帮我在删除时执行操作 [英] Help me to do action at delete
问题描述
我尝试了什么:
受保护的子btndelete_Click(发件人作为对象,e作为EventArgs)处理btndelete.Click
Con = New SqlConnection(数据源= VU-IT-INTERN1;初始目录=燃料系统;用户ID = sa;密码= 123)
尝试
Con.Open()
Cmd.Connection = Con
Cmd =新的SqlCommand
Cmd.CommandText =DELETE FROM燃料,其中Fuel_Id ='& txtfillingid.Text& ',GenID ='& txtGeneratorId.Text& ',F_date ='& txtDate.Text& ',S_F_reading ='& txtBeforefilling.Text& ',E_F_reading ='& txtAfterfilling.Text& ',Total_Feul ='& TxtTottal.Text& '
lblmessage.Text =您的数据已成功删除
'对于每个p作为SqlParameter在Cmd.Parameters中
'Cmd.Parameters.Remove(p)
'Next
Catch ex As Exception
lblmessage.Text = ex .ToString
最后
Con.Close()
结束尝试
btnInsert.Visible = False
结束Sub
首先,不要这样做!不要连接字符串以构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。改为使用参数化查询。
第二,逗号不是WHERE条件连接:你需要AND或OR:
DELETE FROM MyTable WHERE columnName1 = value AND columnName2 = otherValue或
DELETE FROM MyTable WHERE columnName1 = value ORcolumnName2 = otherValue
最后,你需要执行命令:
Cmd.ExecuteNonQuery()
kindly help me when i tried to delete message show of success but in reality it not perform action of deletion
What I have tried:
Protected Sub btndelete_Click(sender As Object, e As EventArgs) Handles btndelete.Click
Con = New SqlConnection("Data Source=VU-IT-INTERN1;Initial Catalog=fuelsystem;User ID=sa;Password=123")
Try
Con.Open()
Cmd.Connection = Con
Cmd = New SqlCommand
Cmd.CommandText = "DELETE FROM fuel Where Fuel_Id='" & txtfillingid.Text & "', GenID='" & txtGeneratorId.Text & "', F_date='" & txtDate.Text & "', S_F_reading='" & txtBeforefilling.Text & "', E_F_reading='" & txtAfterfilling.Text & "', Total_Feul='" & TxtTottal.Text & "'"
lblmessage.Text = "Your data has succesfully deleted"
'For Each p As SqlParameter In Cmd.Parameters
' Cmd.Parameters.Remove(p)
'Next
Catch ex As Exception
lblmessage.Text = ex.ToString
Finally
Con.Close()
End Try
btnInsert.Visible = False
End Sub
Firstly, don't do it like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
And second, comma is not a WHERE condition conjunction: you need AND or OR:
DELETE FROM MyTable WHERE columnName1=value AND columnName2=otherValueOr
DELETE FROM MyTable WHERE columnName1=value ORcolumnName2=otherValue
Finally, you need to execute the command:
Cmd.ExecuteNonQuery()
这篇关于帮我在删除时执行操作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
