[英]how to select records from table with all of value of a field
frmAdd f = new frmAdd(); frmAdd f = new frmAdd(); string connectionString = ("Server=(localdb)\\v11.0;AttachDbFileName=" + Application.StartupPath + "\\Database\\" + f.databaseName + ".mdf;Connect Timeout=30;");
string connectionString =(“Server =(localdb)\\ v11.0; AttachDbFileName =”+ Application.StartupPath +“\\ Database \\”+ f.databaseName +“。mdf; Connect Timeout = 30;”); SqlConnection connection = new SqlConnection(connectionString);
SqlConnection connection = new SqlConnection(connectionString);
//notes=error, id and group=no like
string selectCommand = "SELECT * FROM ContactsList WHERE " +
"NamePrefix LIKE @prefix AND GivenName LIKE @given AND MiddleName LIKE @middle AND FamilyName LIKE @family AND " +
"NameSuffix LIKE @suffix AND NickName LIKE @nick AND Company LIKE @company AND JobTitle LIKE @job AND " +
"MobilePhone LIKE @mobilep AND HomePhone LIKE @homep AND WorkPhone LIKE @workp AND WorkFaxPhone LIKE @workfp AND HomeFaxPhone LIKE @homefp AND " +
"PagerPhone LIKE @pagerp AND CallBackPhone LIKE @callbp AND OtherPhone LIKE @otherp AND GroupName=@group AND Relationship LIKE @relation AND " +
"StreetHome LIKE @strh AND CityHome LIKE @cityh AND StateHome LIKE @stah AND ZipCodeHome LIKE @ziph AND CountryHome LIKE @countryh AND " +
"StreetWork LIKE @strw AND CityWork LIKE @cityw AND StateWork LIKE @staw AND ZipCodeWork LIKE @zipw AND CountryWork LIKE @countryw AND " +
"StreetOther LIKE @stro AND CityOther LIKE @cityo AND StateOther LIKE @stao AND ZipCodeOther LIKE @zipo AND CountryOther LIKE @countryo AND " +
"HomeMail LIKE @homem AND WorkMail LIKE @workm AND OtherMail LIKE @otherm AND Website1 LIKE @web1 AND Website2 LIKE @web2 AND Website3 LIKE @web3 AND " +
"Facebook LIKE @face AND GooglePlus LIKE @google AND BirthdayEvent LIKE @birth AND AnniversaryEvent LIKE @anni AND OtherEvent LIKE @othere";
SqlCommand command1 = new SqlCommand(selectCommand);
command1.Connection = connection;
command1.CommandType = CommandType.Text;
//if (!string.IsNullOrWhiteSpace(txtId.Text))
//{
// command1.Parameters.AddWithValue("@id", txtId.Text);
//}
//else
//{
// command1.Parameters.AddWithValue("@id", "%%");
//}
if (!string.IsNullOrWhiteSpace(txtPrefix.Text))
{
command1.Parameters.AddWithValue("@prefix", "%" + txtPrefix.Text + "%");
}
else
{
command1.Parameters.AddWithValue("@prefix", "%%");
}
if (!string.IsNullOrWhiteSpace(txtGiven.Text))
{
command1.Parameters.AddWithValue("@given", "%" + txtGiven.Text + "%");
}
else
{
command1.Parameters.AddWithValue("@given", "%%");
}
. 。 .
。 .
。 .
。 .
。 .. .. .
.. .. .
。 and so on
等等
SqlCommand command1 = new SqlCommand("SELECT * FROM ContactsList WHERE ID LIKE @id");
Another way: 其他方式:
SqlCommand command1 = null;
if (!string.IsNullOrWhiteSpace(txtId.Text))
{
command1 = new SqlCommand("SELECT * FROM ContactsList WHERE ID = @id");
command1.Parameters.AddWithValue("@id", txtId.Text);
}
else
{
command1 = new SqlCommand("SELECT * FROM ContactsList ");
}
command1.Connection = connection;
command1.CommandType = CommandType.Text;
try this : It depends on Data-Type of your Column["code"] of Table["server"]. 试试这个:它取决于表[“server”]的列[“代码”]的数据类型。
If Data-Type is Int/Numeric, then below code should work. 如果Data-Type是Int / Numeric,那么下面的代码应该可以工作。
cmd.CommandText = "SELECT name FROM server WHERE code="+TextBox1.Text;
In case Data-Type is Varchar / Non-Numeric then try as below. 如果Data-Type是Varchar / Non-Numeric,请尝试如下。
cmd.CommandText = "SELECT name FROM server WHERE code='" + TextBox1.Text + "'";
However, I don't recommend in-line queries to you. 但是,我不建议您进行内联查询。 Instead use parametrized query.
而是使用参数化查询。 Because plain inline query is an invite for SQL-Injection.
因为纯内联查询是SQL注入的邀请。
string sqlConnectString = "YourConnectionString";
string sqlSelect = "SELECT name FROM server WHERE code= @CodeValue";
SqlConnection sqlConnection = new SqlConnection(sqlConnectString);
SqlCommand sqlCommand = new SqlCommand(sqlSelect, sqlConnection);
sqlCommand.Parameters.Add("@CodeValue", System.Data.SqlDbType.Int);// Set SqlDbType based on your DB column Data-Type
sqlCommand.Parameters["@CodeValue"].Value = TextBox1.Text;
SqlDataAdapter sqlDa = new SqlDataAdapter(sqlCommand);
DataTable sqlDt = new DataTable();
sqlDa.Fill(sqlDt);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.