[英]How to insert data from radiobutton and combobox to table in MS Sql
I am working on building an application with c# WF. 我正在使用c#WF构建应用程序。 I created an employee table in MS sql database. 我在MS sql数据库中创建了一个雇员表。 I have two radio buttons for gender (male and female). 我有两个用于性别的单选按钮(男性和女性)。 Depending on how users click on radio button (male or female), I would like to write sql statement that can insert one of the two radiobutton choices. 根据用户单击单选按钮(男性还是女性)的方式,我想编写可以插入两个单选按钮之一的sql语句。 Same thing applies to combobox. 同样的情况适用于组合框。 Upon user's choice of selection to data from combobox, I want data to save in table. 当用户选择从组合框中选择数据时,我希望数据保存在表中。 I googled the questions, and didn't come out the right one. 我搜索了问题,但没有提出正确的问题。 There is one posted here at Feb 7th. 2月7日在这里发布了一个。 Question was unaswered. 问题未得到回答。 Not sure how to write codes for combobox. 不确定如何为组合框编写代码。
("INSERT INTO Employeess(EmpID,FirstName,LastName,Salary,desgnation,gender)
values ('" + textBox1.Text + "','" +
textBox2.Text + "','" +
textBox3.Text + "','" +
textBox4.Text + "','" +
textBox5.Text + "','" +
**radioButton1.Checked+"'** )");
Any help is very much appreciated. 很感谢任何形式的帮助。
Use the bit data type for your column. 对您的列使用位数据类型。 Then you can insert radioButton1.Checked
checked value directly using SQL parameters. 然后,您可以直接使用SQL参数插入radioButton1.Checked
检查值。
since you haven't provide full code, try 由于您尚未提供完整的代码,请尝试
("INSERT INTO Employeess(EmpID,FirstName,LastName,Salary,desgnation,gender)
values ('" + textBox1.Text + "','" +
textBox2.Text + "','" +
textBox3.Text + "','" +
textBox4.Text + "','" +
textBox5.Text + "'," +
(radioButton1.Checked ? "1" : "0") +" )");
I completely changed my code and it works. 我完全更改了代码,它可以正常工作。 I am using with sqlcommand.paramemters.addwithvalue. 我正在使用sqlcommand.paramemters.addwithvalue。 When I googled the solutions, I found out that previous coding is vlunerable for sql injection. 当我搜索解决方案时,我发现以前的编码对于sql注入是不可靠的。 Thank for help.Below is my complete code for saving data into database from textboxes, combobox and radio buttons. 感谢您的帮助。下面是我完整的代码,用于将数据从文本框,组合框和单选按钮保存到数据库中。
private void btnSave_Click(object sender, EventArgs e)
{
try
{
DataValidateAndDateFormat();
string strGender;
string strConnectionString = @"Data Source = KK\SQLEXPRESS; Integrated Security = SSPI; Initial Catalog = JeanDB";
SqlConnection cn = new SqlConnection(strConnectionString);
cn.Open();
string strEmpID = txtEmpID.Text.Trim();
string strFirstName = txtFirstName.Text.Trim();
string strLastName = txtLastName.Text.Trim();
string strDesignation = txtDesignation.Text.Trim();
int iSalary = Convert.ToInt32(txtSalary.Text.Trim());
string strAddress = txtAddress.Text.Trim();
int iZipCode = Convert.ToInt32(txtZipCode.Text.Trim());
int iPhone = Convert.ToInt32(txtPhone.Text.Trim());
string strEmail = txtEmail.Text.Trim();
DateTime dtDOB = dtPickerDOB.Value;
string strNationality = comboNationality.SelectedItem.ToString();
if (rbMale.Checked)
strGender = "Male";
else
strGender = "Female";
string strUserName = txtUserName.Text.Trim();
string strPassword = txtPassword.Text.Trim();
string query = "INSERT INTO Employees(EmployeeID, FirstName, LastName, Designation, Salary, Address, ZipCode, Phone, Email, DOB, Nationality, Gender, Username, Password)VALUES(@strEmpID, @strFirstName, @strLastName, @strDesignation, @iSalary, @strAddress, @iZipCode, @iPhone,@strEmail, @dtDOB, @strNationality, @strGender, @strUserName, @strPassword)";
SqlCommand InsertCommand = new SqlCommand(query, cn);
InsertCommand.Connection = cn;
InsertCommand.Parameters.AddWithValue(@"strEmpID", strEmpID);
InsertCommand.Parameters.AddWithValue(@"strFirstName", strFirstName);
InsertCommand.Parameters.AddWithValue(@"strLastName", strLastName);
InsertCommand.Parameters.AddWithValue(@"strDesignation", strDesignation);
InsertCommand.Parameters.AddWithValue(@"iSalary", iSalary);
InsertCommand.Parameters.AddWithValue(@"strAddress", strAddress);
InsertCommand.Parameters.AddWithValue(@"iZipCode", iZipCode);
InsertCommand.Parameters.AddWithValue(@"iPhone", iPhone);
InsertCommand.Parameters.AddWithValue(@"strEmail", strEmail);
InsertCommand.Parameters.AddWithValue(@"dtDOB", dtDOB);
InsertCommand.Parameters.AddWithValue(@"strNationality", strNationality);
InsertCommand.Parameters.AddWithValue(@"strGender", strGender);
InsertCommand.Parameters.AddWithValue(@"strUsername", strUserName);
InsertCommand.Parameters.AddWithValue(@"strPassword", strPassword);
InsertCommand.ExecuteNonQuery();
MessageBox.Show("New Employee's Data has been added successfully");
cn.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.