插入参数化查询 [英] Inserting a parameterized query
本文介绍了插入参数化查询的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用此代码将信息插入Mysql数据库...
I am trying to insert information into Mysql database, using this code...
private void SubmitBtn_Click(object sender, EventArgs e)
{
SqlCommand cmd = new SqlCommand ("INSERT into [Materials Inventory] (Barcode, Material, Location, Quanitiy, [Date Added]) VALUES ('" + textBox3.Text + "','" + textBox4.Text + "', '" + textBox5.Text + "','" + textBox6.Text + "','" + textBox7.Text + "' )",sqlcon);
cmd.Parameters.AddWithValue("Barcode", textBox3);
cmd.Parameters.AddWithValue("Material", textBox4);
cmd.Parameters.AddWithValue("Location", textBox5);
cmd.Parameters.AddWithValue("Quantity", textBox6);
cmd.Parameters.AddWithValue("[Date Added]", textBox7);
cmd.ExecuteNonQuery();
但运行应用程序时出现此错误
System.Data.dll中发生类型为System.InvalidOperationException的未处理异常
附加信息:ExecuteNonQuery需要一个开放且可用的连接。连接的当前状态已关闭。
我尝试过:
使用非参数化查询,
重写代码
But I get this error when running the application
An unhandled exception of type 'System.InvalidOperationException' occurred in System.Data.dll
Additional information: ExecuteNonQuery requires an open and available Connection. The connection's current state is closed.
What I have tried:
Using a non perameterized query,
Rewritting code
推荐答案
您需要打开连接而不显示您这样做。
而且,你想要的东西:
You need to open the connection and you don't show that you do.
And also, you want something along the lines of:
SqlCommand cmd = new SqlCommand ("INSERT into [Materials Inventory] (Barcode, Material, Location, Quanitiy, [Date Added]) VALUES (@Barcode, @Material, @Location, @Quantity, @[Date Added] )",sqlcon);
从那里开始实验。
experiment from there.
引用内联注释作为建议,请使用适当的控件命名约定,以便在控件上找到正确的控件。飞。
refer the inline comments, as an advice, Please use the proper naming convention to the controls so that it will be easy to find the correct control on the fly.
string barCode = textBox3.Text.Trim();
string Material = textBox4.Text.Trim();
string Location = textBox5.Text.Trim();
string Quantity = textBox6.Text.Trim();
string date = textBox7.Text.Trim();
SqlCommand cmd = new SqlCommand("INSERT into [Materials Inventory] (Barcode, Material, Location, Quanitiy, [Date Added]) " +
" VALUES ( @Barcode,@Material,@Location,@Quantity,@Date)", sqlcon); // add the parameter names
cmd.Parameters.AddWithValue("@Barcode", barCode); // parameter name with respect to the value
cmd.Parameters.AddWithValue("@Material", Material);
cmd.Parameters.AddWithValue("@Location", Location);
cmd.Parameters.AddWithValue("@Quantity", Quantity);
cmd.Parameters.AddWithValue("@Date", date);
sqlcon.Open(); //open the connection
cmd.ExecuteNonQuery();
sqlcon.Close(); // close the connection
这篇关于插入参数化查询的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
