SqlConnection connStr = new SqlConnection (“Data Source = SERVER; Initial Catalog = HRPR; Persist Security Info = True; User ID = hr; Password = 11”);
SqlCommand com;
protected void Button2_Click(object sender, EventArgs e)
{
SqlConnection connStr = new SqlConnection("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");
connStr.Open();
foreach (GridViewRow g1 in GridView1.Rows)
{
com = new
SqlCommand("INSERT INTO tblExmWrittn(Cirname,publishingDate,ApplicantId,Applicantname,HighestMrk,WrittnAchievMrk) VALUES( '" + row.Cells[0].Value.ToString(); + "', '" + row.Cells[1].Value.ToString();+ "' , '" + row.Cells[2].Value.ToString();+ "' ,'" + row.Cells[3].Value.ToString();+ "','" + row.Cells[4].Value.ToString();+ "' ,'" + row.Cells[5].Value.ToString();+ "','" + row.Cells[6].Value.ToString();+ "')", connStr);
com.ExecuteNonQuery();
connStr.Close();
}
Label1.Text = "Records inserted successfully";
}
答案 0 :(得分:2)
试试这个
SqlConnection connStr = new SqlConnection
("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");
SqlCommand com;
protected void Button2_Click(object sender, EventArgs e)
{
SqlConnection connStr = new SqlConnection("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");
connStr.Open();
foreach (DataGridViewRow row in dataGridView.SelectedRows)
{
com = new
SqlCommand("INSERT INTO tblExmWrittn(column1,column2....) VALUES( '" + row.Cells[0].Value.ToString(); + "', '" + row.Cells[1].Value.ToString();+ "' , '" + row.Cells[2].Value.ToString();+ "' ,'" + row.Cells[3].Value.ToString();+ "','" + row.Cells[4].Value.ToString();+ "' ,'" + row.Cells[5].Value.ToString();+ "','" + row.Cells[6].Value.ToString();+ "')", connStr);
com.ExecuteNonQuery();
connStr.Close();
}
Label1.Text = "Records inserted successfully";
}
答案 1 :(得分:0)
不要使用内联参数来构建SQL语句。
使用SQL参数并分离数据访问和UI层。
您的表中有int值,字符串,日期时间值,但是您是否以正确的格式发送所有这些数据? (对于int值参数,您不需要''
)
你可以通过使用SQL参数来避免所有。
请注意,您正在循环中的第一行之后关闭连接,并且对于下一行,再次打开它。最好在所有行的末尾关闭连接。
我会为插入记录创建单独的方法,如下所示
public void InsertExamWrittn(int writtnId, string cirname, DateTime publishingDate, string applicantId, string applicantname, string highestMrk, string writtnAchievMrk)
{
using (var con = new SqlConnection("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11"))
using(var cmd= con.CreateCommand())
{
cmd.CommandText = "INSERT INTO tblExmWrittn (WrittnId, Cirname, publishingDate, ApplicantId, Applicantname, HighestMrk, WrittnAchievMrk) "+
"VALUES (@WrittnId, @Cirname, @publishingDate, @ApplicantId, @Applicantname, @HighestMrk, @WrittnAchievMrk)";
cmd.Parameters.AddWithValue("@WrittnId", writtnId);
cmd.Parameters.AddWithValue("@Cirname", cirname);
cmd.Parameters.AddWithValue("@publishingDate", publishingDate);
cmd.Parameters.AddWithValue("@ApplicantId", applicantId);
cmd.Parameters.AddWithValue("@Applicantname", applicantname);
cmd.Parameters.AddWithValue("@HighestMrk", highestMrk);
cmd.Parameters.AddWithValue("@WrittnAchievMrk", writtnAchievMrk);
con.Open();
cmd.ExecuteNonQuery();
}
}
来自Button2_Click
事件我会通过为每一行提供相关参数来调用此方法