[英]Update if the name exists else insert - in SQL Server
如果我的给定文件名已经在我的数据库中,我想在我的表中更新,否则我想插入一个新行。 我尝试了这段代码,但EXISTS
显示错误请给我正确的方法,因为我在 SQL 中更新鲜
public void SaveData(string filename, string jsonobject)
{
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
SqlCommand cmda;
if EXISTS("SELECT * FROM T_Pages WHERE pagename = '" + filename + "") {
cmda = new SqlCommand("UPDATE T_Pages SET pagename='" + filename + "',pageinfo='" + jsonobject + "' WHERE pagename='" + filename + "'", con);
cmda.ExecuteNonQuery();
}
else {
cmd = new SqlCommand("insert into T_Pages (pagename,pageinfo) values('" + filename + "','" + jsonobject + "')", con);
cmd.ExecuteNonQuery();
}
con.Close();
}
你应该
IF EXISTS()
部分using() {....}
块等。试试这个代码:
public void SaveData(string filename, string jsonobject)
{
// define connection string and query
string connectionString = "Data Source=.;Initial Catalog=;Integrated Security=True";
string query = @"IF EXISTS(SELECT * FROM dbo.T_Pages WHERE pagename = @pagename)
UPDATE dbo.T_Pages
SET pageinfo = @PageInfo
WHERE pagename = @pagename
ELSE
INSERT INTO dbo.T_Pages(PageName, PageInfo) VALUES(@PageName, @PageInfo);";
// create connection and command in "using" blocks
using (SqlConnection conn = new SqlConnection(connectionString))
using (SqlCommand cmd = new SqlCommand(query, conn))
{
// define the parameters - not sure just how large those
// string lengths need to be - use whatever is defined in the
// database table here!
cmd.Parameters.Add("@PageName", SqlDbType.VarChar, 100).Value = filename;
cmd.Parameters.Add("@PageInfo", SqlDbType.VarChar, 200).Value = jsonobject;
// open connection, execute query, close connection
conn.Open();
int rowsAffected = cmd.ExecuteNonQuery();
conn.Close();
}
}
使用一个MERGE语句怎么样?
当然带参数可以避免SQL注入的风险。
public void SaveData(string filename, string jsonobject)
{
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
cmd = new SqlCommand(@"
MERGE T_Pages AS target
USING (SELECT @PageName as pagename, @PageInfo as pageinfo) AS source
ON (target.pagename = source.pagename)
WHEN MATCHED THEN
UPDATE SET pageinfo = source.pageinfo
WHEN NOT MATCHED THEN
INSERT (pagename, pageinfo)
VALUES (source.pagename, source.pageinfo)", con);
cmd.Parameters.Add(new SqlParameter("@PageName", filename));
cmd.Parameters.Add(new SqlParameter("@PageInfo", jsonobject));
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
在数据库上创建一个存储过程
CREATE PROCEDURE T_Pages_Write (@pagename nvarchar(256) ,@pageinfo nvarchar(max))
AS
IF EXISTS (SELECT pagename from T_Pages WHERE pagename = @pagename)
UPDATE T_Pages SET pageinfo = @pageinfo WHERE pagename = @pagename
ELSE
INSERT T_Pages (pagename, Pageinfo) VALUES (@pagename, @Pageinfo)
并从您的代码中调用它。 你真的应该使用参数化命令来做到这一点(会有很多其他问题建议你最好的方法)。 如果您愿意冒 SQL 注入攻击的风险并且不介意在数据中有单引号字符时它会失败,那么您可以像这样快速而肮脏的方式做到这一点
cmd = new SqlCommand("EXEC T_PagesWrite @pagename = '" + filename + "', @pageinfo ='" + jsonobject + "'", con);
public void SaveData(string filename, string jsonobject)
{
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
SqlCommand cmda;
SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM T_Pages WHERE pagename = '" + filename + "", con);
DataSet ds = new DataSet();
da.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
cmda = new SqlCommand("UPDATE T_Pages SET pagename='" + filename + "',pageinfo='" + jsonobject + "' WHERE pagename='" + filename + "'", con);
cmda.ExecuteNonQuery();
}
else
{
cmd = new SqlCommand("insert into T_Pages (pagename,pageinfo) values('" + filename + "','" + jsonobject + "')", con);
cmd.ExecuteNonQuery();
}
con.Close();
}
您可以通过一个查询完成此操作
您想要对 int 类型的标志变量进行 decalre (您也可以将其设为 tinyint 类型,这取决于您),如果计数为 0,则表示没有行,否则您更新查询
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
cmda = new SqlCommand("declare @flag int ;set @flag = 0;select @flag = COUNT(*) FROM T_Pages WHERE pagename = '" + filename + "';IF @flag = 1 UPDATE T_Pages SET pagename='" + filename + "',pageinfo='" + jsonobject + "' WHERE pagename='" + filename + "';ELSE insert into T_Pages (pagename,pageinfo) values('" + filename + "','" + jsonobject + "');", con);
cmda.ExecuteNonQuery();
con.Close();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.