELECT naam,voornaam,klant_id FROM klant;";
SqlCommand cmd = new SqlCommand(sqlCmd, conn2);
conn2.Open();
using(SqlDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
listBox2.Items.Add(reader.GetString(0) + " " + reader.GetString(1) + " (" + reader.GetInt16(2) + ")");
}
}
conn2.Close();
}
private void button4_Click(object sender, EventArgs e)
{
int klantId = Convert.ToInt32(textBox1.Text);
string klantNaam = textBox2.Text;
string klantVoornaam = textBox3.Text;
conn2.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn2;
cmd.CommandText = "INSERT INTO klant(klant_id, naam, voornaam) VALUES(@param1,@param2,@param3)";
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
cmd.ExecuteNonQuery();
conn2.Close();
}
答案 0 :(得分:36)
尝试确认数据库中每个参数的数据类型( SqlDbType )并按此方式执行;
using(SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["connSpionshopString"].ConnectionString))
{
connection.Open();
string sql = "INSERT INTO klant(klant_id,naam,voornaam) VALUES(@param1,@param2,@param3)";
using(SqlCommand cmd = new SqlCommand(sql,connection))
{
cmd.Parameters.Add("@param1", SqlDbType.Int).value = klantId;
cmd.Parameters.Add("@param2", SqlDbType.Varchar, 50).value = klantNaam;
cmd.Parameters.Add("@param3", SqlDbType.Varchar, 50).value = klantVoornaam;
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
}
答案 1 :(得分:16)
您可以使用隐式投射 AddWithValue
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
示例代码,
using (SqlConnection conn = new SqlConnection("connectionString"))
{
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
cmd.CommandText = @"INSERT INTO klant(klant_id,naam,voornaam)
VALUES(@param1,@param2,@param3)";
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
try
{
conn.Open();
cmd.ExecuteNonQuery();
}
catch(SqlException e)
{
MessgeBox.Show(e.Message.ToString(), "Error Message");
}
}
}
答案 2 :(得分:2)
using (SqlConnection connection = new SqlConnection(connectionString))
{
connection.Open();
using (SqlCommand command = connection.CreateCommand())
{
command.CommandText = "INSERT INTO klant(klant_id,naam,voornaam) VALUES(@param1,@param2,@param3)";
command.Parameters.AddWithValue("@param1", klantId));
command.Parameters.AddWithValue("@param2", klantNaam));
command.Parameters.AddWithValue("@param3", klantVoornaam));
command.ExecuteNonQuery();
}
}
答案 3 :(得分:1)
您可以使用dapper库:
conn2.Execute(@"INSERT INTO klant(klant_id,naam,voornaam) VALUES (@p1,@p2,@p3)",
new { p1 = klantId, p2 = klantNaam, p3 = klantVoornaam });
BTW Dapper是一个Stack Overflow项目:)
更新:我相信如果没有像EF这样的东西,你就不能做得更简单。在使用数据库连接时,还要尝试使用using语句。这将自动关闭连接,即使在异常情况下也是如此。连接将返回到连接池。
private readonly string _spionshopConnectionString;
private void Form1_Load(object sender, EventArgs e)
{
_spionshopConnectionString = ConfigurationManager
.ConnectionStrings["connSpionshopString"].ConnectionString;
}
private void button4_Click(object sender, EventArgs e)
{
using(var connection = new SqlConnection(_spionshopConnectionString))
{
connection.Execute(@"INSERT INTO klant(klant_id,naam,voornaam)
VALUES (@klantId,@klantNaam,@klantVoornaam)",
new {
klantId = Convert.ToInt32(textBox1.Text),
klantNaam = textBox2.Text,
klantVoornaam = textBox3.Text
});
}
}
答案 4 :(得分:0)
您应该避免在应用程序中对SQL语句进行硬编码。如果您不使用ADO或EntityFramework,我建议您将存储过程添加到数据库并从您的c#应用程序中调用它。您可以在此处找到示例代码:How to execute a stored procedure within C# program和http://msdn.microsoft.com/en-us/library/ms171921%28v=vs.80%29.aspx。
答案 5 :(得分:0)
使用AddWithValue(),但be aware of the possibility of the wrong implicit type conversion
像这样:
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
答案 6 :(得分:0)
public class customer
{
public void InsertCustomer(string name,int age,string address)
{
// create and open a connection object
using(SqlConnection Con=DbConnection.GetDbConnection())
{
// 1. create a command object identifying the stored procedure
SqlCommand cmd = new SqlCommand("spInsertCustomerData",Con);
// 2. set the command object so it knows to execute a stored procedure
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter paramName = new SqlParameter();
paramName.ParameterName = "@nvcname";
paramName.Value = name;
cmd.Parameters.Add(paramName);
SqlParameter paramAge = new SqlParameter();
paramAge.ParameterName = "@inage";
paramAge.Value = age;
cmd.Parameters.Add(paramAge);
SqlParameter paramAddress = new SqlParameter();
paramAddress.ParameterName = "@nvcaddress";
paramAddress.Value = address;
cmd.Parameters.Add(paramAddress);
cmd.ExecuteNonQuery();
}
}
}