请问我的代码中存在什么问题 [英] pls suggest me what is the problem in my code
问题描述
亲爱的朋友。
i有数据表,我用数据库表的值填充这个数据表,其中已经有一行但是当我使用连接模式加载数据表时它不给我1行数据对我来说,为什么
建议我
我的代码是这个
string sql =select * from+ checkedListBox2.SelectedItem.ToString()+;
Npgsql.NpgsqlCommand cmd = new Npgsql.NpgsqlCommand(sql,con);
dear frnds.
i have datatable and i am fill this datatable with the value of database table which have already a row in it but when i m load datatable using connected mode it give not me 1 row data to me, why
suggest me
my code is this
string sql = "select * from " + checkedListBox2.SelectedItem.ToString() + "";
Npgsql.NpgsqlCommand cmd = new Npgsql.NpgsqlCommand(sql, con);
using (Npgsql.NpgsqlDataReader rdr = cmd.ExecuteReader())
{
while (rdr.Read())
{
dbdt.Load(rdr)
}
for (int b = 0; b < dbdt.Rows.Count; )
{
string str = dbdt.Rows[b][chklistindex2].ToString();
if (strg == str)
{
MessageBox.Show("find");
}
else if (strg!=str)
{
b++;
}
else
{
using (var conn = new Npgsql.NpgsqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["test"].ToString()))
using (var cmd1 = conn.CreateCommand())
{
conn.Open();
cmd1.CommandText = "insert into " + checkedListBox2.SelectedItem.ToString() + " ( " + checkedListBox2.SelectedItem.ToString() + " ) values('" + strg + "')";
var result = cmd1.ExecuteNonQuery();
}
}
}
this is my code and my database table (f_name)
it have 2 column id and f_name
and value in it is 1 and kavita respectively on first index
but my above code dose not load this data into datatable
why if i am add a new row in database then it load the data form second row in datatable
pls help me
推荐答案
简单:你读了(并因此丢弃)第一个在你打电话时记录在阅读器中阅读:
Simple: You read (and thus discard) the first record in the reader when you call Read:
while (rdr.Read())
{
dbdt.Load(rdr);
Read读取一行,并将其从读取器中删除:所以当你调用Load时,行不再可用。
尝试
Read reads a row, and removes it from the reader: so when you call Load the row is no longer available.
Try
if (rdr.HasRows)
{
dbtb.Load(rdr);
但请不要这样做!不要连接字符串以构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。请改用参数化查询。
But please, don't do things like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
这篇关于请问我的代码中存在什么问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!