我如何获得此登录表单以接受SQL表的数据 [英] How would I get this sign in form to accept data to an SQL table
问题描述
事先说明:是的我知道这会受到sql注射的影响但是这会在以后修复
我怎么能够得到我的签名在表单中接受从文本框到SQL数据库的数据,以存储到各自的名称,组织和时间列中?
我当前的代码是
更新以包含参数化查询
新问题:System.Data.SqlClient.SqlException:'转换日期和/或时间时转换失败来自字符串。'@'var NamRes = CmdDatabase.ExecuteReader();'Line
Prior note: yes i know this is subject to sql injections however this will be fixed later
How would I be able to get my sign In form to accept data from textboxes to an SQL database to be stored into their respective, name,organisation and time in columns??
My current code is
UPDATED to include parameterised queries
New Problems: System.Data.SqlClient.SqlException: 'Conversion failed when converting date and/or time from character string.' @ 'var NamRes = CmdDatabase.ExecuteReader();' Line
namespace SignInAndOutForm
{
public partial class SignIn : Form
{
bool dataAccepted = false;
string connectionString = (@"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Register.mdf;Integrated Security=True"); //mainly used as a note rather than placeholder
// also uses this as the link to the DATABASE
public SignIn()
{
InitializeComponent();
}
private void textBox2_TextChanged(object sender, EventArgs e)
{
//allows for automated time when clicked provided by local system
string AutoTime = DateTime.Now.ToString("HH:mm");
TxtbxTimeIn.Text = AutoTime;
}
private void SignIn_Load(object sender, EventArgs e)
{
//Loads oddly enough
}
private void button1_Click(object sender, EventArgs e)
{
//ACCEPT SOME DATA, by calling the subroutine
AcceptData();
// then close the form, it hides it to stop
if (dataAccepted == true)
{
TxtbxName.Clear();
TxtbxTimeIn.Clear();
TxtbxOrg.Clear();
this.Hide();
}
}
// this tries to create a connection to the current database of PEOPLE and then tried to input the data required
private void AcceptData()
{
SqlConnection Mycon = new SqlConnection(connectionString);
string Query = "INSERT INTO dbo.Person(Name,Organisation,TimeIn) VALUES('@Name','@Organisation','@TimeIn');";
SqlConnection ConDB = new SqlConnection(connectionString);
SqlCommand CmdDatabase = new SqlCommand(Query, ConDB);
{
ConDB.Open();
var NameParam = new SqlParameter("Name", SqlDbType.VarChar);
NameParam.Value = TxtbxName.Text;
var OrgParam = new SqlParameter("Organisation", SqlDbType.VarChar);
OrgParam.Value = TxtbxOrg.Text;
var TimeInParam = new SqlParameter("TimeIn", SqlDbType.VarChar);
TimeInParam.Value = TxtbxTimeIn.Text;
CmdDatabase.Parameters.Add(NameParam);
var NamRes = CmdDatabase.ExecuteReader();
CmdDatabase.Parameters.Add(OrgParam);
var OrgRes = CmdDatabase.ExecuteReader();
CmdDatabase.Parameters.Add(TimeInParam);
var TimeInRes = CmdDatabase.ExecuteReader();
}
SqlDataReader SqlReader;
try
{
ConDB.Open();
SqlReader = CmdDatabase.ExecuteReader();
MessageBox.Show("Added to the database");
while(SqlReader.Read())
{
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
我尝试过:
我尝试过使用链接框但是这往往会返回名称框不允许空值,导致问题尤其是当文本框没有时有一个null
What I have tried:
I have tried using linked boxes however this tends to return that the name box will not allow nulls, his causes problems especially when the text box does not have a null
推荐答案
我会先替换
I would start by replacing
string Query = "INSERT INTO dbo.Person(Name,Organisation,TimeIn) VALUES('@Name','@Organisation','@TimeIn');";
with
with
string Query = "INSERT INTO dbo.Person(Name,Organisation,TimeIn) VALUES(@Name,@Organisation,@TimeIn);";
,看看接下来会发生什么。
and see what happen next.
SqlReader = CmdDatabase.ExecuteReader();
请注意,插入查询不会返回一组数据。
正如Richard已经发现的那样。
Note that an 'insert query' do not return a set of data.
As already spotted by Richard.
这篇关于我如何获得此登录表单以接受SQL表的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
