我的数据库搜索过于宽泛,无法区别对待

时间:2017-10-16 20:32:47

标签: c#

所以我创建了一个数据库,但它没有正确搜索。我想使用他们的名字或ID来搜索单个员工的示例,但是当我开始搜索时,它会调出整个数据库。这是我的代码。

namespace FairyTailHRSolution
{
    public partial class Form1 : Form
    {
        SqlCommand cmd;
        SqlConnection con;
        SqlDataAdapter da;


        public Form1()
        {
            InitializeComponent();
        }

        private void textBox1_TextChanged(object sender, EventArgs e)
        {

        }

        private void button1_Click(object sender, EventArgs e)
        {
            con=new SqlConnection(@"Data Source = LAPTOP-VHSGV41H\SQLEXPRESS; Initial Catalog = EmpDB; Integrated Security = True");
            con.Open();
            cmd = new SqlCommand("INSERT INTO FRYEMP (EmployeeID, EmployeeName, EmployeePosition, EmployeeSalary) VALUES (@EmployeeID, @EmployeeName, @EmployeePosition, @EmployeeSalary)", con);
            cmd.Parameters.Add("@EmployeeID", textBox1.Text);
            cmd.Parameters.Add("@EmployeeName", textBox2.Text);
            cmd.Parameters.Add("@EmployeePosition", textBox3.Text);
            cmd.Parameters.Add("@EmployeeSalary", textBox4.Text); 
            cmd.ExecuteNonQuery();
        }

        private void Form1_Load(object sender, EventArgs e)
        {

        }

        private void textBox2_TextChanged(object sender, EventArgs e)
        {

        }

        private void label1_Click(object sender, EventArgs e)
        {

        }

        private void label2_Click(object sender, EventArgs e)
        {

        }

        private void find_Click(object sender, EventArgs e)
        {

        }

        private void textBox5_TextChanged(object sender, EventArgs e)
        {
            if(comboBox1.Text == "EmployeeID")
            {
                SqlConnection con = new SqlConnection("Data Source=LAPTOP-VHSGV41H\\SQLEXPRESS;Initial Catalog=EmpDB;Integrated Security=True");
                SqlDataAdapter da = new SqlDataAdapter("SELECT EmployeeID, EmployeeName,EmployeePosition, EmployeeSalary FROM FRYEMP where EmployeeID like '" + "%'", con);
                DataTable dt = new DataTable();
                da.Fill(dt);
                dataGridView1.DataSource = dt;
            }
            else if (comboBox1.Text == "EmployeeName")
            {
                SqlConnection con = new SqlConnection("Data Source=LAPTOP-VHSGV41H\\SQLEXPRESS;Initial Catalog=EmpDB;Integrated Security=True");
                SqlDataAdapter da = new SqlDataAdapter("SELECT EmployeeID, EmployeeName,EmployeePosition, EmployeeSalary FROM FRYEMP where EmployeeName like '" + "%'", con);
                DataTable dt = new DataTable();
                da.Fill(dt);
                dataGridView1.DataSource = dt;
            }
        }

        private void comboBox1_SelectedIndexChanged(object sender, EventArgs e)
        {

        }
    }
}

1 个答案:

答案 0 :(得分:-1)

SqlDataAdapter da = new SqlDataAdapter("SELECT EmployeeID, EmployeeName,EmployeePosition, EmployeeSalary FROM FRYEMP where EmployeeName like @employeeName", con);
da.SelectCommand.Parameters.AddWithValue("@employeeName","%" + textBox5.Text + "%");
DataTable dt = new DataTable();
da.Fill(dt);
dataGridView1.DataSource = dt;

employeeId的类似申请。此外,我还考虑将存储过程用于此类事务,因为存储过程是预编译和缓存的,并且对于这种操作将更具性能。

相关问题
最新问题