Question

我正在尝试做一个简单的C＃windows应用程序作为初学者。但我得到System.Data.SqlClient.SqlException。当我尝试连接到数据库时，它表示连接正常。但它不允许我使用visual studio创建任何表。我无法弄清楚为什么它没有显示添加新表的选项。这是我的代码。

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;

namespace best
{
   public partial class Form1 : Form
   {

      SqlConnection con=new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename=C:\Users\Janith Kularathne\Documents\testing.mdf;
        Integrated Security=True;Connect Timeout=30");

    public Form1()
    {
        InitializeComponent();
    }

    private void insertB_Click(object sender, EventArgs e)
    {
        con.Open();
        SqlCommand cmd = con.CreateCommand();
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = "Insert into details values('"+ idBox.Text +"', '"+ nameBox.Text + "')";
        cmd.ExecuteNonQuery();
        con.Close();
        idBox.Text = "";
        nameBox.Text="";
        DisplayDetails();
        MessageBox.Show("Insertion succesfull");           
    }

    private void deleteB_Click(object sender, EventArgs e)
    {
        con.Open();
        SqlCommand cmd = con.CreateCommand();
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = "Delete from details where id= '" + idBox.Text + "')";
        cmd.ExecuteNonQuery();
        con.Close();
        idBox.Text = "";
        nameBox.Text = "";
        DisplayDetails();
        MessageBox.Show("delete succesfull");
    }

    private void updateB_Click(object sender, EventArgs e)
    {
        con.Open();
        SqlCommand cmd = con.CreateCommand();
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = "update details set id, name,category where  id= '" + idBox.Text + "')";
        cmd.ExecuteNonQuery();
        con.Close();
        idBox.Text = "";
        nameBox.Text = "";
        DisplayDetails();
        MessageBox.Show("Update succesfull");
    }

    private void searchB_Click(object sender, EventArgs e)
    {
        con.Open();
        SqlCommand cmd = con.CreateCommand();
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = "selet *from details where  id= '" + idBox.Text + "')";
        cmd.ExecuteNonQuery();
        con.Close();
        DisplayDetails();
    }

    private void dataGridView1_CellContentClick(object sender, DataGridViewCellEventArgs e)
    {

    }

    private void Form1_Load(object sender, EventArgs e)
    {
        DisplayDetails();
    }

    public void DisplayDetails()
    {
        con.Open();
        SqlCommand cmd = con.CreateCommand();
        cmd.CommandType = CommandType.Text;
        cmd.CommandText = "select * from details";
        cmd.ExecuteNonQuery();
        DataTable dt = new DataTable();
        SqlDataAdapter da = new SqlDataAdapter(cmd);
        da.Fill(dt);
        dataGridView1.DataSource = dt;

        con.Close();
    }
}

Answer 1

您的代码目前包含各种不同的问题，我将详细说明并解决您当前的一些问题：

不必要的右括号
错别字和拼写错误
语法不正确
使用参数化

除此之外，我强烈建议您阅读一些有关使用ExecuteNonQuery()，ExecuteReader()和ExecuteNonScalar()等不同方法的教程，以确定如何从执行它们后的查询。

不必要的结束括号

您的每个查询中当前都有一个尾随的右括号，这可能会导致SELECT，UPDATE和DELETE查询中出现语法错误：

// Notice the unnecessary trailing ')', which should only be useful within your INSERT call
cmd.CommandText = "..." + idBox.Text + "')";

错别字和拼写错误

您的搜索查询中还会出现一个拼写错误以及单词＆＃34; SELECT＆＃34;错误拼写：

// "selet" should be "Select"
cmd.CommandText = "selet *from details where  id= '" + idBox.Text + "')";

语法错误

您当前的UPDATE查询实际上似乎没有做任何事情。您使用的是SET关键字，但实际上并未将值设置为任何内容：

// UPDATE queries should be in the form UPDATE {table} SET {Column} = {Value} WHERE ...
cmd.CommandText = "update details set id, name,category where id= '" + idBox.Text + "')";

参数化，非连接

此外，在构建查询时，您应该考虑使用参数化。它可以帮助避免像SQL注入这样的肮脏，并防止语法错误。

您可以看到以下某个方法的示例：

private void searchB_Click(object sender, EventArgs e)
{
    con.Open();
    var query = "SELECT * FROM details WHERE ID = @id";
    using(var cmd = new SqlCommand(query, connection))
    {
         cmd.Parameters.AddWithValue("@id",idBox.Text);
         using(var reader = cmd.ExecuteReader())
         {
               // Access your results here and do something with them
         }
    }
}

C＃sql相关异常

1 个答案: