我有一个ASP.NET应用程序和一个MySQL数据库。我想编写一个类来插入,删除和显示数据库中的数据。我有一个数据库连接,但我无法在数据库中插入数据。
我的班级插入方法:
public string CreateEntry(string Connectionstring, string mitarbeiter)
{
connection = new MySqlConnection(Connectionstring);
try
{
var command = connection.CreateCommand();
command.CommandText = "INSERT INTO tb_mitarbeiter (Vorname) VALUES ('tom')";
connection.Open();
return "Mitarbeiter wurde angelegt";
}
catch (Exception ex)
{
return ex.Message;
}
finally
{
connection.Close();
}
}
Connectionstring是正确的。我没有收到错误,但数据库中没有数据。
我的表名:tb_mitarbeiter 列:ID和Vorname
答案 0 :(得分:9)
您只需执行命令
即可....
MySqlCommand command = connection.CreateCommand();
command.CommandText = "INSERT INTO tb_mitarbeiter (Vorname) VALUES ('tom')";
connection.Open();
command.ExecuteNonQuery();
....
我认为mitarbeiter是应该在数据库中设置的实际值
如果是这种情况,请记住使用参数来插入/更新数据
MySqlCommand command = connection.CreateCommand();
command.CommandText = "INSERT INTO tb_mitarbeiter (Vorname) VALUES (?name)";
command.Parameters.AddWithValue("?name", mitarbeiter);
connection.Open();
command.ExecuteNonQuery();
答案 1 :(得分:6)
要执行插入/更新/删除,您应该添加
connection.Open();
command.ExecuteNonQuery();
使select()显示来自数据库的数据:
connection.Open();
command.ExecuteReader();
答案 2 :(得分:5)
您忘记通过调用command.ExecuteNonQuery()来执行命令。这就是我通常会这样做的方式:
public string CreateEntry(string connectionString, string valueToInsert)
{
var stringToReturn = "";
try
{
using(var connection = new MySqlConnection(connectionString))
{
//Open connection
connection.Open();
//Compose query using sql parameters
var sqlCommand = "INSERT INTO table_name (field_name) VALUES (@valueToInsert)";
//Create mysql command and pass sql query
using(var command = new MySqlCommand(sqlCommand, connection))
{
command.Parameters.AddWithValue("@valueToInsert", valueToInsert);
command.ExecuteNonQuery();
}
stringToReturn ="Success Message";
}
}
catch(exception ex)
{
stringToReturn = "Error Message: " + ex.Message;
}
return stringToReturn;
}
要记住一些关键事项:
答案 3 :(得分:1)
您没有执行命令use SqlCommand.ExecuteNonQuery
try
{
MySqlCommand command = connection.CreateCommand();
command.CommandText = "INSERT INTO tb_mitarbeiter (Vorname) VALUES ('tom')";
connection.Open();
command.ExecuteNonQuery();
return "Mitarbeiter wurde angelegt";
}
catch (Exception ex)
{
return ex.Message;
}
finally
{
connection.Close();
}
答案 4 :(得分:1)
你错过了写这个: -
....
connection.Open();
command.ExecuteNonQuery();
....
答案 5 :(得分:0)
{
string MyConnection2 =“datasource = localhost; port = 3306; username = root; password = 1234”;
string Query = "insert into DBname.TableName(id,Name,First_Name,Age,Address) values('" +this.IdTextBox.Text+ "','" +this.NameTextBox.Text+ "','" +this.FirstnameTextBox.Text+ "','" +this.AgeTextBox.Text+ "','" +this.AddressTextBox.Text+ "');";
MySqlConnection MyConn2 = new MySqlConnection(MyConnection2);
MySqlCommand MyCommand2 = new MySqlCommand(Query, MyConn2);
MySqlDataReader MyReader2;
MyConn2.Open();
MyReader2 = MyCommand2.ExecuteReader();
MessageBox.Show("Save Data");
while (MyReader2.Read())
{
}
MyConn2.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
答案 6 :(得分:0)
您还可以使用Sql参数来阻止Sql Injection
try
{
MySqlCommand command = connection.CreateCommand();
command.CommandText = @"INSERT INTO `tb_mitarbeiter` (`Vorname`) VALUES (@tom)";
command.Parameters.AddWithValue("@tom", tom);
connection.Open();
command.ExecuteNonQuery();
return "Mitarbeiter wurde angelegt";
}
catch (Exception ex)
{
return ex.Message;
}
finally
{
command.Dispose();
command.Close();
connection.Close();
}