我正在做一个搜索程序，但我继续在Datagridview中获取空白信息 [英] I'm Doing A Program To Search But I Keep Getting Blank Information In Datagridview

问题描述

我有一个数据库名称edsdb并使用sqlite，我有多列，但有些列没有信息。当我进行搜索时，它在datagridview中不显示任何内容。我还有多个想要用作查询的文本框。任何帮助？

I have a database name edsdb and using sqlite, i have multiple columns but some columns have no information. When i do a search it doesn't show nothing in datagridview. I also have multiple of textbox i want to use as query. Any help?

private void button4_Click(object sender, EventArgs e)
 {

     connection.Open();

     cmd = connection.CreateCommand();
      string CommandText = "select * FROM edsdb WHERE reg_numb LIKE '" + textBox16.Text + "%' AND reg_date LIKE'" + textBox17.Text + "%' AND last_name LIKE '" + textBox18.Text + "%' AND first_name LIKE '" + textBox19.Text + "%' AND house_numb LIKE '" + textBox20.Text + "%' AND street LIKE '" + textBox21.Text + "%' AND city LIKE '" + textBox22.Text + "%' AND phone_numb LIKE '" + textBox23.Text + "%' AND pa_numb LIKE '" + textBox24.Text + "%' AND division LIKE '" + textBox25.Text + "%' AND dob LIKE '" + textBox32.Text + "%' AND age LIKE '" + textBox33.Text + "%' AND doc_type LIKE '" + textBox34.Text + "%' AND red LIKE '" + textBox35.Text + "%' AND blue LIKE '" + textBox36.Text + "%' AND undecided LIKE '" + textBox37.Text + "%'";

    SQLiteDataAdapter adapter = new SQLiteDataAdapter(CommandText, connection);
     ds.Reset();
     adapter.Fill(ds);
     DT = ds.Tables[0];
     dataGridView5.DataSource = DT;

     connection.Close();

 }

推荐答案

首先，我会在任何一个TextBox中输入某些内容并完全销毁你的数据库。谷歌为SQL注入附加找出你为什么做的太糟糕了，怎么办呢。接下来，谷歌搜索C＃SQL参数化查询以了解如何解决它。



现在，要测试您的查询，删除所有WHERE子句字段除外。测试一下。然后再添加一个并测试它。继续前进，直到它没有返回你想要的东西，然后查看你输入的最后一个词。



哦，这个查询的唯一方法是您正在搜索的每一列都是某种类型的字符串。如果你有它们，它将无法使用数字和布尔列。

First, I would type a certain something into any one of those TextBoxes and completely destroy your database. Google for "SQL Injection Attach" to find out why what you're doing is soooooo bad and what to do about it. Next, Google for "C# SQL parameterized queries" to find out how to fix it.

Now, to test your query, remove all the WHERE clause fields except for one. Test it. Then add another one back in and test it. Keep going until it doesn't return what you want and then look at the last term you put in.

Oh, and the only way this query will work is if every single column you're searching in is a string of some type. It won't work with numerical and boolean columns if you have them.

这篇关于我正在做一个搜索程序，但我继续在Datagridview中获取空白信息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！