在Webform中显示SQL Server表数据
[英]Displaying SQL Server table data in webform
问题描述
I have an application which is supposed to allow a user to view pets from a table in the database. 
我有一个应用程序,该应用程序应允许用户从数据库中的表中查看宠物。
Picture of web form design and Pets data table: Web表单设计和Pets数据表的图片:
Here is my code for the button: 这是我的按钮代码:
protected void viewAnimalsBreedButton_Click(object sender, EventArgs e)
{
try
{
SqlConnection cnn = new SqlConnection("Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\\FrendsWithPaws.mdf;Integrated Security=True");
cnn.Open();
SqlCommand command = new SqlCommand("SELECT PetID, Breed, Name, Age, Gender, Picture, Sanctuary FROM Pets WHERE Breed='+ breedDropDownList.SelectedValue +'", cnn);
SqlDataReader reader = command.ExecuteReader();
petsGridView.DataSource = reader;
petsGridView.DataBind();
cnn.Close();
}
catch (Exception ex)
{
Response.Write("error" + ex.ToString());
}
}
To start with I have a dropdownlist for the pets breed, when I select a breed in the dropdown and click view animals, I would like the gridview to show me the pets (with most of the contained information) with this breed... I would then like this to work for Species and Sanctuary ... 首先,我有一个宠物品种的dropdownlist ,当我在dropdown选择一个breed并单击查看动物时,我希望gridview向我显示该品种的宠物(包含大部分包含的信息)...我然后想要这个为Species和Sanctuary ...
Currently when I select a breed and click view animals nothing happens, as shown in the picture below: 当前,当我选择一个品种并单击查看动物时,什么都不会发生,如下图所示:
Picture of web form after selection of 'House' breed and click of view animals button: 选择“房屋”品种并单击“查看动物”按钮后的网络表单图片:
How do I get this to work? 我该如何工作?
2 个解决方案
解决方案1
2 已采纳 2018-12-11 14:11:28
Firstly you should always use parameterized queries to avoid SQL Injection and getting rids of this kind of issues. 首先,您应该始终使用参数化查询来避免SQL注入和摆脱此类问题。 And secondly, you need to create a DataTable and fill it though data reader and bind your table to grid: 其次,您需要创建一个DataTable并通过数据读取器填充它,并将表绑定到网格:
cnn.Open();
SqlCommand command = new SqlCommand("SELECT PetID, Breed, Name, Age, Gender, Picture, " +
"Sanctuary FROM Pets where Breed = @Breed ", cnn);
command.Parameters.AddWithValue("@Breed", breedDropDownList.SelectedValue);
DataTable table = new DataTable();
table.Load(command.ExecuteReader());
petsGridView.DataSource = table;
petsGridView.DataBind();
cnn.Close();
Although specify the type directly and use the Value property is more better than AddWithValue . 尽管直接指定类型并使用Value属性比AddWithValue更好。 https://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/ https://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/
解决方案2
0 2018-12-11 14:13:27
You have to load read data to datatable first: 你必须加载读取数据到datatable第一:
protected void viewAnimalsBreedButton_Click(object sender, EventArgs e)
{
try
{
SqlConnection cnn = new SqlConnection("Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\\FrendsWithPaws.mdf;Integrated Security=True");
cnn.Open();
SqlCommand command = new SqlCommand("SELECT PetID, Breed, Name, Age, Gender, Picture, Sanctuary FROM Pets WHERE Breed='" + breedDropDownList.SelectedValue + "'", cnn);
SqlDataReader reader = command.ExecuteReader();
var dataTable = new DataTable();
dataTable.Load(dataReader);
petsGridView.DataSource = dataTable;
petsGridView.DataBind();
cnn.Close();
}
catch (Exception ex)
{
Response.Write("error" + ex.ToString());
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.