如何使用C#.net将数据插入Ms SQL Server 2008 [英] How to insert Data to Ms SQL server 2008 using C#.net
本文介绍了如何使用C#.net将数据插入Ms SQL Server 2008的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
亲爱的,
我正在使用visual studio 2010,我在向SQL服务器数据库插入数据时遇到问题。
这是我的代码:
Dear all,
I am using visual studio 2010, I have a problem with insert data to database of SQL server.
Here is my code:
cn.ConnectionString = @"Data Source=PHANNY-PC\PHANNY; Initial Catalog=db_stuRegisterPay; Integrated Security=SSPI";
cn.Open();
SqlCommand com = new SqlCommand();
com.Connection = cn;
com.CommandType = CommandType.Text;
com.CommandText = "insert into Persons_info(perID, latinName, gender, dob, pob, phone, passport, curAdd, status) values('" + txtID.Text + "','" + txtLatinName.Text + "','" + cbGender.Text + "'" + dTPdob.Text + txtPob.Text + "','" + txtPhone.Text + "','" + txtPassport.Text + "'" + txtCurAdd.Text + "'" + cbStatus.Text + " )";
com.ExecuteNonQuery();
MessageBox.Show("Saving is done!");
错误是
The error is
Incorrect syntax near 'Tuesday'. In line com.ExecuteNonQuery();
全部谢谢。
Thanks all.
推荐答案
您编码的问题是您在字符串中缺少几个逗号。以下代码片段是您存在问题的地方。
The problem will you code is that you are missing a couple of commas in your string. The following snippet of code is where you problem exists.
cbGender.Text + "'" + dTPdob.Text + txtPob.Text + "','"
通过使用参数化查询,您可以消除杂乱的字符串连接和其他问题与它和sql注入相关联。如果你需要添加另一个参数,将来阅读和更新也会容易得多。
By using a parametrized query you can eliminate the messy string concatenation and other problems associated with it and sql injection. It is also much easier to read and update in the future if you need to add another parameter.
com.CommandText = "insert into Persons_info(perId, latinName, gender, dob, pob, phone, passport, curAdd, status) values (@perId, @latinName, @gender, @dob, @pob, @phone, @passport, @curAdd, @status)"
com.Parameters.Add(new SqlParameter("@perId", txtId.Text));
com.Parameters.Add(new SqlParameter("@latinName", txtLatinName.Text));
com.Parameters.Add(new SqlParameter("@gender", cbGender.Text));
com.Parameters.Add(new SqlParameter("@dob", dTPdob.Text));
com.Parameters.Add(new SqlParameter("@pob", txtPob.Text));
com.Parameters.Add(new SqlParameter("@phone", txtPhone.Text));
com.Parameters.Add(new SqlParameter("@passport", txtPassport.Text));
com.Parameters.Add(new SqlParameter("@curAdd", txtCurAdd.Text));
com.Parameters.Add(new SqlParameter("@status", cbStatus.Text));
使用此。
cmd.parameters.Addwithvalue(@ ur_parameter,Convert.toDateTime(你的日期值));
我希望它会删除错误。
或更改datetimepicker格式: - 自定义
并以自定义格式添加值属性:-dd / MM / yyyy(在大写字母中使用月份) )
我希望它能奏效。
如果你有任何错误,只需写下来。
Use this.
cmd.parameters.Addwithvalue("@ur_parameter",Convert.toDateTime(your date value));
I hope it will remove error.
or else change datetimepicker format:- to custom
and add value in custom format Property:-dd/MM/yyyy(use month in Capital letter)
I hope it will work.
If u Got any error just write it.
你可以检查下面的SQL语句,因为所有字段都是字符串。
com.CommandText =插入Persons_info(perID,latinName,gender,dob,pob,phone,passport,curAdd,status)值('+ txtID.Text +',' + txtLatinName.Text +','+ cbGender.Text +','+ dTPdob.Text +','+ txtPob.Text +','+ txtPhone.Text +',' + txtPassport.Text +','+ txtCurAdd.Text +','+ cbStatus.Text +');
Hi, can you check the SQL statement below considering that all fields are string.
com.CommandText = "insert into Persons_info(perID, latinName, gender, dob, pob, phone, passport, curAdd, status) values('" + txtID.Text + "','" + txtLatinName.Text + "','" + cbGender.Text + "', '" + dTPdob.Text + "', '" + txtPob.Text + "','" + txtPhone.Text + "','" + txtPassport.Text + "', '" + txtCurAdd.Text + "', '" + cbStatus.Text + "')";
这篇关于如何使用C#.net将数据插入Ms SQL Server 2008的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
