帮助!它说连接没有关闭。连接的当前状态是ope,但我确实关闭了,请帮助?提前谢谢你
private void inserttransaction()
{
for (int i = 0; i < dataPOS.Rows.Count; i++)
{
con.Open();
dataPOS.Rows[i].Selected = true;
cmd = new SqlCommand(@"INSERT INTO TRANSACTIONS (TransactionCode,TransactionDate,ItemCode,ItemName,Quantity,Price,Total)
VALUES
('"+ dataPOS.SelectedRows[0].Cells[0].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[1].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[2].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[3].Value.ToString()+"' , '"+ dataPOS.SelectedRows[0].Cells[4].Value.ToString() +"' '"+ dataPOS.SelectedRows[0].Cells[5].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[6].Value.ToString() +"')", con);
cmd.ExecuteNonQuery();
dataPOS.Rows[i].Selected = false;
con.Close();
}
}
答案 0 :(得分:3)
您无法打开已打开的连接。
con.Open();
for (int i = 0; i < dataPOS.Rows.Count; i++)
{
dataPOS.Rows[i].Selected = true;
cmd = new SqlCommand(@"INSERT INTO TRANSACTIONS (TransactionCode,TransactionDate,ItemCode,ItemName,Quantity,Price,Total)
VALUES
('"+ dataPOS.SelectedRows[0].Cells[0].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[1].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[2].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[3].Value.ToString()+"' , '"+ dataPOS.SelectedRows[0].Cells[4].Value.ToString() +"' '"+ dataPOS.SelectedRows[0].Cells[5].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[6].Value.ToString() +"')", con);
cmd.ExecuteNonQuery();
dataPOS.Rows[i].Selected = false;
}
con.Close();
但我仍然使用using语句:
using(var con = new SqlConnection("connection-string.."))
{
con.Open();
for (int i = 0; i < dataPOS.Rows.Count; i++)
{
dataPOS.Rows[i].Selected = true;
cmd = new SqlCommand(@"INSERT INTO TRANSACTIONS (TransactionCode,TransactionDate,ItemCode,ItemName,Quantity,Price,Total)
VALUES
('"+ dataPOS.SelectedRows[0].Cells[0].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[1].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[2].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[3].Value.ToString()+"' , '"+ dataPOS.SelectedRows[0].Cells[4].Value.ToString() +"' '"+ dataPOS.SelectedRows[0].Cells[5].Value.ToString() +"' , '"+ dataPOS.SelectedRows[0].Cells[6].Value.ToString() +"')", con);
cmd.ExecuteNonQuery();
dataPOS.Rows[i].Selected = false;
}
} // con.Close() not necessary
您还应该使用参数化查询而不是连接字符串来构建您的SQL查询。否则你很容易受到sql注入攻击。
答案 1 :(得分:1)
尝试在循环之前添加using子句并打开conn。我认为您应该考虑添加SqlParameter,直接从源集合中添加数据(sql注入风险)。
using (var con = new SqlConnection("your conn string"))
{
con.Open();
SqlCommand cmd = new SqlCommand();
cmd.CommandType = CommandType.Text;
cmd.Connection = con;
List<SqlParameter> sqlParams = new List<SqlParameter>();
sqlParams.Add(new SqlParameter("@param0", null));
sqlParams.Add(new SqlParameter("@param1", null));
sqlParams.Add(new SqlParameter("@param2", null));
sqlParams.Add(new SqlParameter("@param3", null));
sqlParams.Add(new SqlParameter("@param4", null));
sqlParams.Add(new SqlParameter("@param5", null));
sqlParams.Add(new SqlParameter("@param6", null));
cmd.Parameters.AddRange(sqlParams.ToArray());
for (int i = 0; i < dataPOS.Rows.Count; i++)
{
cmd.Parameters["@param0"].Value = dataPOS.SelectedRows[0].Cells[0].Value.ToString();
cmd.Parameters["@param1"].Value = dataPOS.SelectedRows[0].Cells[1].Value.ToString();
cmd.Parameters["@param2"].Value = dataPOS.SelectedRows[0].Cells[2].Value.ToString();
cmd.Parameters["@param3"].Value = dataPOS.SelectedRows[0].Cells[3].Value.ToString();
cmd.Parameters["@param4"].Value = dataPOS.SelectedRows[0].Cells[4].Value.ToString();
cmd.Parameters["@param5"].Value = dataPOS.SelectedRows[0].Cells[5].Value.ToString();
cmd.Parameters["@param6"].Value = dataPOS.SelectedRows[0].Cells[6].Value.ToString();
dataPOS.Rows[i].Selected = true;
cmd.CommandText = @"INSERT INTO TRANSACTIONS (TransactionCode,TransactionDate,ItemCode,ItemName,Quantity,Price,Total)
VALUES (@param0, @param1, @param2, @param3, @param4, @param5,@param6 )";
cmd.ExecuteNonQuery();
dataPOS.Rows[i].Selected = false;
}
}