查询文本框的值 [英] Query value to textbox

问题描述

我有结果

I have result

System.Data.SqlClient.SqlDataReader

一些帮助吗？



我尝试过：

Some help?

What I have tried:

private void ukupno_bez_pdv_roba()
       {
           SqlConnection con2 = new SqlConnection(cs);

           string sqlquery = ("select * from mp_racun_roba where tip_robe = 'Roba (Generalno)' and id=" + id_fakture);


           SqlCommand command = new SqlCommand(sqlquery, con2);
           con2.Open();
           SqlDataReader sdr = command.ExecuteReader();

           roba_bez_pdvTextBox.Text = sdr.ToString();
           con2.Close();
       }

推荐答案

private void ukupno_bez_pdv_roba()
{
    using (SqlConnection con2 = new SqlConnection(cs))
    using (SqlCommand command = new SqlCommand("select YOUR_FIELD_NAME from mp_racun_roba where tip_robe = 'Roba (Generalno)' and id = @id", con2))
    {
        command.Parameters.AddWithValue("@id", id_fakture);
        
        con2.Open();
        using (SqlDataReader sdr = command.ExecuteReader())
        {
            if (sdr.Read())
            {
                roba_bez_pdvTextBox.Text = sdr.GetString(0);
            }
        }
    }
}

ADO.NET概述| Microsoft Docs [ ^ ]

ADO.NET代码示例| Microsoft Docs [ ^ ]





又一次，因为你似乎保持忘了这个：

你想要的一切了解SQL注入（但不敢问）|特洛伊亨特 [ ^ ]

如何在没有技术术语的情况下解释SQL注入？ |信息安全堆栈交换 [ ^ ]

查询参数化备忘单| OWASP [ ^ ]



Interactive SQL Injection演示 [ ^ ]



黑客攻击是孩子的游戏 - 使用3岁的Havij进行SQL注入 [ ^ ]

ADO.NET Overview | Microsoft Docs[^]
ADO.NET code examples | Microsoft Docs[^]


And once again, since you seem to keep forgetting this:
Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

Interactive SQL Injection demo[^]

Hacking is child's play - SQL injection with Havij by 3 year old[^]

解决了

Solved

SqlConnection con2 = new SqlConnection(cs);

           string sqlquery = ("SELECT SUM(isnull(cast(REPLACE(TRY_CONVERT(int,TRY_CONVERT(float,iznos_bpdv),1), '#,0.00','')AS decimal(10,2)),0.00)) as UKUPNObpdv," +
                                     " SUM(isnull(cast(REPLACE(TRY_CONVERT(float, TRY_CONVERT(float, pdv), 1), '#,0.00', '')AS decimal(10, 2)), 0.00)) as UKUPNOpdv," +
                                     " SUM(isnull(cast(REPLACE(TRY_CONVERT(float, TRY_CONVERT(float, iznos_sa_pdv), 1), '#,0.00', '')AS decimal(10, 2)), 0.00)) as UKUPNOsapdv" +
                                     " from mp_racun_roba" +
                                     " where tip_robe = 'Roba (Generalno)' and id_fakture =" + id_fakture
                             );


           SqlCommand command = new SqlCommand(sqlquery, con2);
               con2.Open();
               SqlDataReader sdr = command.ExecuteReader();

               if (sdr.Read())
               {

               roba_bez_pdvTextBox.Text = sdr["UKUPNObpdv"].ToString();
               roba_pdvTextBox.Text = sdr["UKUPNOpdv"].ToString();
               roba_sa_pdvTextBox.Text = sdr["UKUPNOsapdv"].ToString();

           }
               con2.Close();

这篇关于查询文本框的值的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！