将数据插入数据库的最佳方法是什么?
这是我所拥有的,但它是错误的..
cmd.CommandText = "INSERT INTO klant(klant_id,naam,voornaam) VALUES(@param1,@param2,@param3)";
cmd.Parameters.Add(new SqlParameter("@param1", klantId));
cmd.Parameters.Add(new SqlParameter("@param2", klantNaam));
cmd.Parameters.Add(new SqlParameter("@param3", klantVoornaam));
该函数将数据添加到列表框中
http://www.pictourl.com/viewer/37e4edcf
(link is dead)但没有进入数据库..
http://www.pictourl.com/viewer/4d5721fc
(link is dead)功能齐全:
private void Form1_Load(object sender, EventArgs e)
{
conn2 = new SqlConnection();
conn2.ConnectionString = ConfigurationManager.ConnectionStrings["connSpionshopString"].ConnectionString;
}
private void button2_Click(object sender, EventArgs e)
{
string sqlCmd = "SELECT naam,voornaam,klant_id FROM klant;";
SqlCommand cmd = new SqlCommand(sqlCmd, conn2);
conn2.Open();
using(SqlDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
listBox2.Items.Add(reader.GetString(0) + " " + reader.GetString(1) + " (" + reader.GetInt16(2) + ")");
}
}
conn2.Close();
}
private void button4_Click(object sender, EventArgs e)
{
int klantId = Convert.ToInt32(textBox1.Text);
string klantNaam = textBox2.Text;
string klantVoornaam = textBox3.Text;
conn2.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn2;
cmd.CommandText = "INSERT INTO klant(klant_id, naam, voornaam) VALUES(@param1,@param2,@param3)";
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
cmd.ExecuteNonQuery();
conn2.Close();
}
尝试确认数据库中每个参数的数据类型(SqlDbType)并这样做;
using(SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["connSpionshopString"].ConnectionString))
{
connection.Open();
string sql = "INSERT INTO klant(klant_id,naam,voornaam) VALUES(@param1,@param2,@param3)";
using(SqlCommand cmd = new SqlCommand(sql,connection))
{
cmd.Parameters.Add("@param1", SqlDbType.Int).Value = klantId;
cmd.Parameters.Add("@param2", SqlDbType.VarChar, 50).Value = klantNaam;
cmd.Parameters.Add("@param3", SqlDbType.VarChar, 50).Value = klantVoornaam;
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
}
AddWithValuecmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
示例代码,
using (SqlConnection conn = new SqlConnection("connectionString"))
{
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
cmd.CommandText = @"INSERT INTO klant(klant_id,naam,voornaam)
VALUES(@param1,@param2,@param3)";
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);
try
{
conn.Open();
cmd.ExecuteNonQuery();
}
catch(SqlException e)
{
MessgeBox.Show(e.Message.ToString(), "Error Message");
}
}
}
using (SqlConnection connection = new SqlConnection(connectionString))
{
connection.Open();
using (SqlCommand command = connection.CreateCommand())
{
command.CommandText = "INSERT INTO klant(klant_id,naam,voornaam) VALUES(@param1,@param2,@param3)";
command.Parameters.AddWithValue("@param1", klantId));
command.Parameters.AddWithValue("@param2", klantNaam));
command.Parameters.AddWithValue("@param3", klantVoornaam));
command.ExecuteNonQuery();
}
}
您应该避免在应用程序中硬编码 SQL 语句。如果您不使用 ADO 或 EntityFramework,我建议您向数据库添加一个存储过程并从您的 C# 应用程序调用它。示例代码可以在此处找到:如何在 C# 程序中执行存储过程和此处http://msdn.microsoft.com/en-us/library/ms171921%28v=vs.80%29.aspx .
public class customer
{
public void InsertCustomer(string name,int age,string address)
{
// create and open a connection object
using(SqlConnection Con=DbConnection.GetDbConnection())
{
// 1. create a command object identifying the stored procedure
SqlCommand cmd = new SqlCommand("spInsertCustomerData",Con);
// 2. set the command object so it knows to execute a stored procedure
cmd.CommandType = CommandType.StoredProcedure;
SqlParameter paramName = new SqlParameter();
paramName.ParameterName = "@nvcname";
paramName.Value = name;
cmd.Parameters.Add(paramName);
SqlParameter paramAge = new SqlParameter();
paramAge.ParameterName = "@inage";
paramAge.Value = age;
cmd.Parameters.Add(paramAge);
SqlParameter paramAddress = new SqlParameter();
paramAddress.ParameterName = "@nvcaddress";
paramAddress.Value = address;
cmd.Parameters.Add(paramAddress);
cmd.ExecuteNonQuery();
}
}
}
您可以使用dapper库:
conn2.Execute(@"INSERT INTO klant(klant_id,naam,voornaam) VALUES (@p1,@p2,@p3)",
new { p1 = klantId, p2 = klantNaam, p3 = klantVoornaam });
BTW Dapper 是一个 Stack Overflow 项目 :)
更新:我相信如果没有像 EF 这样的东西,你就无法做到更简单。当您使用数据库连接时,还可以尝试使用
usingprivate readonly string _spionshopConnectionString;
private void Form1_Load(object sender, EventArgs e)
{
_spionshopConnectionString = ConfigurationManager
.ConnectionStrings["connSpionshopString"].ConnectionString;
}
private void button4_Click(object sender, EventArgs e)
{
using(var connection = new SqlConnection(_spionshopConnectionString))
{
connection.Execute(@"INSERT INTO klant(klant_id,naam,voornaam)
VALUES (@klantId,@klantNaam,@klantVoornaam)",
new {
klantId = Convert.ToInt32(textBox1.Text),
klantNaam = textBox2.Text,
klantVoornaam = textBox3.Text
});
}
}
使用
AddWithValue()像这样:
cmd.Parameters.AddWithValue("@param1", klantId);
cmd.Parameters.AddWithValue("@param2", klantNaam);
cmd.Parameters.AddWithValue("@param3", klantVoornaam);