[英]c# Insert data into MySQL database using parameters
This probably a simple solution, but I've got a deadline to catch and I don't know the exact problem here. 这可能是一个简单的解决方案,但是我有一个截止日期,我不知道确切的问题。 So here's the deal, I'm trying to update my table using this piece of code:
所以这是交易,我正在尝试使用这段代码来更新我的表:
private void btn_opslaan_Click(object sender, EventArgs e)
{
string opleidingsid = "Select OpleidingsID From opleidingen Where Opleidingsnaam = '" + cb_opleiding.Text + "'";
MySqlCommand cmdid = new MySqlCommand(opleidingsid, dbconnect.connection);
dbconnect.OpenConnection();
MySqlDataReader reader = cmdid.ExecuteReader();
reader.Read();
int oplid = (int)reader.GetValue(0);
cmdid.Dispose();
reader.Close();
sql = "UPDATE leerlingen SET Naam = '_naam', Adres = '_adres', Woonplaats = '_woonplaats', Postcode = '_postcode', Email = '_email', Telefoonnummer = '_telefoonnummer', Klas = '_klas', Ovnummer = '_ovnummer', OpleidingsID = '_opleidingsid', Startdatum = '_startdatum', Einddatum = '_einddatum' WHERE LeerlingID = '_leerlingid'";
// sql = "UPDATE leerlingen set Naam = '" + txt_naam.Text + "', Adres = '" + txt_adres.Text + "', Woonplaats = '" + txt_woonplaats.Text + "', Postcode = '" + txt_postcode.Text + "', Email = '" + txt_email.Text + "', Telefoonnummer = '" + txt_telefoonnumer.Text + "', Klas = '" + txt_klas.Text + "', Ovnummer = '" + txt_ovnummer.Text + "', OpleidingsID = '" + oplID + "', Startdatum = '"+mc_startdatum.SelectionStart.Date.ToString()+"', Einddatum = '"+ mc_einddatum.SelectionStart.Date.ToString() +"' WHERE LeerlingID = '" + Int32.Parse(lbl_leerlingid.Text) + "'";
MySqlCommand cmd = new MySqlCommand(sql, dbconnect.connection);
cmd.Parameters.AddWithValue("_naam", txt_naam.Text);
cmd.Parameters.AddWithValue("_adres", txt_adres.Text);
cmd.Parameters.AddWithValue("_woonplaats", txt_woonplaats.Text);
cmd.Parameters.AddWithValue("_postcode", txt_postcode.Text);
cmd.Parameters.AddWithValue("_email", txt_email.Text);
cmd.Parameters.AddWithValue("_telefoonnummer", txt_telefoonnumer.Text);
cmd.Parameters.AddWithValue("_klas", txt_klas.Text);
cmd.Parameters.AddWithValue("_ovnummer", txt_ovnummer.Text);
cmd.Parameters.AddWithValue("_opleidingsid", oplid);
cmd.Parameters.AddWithValue("_startdatum", mc_startdatum.SelectionStart.Date.ToString());
cmd.Parameters.AddWithValue("_einddatum", mc_einddatum.SelectionStart.Date.ToString());
cmd.Parameters.AddWithValue("_leerlingid", int.Parse(lbl_leerlingid.Text));
try
{
cmd.ExecuteNonQuery();
MessageBox.Show("opslaan gelukt");
}
catch (Exception error)
{
MessageBox.Show(error.ToString());
throw;
}
dbconnect.CloseConnection();
this.Close();
}
I've already tried without the single quotes, it would give me the error that colomn '_leerlingid' does not exist, but that is the parameter... Now, I dont get any errors, but it wouldn't update my database. 我已经尝试过不使用单引号了,这会给我一个错误,即“ _leerlingid”列不存在,但这是参数...现在,我没有收到任何错误,但是它不会更新我的数据库。 Any help please
任何帮助请
PS Ignore the sql injection please, before this , i didn't knew better before I found out about parameters. PS请先忽略sql注入,在此之前,在了解参数之前我并不了解。
Try replacing your parameters with the @ symbol and remove the single quotes, like this: 尝试用@符号替换参数,并删除单引号,如下所示:
SQL = "UPDATE leerlingen SET Naam = @naam, Adres = @adres";
cmd.Parameters.AddWithValue("@naam", txt_naam.Text);
cmd.Parameters.AddWithValue("@adres", txt_adres.Text);
I think what you did wrong is you mustn't initialize your MySqlCommand like that. 我认为您做错了,您不能那样初始化MySqlCommand。 It must be like this..
一定是这样
MySqlCommand cmd;
cmd = dbconnect.createCommand();
cmd.CommandText = "UPDATE tableName SET firstname=@firstname, lastname=@lastname where id=@id";
cmd.Parameters.AddWithValue("@id", idTxt.Text);
cmd.Parameters.AddWithValue("@firstname", fName.Text);
cmd.Parameters.AddWithValue("@lastname", lName.Text);
cmd.ExecuteNonQuery();
when I creating a new data in c#, I make it like this .. 当我在C#中创建新数据时,我将其设置为..
//values //值
String a = "COL1ROW1", b = "COL1ROW2";
//this is the code for mysql //这是mysql的代码
String query = "Insert Into tableName(Column1, Column2)values('" + a + "','" + b + "')";
//conn is your mysqlconnection // conn是你的mysqlconnection
MySqlCommand cmd = new MySqlCommand(query, conn); MySqlCommand cmd =新的MySqlCommand(query,conn);
//then execute it //然后执行它
cmd.ExecuteNonQuery(); cmd.ExecuteNonQuery();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.