使用按钮搜索具有多个文本框值的SQL Server数据库 [英] Search SQL Server database with multiple text box values with a button
本文介绍了使用按钮搜索具有多个文本框值的SQL Server数据库的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在button_click事件中我想检查同一行中的两个文本框值我怎么能这样做..我已经使用这个代码使用一个文本框:
字符串 Roll = TextBox1.Text;
DataTable dt = new DataTable();
string query = SELECT * FROM RESULT_TABLE WHERE ROLL = + Roll;
SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings [ mycon]的ConnectionString)。
sqlConn.Open();
SqlCommand cmd = new SqlCommand(query,sqlConn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(dt);
sqlConn.Close();
ReportViewer DeptReportViewer = new ReportViewer();
DeptReportViewer.Reset();
DeptReportViewer.LocalReport.Dispose();
ReportDataSource rds = new ReportDataSource( ashik,dt);
DeptReportViewer.ProcessingMode = ProcessingMode.Local;
DeptReportViewer.LocalReport.ReportPath = Server.MapPath( Report.rdlc);
DeptReportViewer.LocalReport.DataSources.Add(rds);
DeptReportViewer.LocalReport.Refresh();
警告[]警告;
string [] streamIds;
string mimeType = string .Empty;
string encoding = string .Empty;
string extension = string .Empty;
byte [] bytes = DeptReportViewer.LocalReport.Render( PDF, null , out mimeType, out 编码, out 扩展名, out streamIds, out 警告);
Response.Buffer = true ;
Response.Clear();
Response.ContentType = mimeType;
Response.AddHeader( content-disposition, attachment; filename = Test.pdf);
Response.BinaryWrite(bytes);
Response.Flush();
如果滚动和注册号不相同则会显示错误消息...请帮助.....
解决方案
1。这是编写SQL代码的一种非常危险的方法。它适用于SQL注入。相反,使用参数,如下所示。
2.如果你已经有一个文本框,你应该很容易做一秒钟,所以我不确定你被困在哪里;但是,请参见下面的示例。此示例假定用户不必使用两个文本框进行搜索。
3.将控件命名为有意义的内容。它将使您的代码调试更容易。例如,TextBox1应该命名为txtRoll。
string 查询= SELECT * FROM RESULT_TABLE WHERE(ROLL = @Roll OR COALESCE(@Roll,'')='')AND (Field2 = @ Field2 OR COALESCE(@ Field2,'')='')
...
cmd.Parameters.AddWithValue( @Roll ,TextBox1.Text);
cmd.Parameters.AddWithValue( @ Field2 ,txtField2.Text);
...
in button_click event i want to check the two textbox values either in same row how could i do it..i have done using one textbox using this code:
String Roll = TextBox1.Text;
DataTable dt = new DataTable();
string query = "SELECT * FROM RESULT_TABLE WHERE ROLL = " + Roll;
SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["mycon"].ConnectionString);
sqlConn.Open();
SqlCommand cmd = new SqlCommand(query, sqlConn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(dt);
sqlConn.Close();
ReportViewer DeptReportViewer = new ReportViewer();
DeptReportViewer.Reset();
DeptReportViewer.LocalReport.Dispose();
ReportDataSource rds = new ReportDataSource("ashik", dt);
DeptReportViewer.ProcessingMode = ProcessingMode.Local;
DeptReportViewer.LocalReport.ReportPath = Server.MapPath("Report.rdlc");
DeptReportViewer.LocalReport.DataSources.Add(rds);
DeptReportViewer.LocalReport.Refresh();
Warning[] warnings;
string[] streamIds;
string mimeType = string.Empty;
string encoding = string.Empty;
string extension = string.Empty;
byte[] bytes = DeptReportViewer.LocalReport.Render("PDF", null, out mimeType, out encoding, out extension, out streamIds, out warnings);
Response.Buffer = true;
Response.Clear();
Response.ContentType = mimeType;
Response.AddHeader("content-disposition", "attachment; filename=Test.pdf");
Response.BinaryWrite(bytes);
Response.Flush();
if the roll and registration number are not same then it will show error message...help please.....
解决方案
1. This is a very dangerous way to write SQL code. It is open to SQL injections. Instead, use parameters, as shown below.
2. If you have one textbox already it should be very easy for you to do a second so I'm not sure where you are stuck; however, see sample below. This sample assumes that the user does not have to search using both textboxes.
3. Name your controls something that makes sense. It will make debugging your code way easier. For example, TextBox1 should probably be named txtRoll.
string query = "SELECT * FROM RESULT_TABLE WHERE (ROLL = @Roll OR COALESCE(@Roll,'') = '') AND (Field2 = @Field2 OR COALESCE(@Field2, '') = '') ... cmd.Parameters.AddWithValue("@Roll", TextBox1.Text); cmd.Parameters.AddWithValue("@Field2", txtField2.Text); ...
这篇关于使用按钮搜索具有多个文本框值的SQL Server数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
