这段代码运作良好。但我想在没有点击按钮的情况下搜索数据。当我将编写员工姓名,如果它将存在于表中,它将显示我的信息,否则我将插入数据。请帮帮我......
protected void btnSubmit_Click(object sender, EventArgs e){
var sqlQuery = "SELECT EmployeeID, Weight, Amount FROM Supplier where EmployeeName= '" + TextBox2.Text+ "'";
//Create Instance for DataSet
var DS = new DataSet();
//Create Instance for SqlConnection
var conn = new SqlConnection(ConfigurationManager.ConnectionStrings["inventoryConnectionString"].ConnectionString);
//Create Instance for SqlCommand
var cmd = new SqlCommand(sqlQuery, conn);
var DA = new SqlDataAdapter(cmd);
DS.Clear();
try{
DA.Fill(DS);
}
catch (Exception ex){}
foreach (DataRow row in DS.Tables[0].Rows){
txtBoxId.Text = row["EmployeeID"].ToString();
txtboxw.Text = row["Weight"].ToString();
txtboxam.Text = row["Amount"].ToString();
}
}
答案 0 :(得分:1)
您可以使用TextChanged事件处理程序和parameterized查询进行sql注入保护。但是,下面的代码转发成本很高,因为它必须不时访问数据库。
protected void TextBox2_TextChanged(object sender, EventArgs e)
{
String connString = ConfigurationManager.ConnectionStrings["inventoryConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(connString))
{
con.Open();
String strSQL = "SELECT EmployeeID, Weight, Amount FROM Supplier where EmployeeName=@EmployeeName";
using (SqlCommand cmd = new SqlCommand(strSQL, con))
{
cmd.Parameters.Add("@EmployeeName", SqlDbType.VarChar).Value = TextBox2.Text;
using (SqlDataAdapter DA = new SqlDataAdapter(cmd))
{
DA.SelectCommand = cmd;
try
{
DataSet DS = new DataSet();
DA.Fill(DS);
foreach (DataRow row in DS.Tables[0].Rows)
{
txtBoxId.Text = row["EmployeeID"].ToString();
txtboxw.Text = row["Weight"].ToString();
txtboxam.Text = row["Amount"].ToString();
}
}
catch (Exception ex)
{
}
}
}
}
}
但是,您可能只是缓存整个表,然后从那里执行查询,而不是像以下那样去数据库:
protected void TextBox2_TextChanged(object sender, EventArgs e)
{
var query = from myRow in myDataTable.AsEnumerable()
where r.Field<string>("EmployeeName")==TextBox2.Text
select new
{
EmployeeID = myRow.Field<int>("EmployeeID"),
Weight = contact.Field<int>("Weight"),
Amount = order.Field<double>("Amount")
};
foreach (var row in query)
{
txtBoxId.Text = row.Employee.ToString();
txtboxw.Text = row.Weight.ToString();
txtboxam.Text = row.Amount.ToString();
}
}
答案 1 :(得分:1)
我有不同的方法。假设Supplier表的内容不经常更改,我建议在页面加载时缓存该表的内容,然后在该文本框中的文本发生更改时引用该表。
private DataTable _suppliers;
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
string sqlQuery = "SELECT EmployeeID, Weight, Amount, EmployeeName FROM Supplier";
var conn = new SqlConnection(ConfigurationManager.ConnectionStrings["inventoryConnectionString"].ConnectionString);
_suppliers = new DataTable();
var cmd = new SqlCommand(sqlQuery, conn);
conn.Open();
var SDA = new SqlDataAdapter(cmd);
SDA.Fill(_suppliers);
}
}
protected void TextBox2_TextChanged(object sender, EventArgs e)
{
DataView DV = new DataView(_suppliers);
DV.RowFilter = string.Format("EmployeeName LIKE '%{0}%'", TextBox2.Text);
if (DV.Count == 1)
{
var row = DV[0];
txtBoxId.Text = row["EmployeeID"].ToString();
txtboxw.Text = row["Weight"].ToString();
txtboxam.Text = row["Amount"].ToString();
}
}
此外,您可能希望使用updatepanel异步处理文本更改事件,而不是使用TextChanged事件。