[英]vb.net add value(int) in a value(int) in database from a combobox
vb.net add value(int) in a value(int) in database from a combobox vb.net通过组合框在数据库的值(int)中添加值(int)
i'm trying to add vote in the database when the voter clicks the submit button, but it's not working, the vote section doesn't seem to add, looks like the query is not working 我正在尝试在选民单击“提交”按钮时在数据库中添加投票,但它不起作用,投票部分似乎没有添加,看起来查询不起作用
my database schema: 我的数据库架构:
| cid | cpos | cfname | cmname | clname | cyr | cparty | votes | | 1 | President | john | ark | smith | 3 | glory | |
Imports MySql.Data.MySqlClient
Public Class Form4
Dim con As New MySqlConnection
Dim cmd As New MySqlCommand
Dim da As New MySqlDataAdapter
Private Sub Form4_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
con.ConnectionString = ("server=localhost;user id=root;database=db")
Try
con.Open()
With cmd
.Connection = con
.CommandText = "SELECT CONCAT_WS(' ', cid, cfname, cmname, clname, cparty) as cid, " & _
"cpos, cid from candidate WHERE cpos='Vice President'"
End With
Dim dt As New DataTable
da.SelectCommand = cmd
da.Fill(dt)
With ComboBox1
Dim dv1 = New DataView(dt, "cpos='Vice President'", "", DataViewRowState.CurrentRows)
.DisplayMember = "cid"
.ValueMember = "cid"
.DataSource = dv1
End With
Catch ex As Exception
MsgBox(ex.Message)
End Try
con.Close()
End Sub
Private Sub cmdsubmit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdsubmit.Click
Dim Query As String
Query = "Update candidate SET votes = votes + 1 WHERE cid = '" & ComboBox1.SelectedItem(0).ToString & "')"
Dim cmd As MySqlCommand = New MySqlCommand(Query, con)
Try
cmd.ExecuteNonQuery()
Catch ex As Exception
End Try
Dim ds As New DataSet
Dim dt As New DataTable
da.Update(dt)
MessageBox.Show("Query Completed")
con.Close()
End Sub
End Class
You have a close parenthesys not needed at the end of your query 查询结束时不需要亲母
Query = "Update candidate SET votes = votes + 1 " & _
"WHERE cid = '" & ComboBox1.SelectedItem(0).ToString & "'"
If you don't swallow the exception, this error should be quite simple to notice. 如果您不吞下该异常,则此错误应该很容易注意到。
Do not create empty Try/Catch
blocks, at least print the error message caught by the exception 不要创建空的
Try/Catch
块,至少打印出异常捕获的错误消息
Try
cmd.ExecuteNonQuery()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
However, while in this context there is no real danger of a Sql Injection, I still suggest to use a parameterized query. 但是,尽管在这种情况下并没有真正的SQL注入危险,但我仍然建议使用参数化查询。
con.Open()
Query = "Update candidate SET votes = votes + 1 WHERE cid = @id"
Dim cmd As MySqlCommand = New MySqlCommand(Query, con)
cmd.Parameters.AddWithValue("@id", ComboBox1.SelectedItem(0).ToString)
Try
cmd.ExecuteNonQuery()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
con.Close()
' remove the subsequent lines with the adapter because they are useless
As a last note, are you sure the datatable field cid
is a string? 最后一点,您确定datatable字段
cid
是字符串吗? If it is a number then you need to convert the value passed here to an integer or you risk to get a datatype mismatch error. 如果是数字,则需要将此处传递的值转换为整数,否则可能会遇到数据类型不匹配错误的风险。
EDIT With the error message in place it is obvious that the connection is closed by a previous command and thus cannot be used by the command. 编辑出现错误消息后,很明显该连接已被上一个命令关闭,因此该命令无法使用该连接。 In this context I suggest to remove the global object that keeps the reference to the connection and ALWAYS create a connection object when needed and close it immediately after the usage.
在这种情况下,我建议删除保留对连接的引用的全局对象,并始终在需要时创建连接对象,并在使用后立即将其关闭。 The Using Statement is perfect for this scenario
使用语句非常适合这种情况
Query = "Update candidate SET votes = votes + 1 WHERE cid = @id"
Using con = new MySqlConnection("server=localhost;user id=root;database=db")
Using cmd = New MySqlCommand(Query, con)
con.Open()
cmd.Parameters.AddWithValue("@id", ComboBox1.SelectedItem(0).ToString)
Try
cmd.ExecuteNonQuery()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End Using
End Using
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.