[英]Update if the name exists else insert - in SQL Server
如果我的給定文件名已經在我的數據庫中,我想在我的表中更新,否則我想插入一個新行。 我嘗試了這段代碼,但EXISTS
顯示錯誤請給我正確的方法,因為我在 SQL 中更新鮮
public void SaveData(string filename, string jsonobject)
{
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
SqlCommand cmda;
if EXISTS("SELECT * FROM T_Pages WHERE pagename = '" + filename + "") {
cmda = new SqlCommand("UPDATE T_Pages SET pagename='" + filename + "',pageinfo='" + jsonobject + "' WHERE pagename='" + filename + "'", con);
cmda.ExecuteNonQuery();
}
else {
cmd = new SqlCommand("insert into T_Pages (pagename,pageinfo) values('" + filename + "','" + jsonobject + "')", con);
cmd.ExecuteNonQuery();
}
con.Close();
}
你應該
IF EXISTS()
部分using() {....}
塊等。試試這個代碼:
public void SaveData(string filename, string jsonobject)
{
// define connection string and query
string connectionString = "Data Source=.;Initial Catalog=;Integrated Security=True";
string query = @"IF EXISTS(SELECT * FROM dbo.T_Pages WHERE pagename = @pagename)
UPDATE dbo.T_Pages
SET pageinfo = @PageInfo
WHERE pagename = @pagename
ELSE
INSERT INTO dbo.T_Pages(PageName, PageInfo) VALUES(@PageName, @PageInfo);";
// create connection and command in "using" blocks
using (SqlConnection conn = new SqlConnection(connectionString))
using (SqlCommand cmd = new SqlCommand(query, conn))
{
// define the parameters - not sure just how large those
// string lengths need to be - use whatever is defined in the
// database table here!
cmd.Parameters.Add("@PageName", SqlDbType.VarChar, 100).Value = filename;
cmd.Parameters.Add("@PageInfo", SqlDbType.VarChar, 200).Value = jsonobject;
// open connection, execute query, close connection
conn.Open();
int rowsAffected = cmd.ExecuteNonQuery();
conn.Close();
}
}
使用一個MERGE語句怎么樣?
當然帶參數可以避免SQL注入的風險。
public void SaveData(string filename, string jsonobject)
{
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
cmd = new SqlCommand(@"
MERGE T_Pages AS target
USING (SELECT @PageName as pagename, @PageInfo as pageinfo) AS source
ON (target.pagename = source.pagename)
WHEN MATCHED THEN
UPDATE SET pageinfo = source.pageinfo
WHEN NOT MATCHED THEN
INSERT (pagename, pageinfo)
VALUES (source.pagename, source.pageinfo)", con);
cmd.Parameters.Add(new SqlParameter("@PageName", filename));
cmd.Parameters.Add(new SqlParameter("@PageInfo", jsonobject));
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
在數據庫上創建一個存儲過程
CREATE PROCEDURE T_Pages_Write (@pagename nvarchar(256) ,@pageinfo nvarchar(max))
AS
IF EXISTS (SELECT pagename from T_Pages WHERE pagename = @pagename)
UPDATE T_Pages SET pageinfo = @pageinfo WHERE pagename = @pagename
ELSE
INSERT T_Pages (pagename, Pageinfo) VALUES (@pagename, @Pageinfo)
並從您的代碼中調用它。 你真的應該使用參數化命令來做到這一點(會有很多其他問題建議你最好的方法)。 如果您願意冒 SQL 注入攻擊的風險並且不介意在數據中有單引號字符時它會失敗,那么您可以像這樣快速而骯臟的方式做到這一點
cmd = new SqlCommand("EXEC T_PagesWrite @pagename = '" + filename + "', @pageinfo ='" + jsonobject + "'", con);
public void SaveData(string filename, string jsonobject)
{
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
SqlCommand cmda;
SqlDataAdapter da = new SqlDataAdapter("SELECT * FROM T_Pages WHERE pagename = '" + filename + "", con);
DataSet ds = new DataSet();
da.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
cmda = new SqlCommand("UPDATE T_Pages SET pagename='" + filename + "',pageinfo='" + jsonobject + "' WHERE pagename='" + filename + "'", con);
cmda.ExecuteNonQuery();
}
else
{
cmd = new SqlCommand("insert into T_Pages (pagename,pageinfo) values('" + filename + "','" + jsonobject + "')", con);
cmd.ExecuteNonQuery();
}
con.Close();
}
您可以通過一個查詢完成此操作
您想要對 int 類型的標志變量進行 decalre (您也可以將其設為 tinyint 類型,這取決於您),如果計數為 0,則表示沒有行,否則您更新查詢
SqlConnection con = new SqlConnection("Data Source=.;Initial Catalog=;Integrated Security=True");
SqlCommand cmd;
cmda = new SqlCommand("declare @flag int ;set @flag = 0;select @flag = COUNT(*) FROM T_Pages WHERE pagename = '" + filename + "';IF @flag = 1 UPDATE T_Pages SET pagename='" + filename + "',pageinfo='" + jsonobject + "' WHERE pagename='" + filename + "';ELSE insert into T_Pages (pagename,pageinfo) values('" + filename + "','" + jsonobject + "');", con);
cmda.ExecuteNonQuery();
con.Close();
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.