[英]SQLDataReader not reading
我正在嘗試創建一個警報系統,以檢查與葯物有關的過敏症與與患者有關的過敏症(請參見下圖)。
當我運行代碼時,似乎只是完全跳過了SQLDataReader,我對if(reader.HasRows)進行了檢查,它僅顯示讀取器中沒有行。 我要做的就是在閱讀器的最后顯示一個帶有所選過敏名稱的消息框。 我使用的是SQL Server 2014.任何幫助將不勝感激。
private void button_addItem_Click(object sender, RoutedEventArgs e)
{
if (!string.IsNullOrEmpty(comboBox_select_Item.Text.ToString()))
{
using (SqlConnection conn = new SqlConnection(connection))
{
try
{
SqlCommand sqlCmd2 = new SqlCommand("SELECT allergyName, allergyDescription FROM Allergies A INNER JOIN PatientAllergies PA ON A.allergyID = PA.allergyID WHERE A.allergyID = PA.allergyID AND PA.allergyID = (SELECT allergyID FROM Medication_Allergies MA WHERE MA.medID = " + comboBox_select_Item.SelectedValue.ToString() + ")", conn);
conn.Open();
SqlDataReader sqlReader = sqlCmd2.ExecuteReader();
Allergies allergies = new Allergies();
while (sqlReader.Read())
{
allergies.allergyName = Convert.ToString(sqlReader["allergyName"]);
allergies.allergyDescription = Convert.ToString(sqlReader["allergyDescription"]);
}
MessageBox.Show(allergies.allergyName);
sqlReader.Close();
FillSalesItemGrid();
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString(), ex.ToString());
}
}
}
}
首先,您的SqlCommand容易受到sql注入攻擊-您應該始終使用SqlParameter,因為它有助於防止sql注入。 因此,您的SqlCommand應該看起來像:
SqlCommand sqlCmd2 = new SqlCommand("SELECT allergyName, allergyDescription FROM Allergies A INNER JOIN PatientAllergies PA ON A.allergyID = PA.allergyID WHERE A.allergyID = PA.allergyID AND PA.allergyID = (SELECT allergyID FROM Medication_Allergies MA WHERE MA.medID = @medID)", conn);
您可以傳遞參數:
sqlCmd2.Parameters.AddWithValue("@medID",comboBox_select_Item.SelectedValue);
而且,查詢中的以下語句是多余的
WHERE A.allergyID = PA.allergyID
因為您在此字段上有INNER JOIN
FROM Allergies A INNER JOIN PatientAllergies PA ON A.allergyID = PA.allergyID
因此您可以從查詢中刪除多余的語句
SELECT allergyName, allergyDescription FROM Allergies A INNER JOIN PatientAllergies PA ON A.allergyID = PA.allergyID WHERE PA.allergyID = (SELECT allergyID FROM Medication_Allergies MA WHERE MA.medID = @medID)
我很確定您其余的代碼或多或少都可以。 請查看您的查詢是否返回任何行。 例如,您可以復制查詢並將@medID替換為comboBox中的值。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.