如何在文本框中显示搜索结果 [英] How Can I Show Up A Search Result In A Textbox

问题描述

大家好，



我创建了一个表格代码，想要在文本框imei中搜索和检索设备Imei的答案，当我点击搜索想要在文本框代码中显示结果（code_mck）我希望显示结果

Hi everybody,

I’ve created a table Code and would like to search and retrieve an answer introducing device Imei in textbox imei und when I click on the search want display the result(code_mck)in textbox code i want display the result

Code
 Imei               code_mck
 356885021519453    830782136

最初我是典型的三层架构和搜索方法在



数据层

Initially I’ve typical three layer architecture and the search method is in

the Data Layer

<pre lang=""><br />
public class unlockDAL<br />
{              <br />
    string strConn = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\setup\Desktop\unlock\sim_unlock.accdb";        <br />
    OleDbCommand cmd = new OleDbCommand();<br />
 <br />
    public DataSet recherche(string code)<br />
    {<br />
        DataSet ds = null;<br />
        try<br />
        {<br />
          OleDbConnection cnn = new OleDbConnection(strConn);<br />
          cnn.Open();<br />
          string Oledb = "select*from Code where Imei=" + code + "";<br />
        <br />
          OleDbDataAdapter adapter = new OleDbDataAdapter(Oledb, cnn);<br />
          ds = new DataSet();<br />
          adapter.Fill(ds, "Code");<br />
          cnn.Close();<br />
        }<br />
        catch<br />
        {<br />
          throw;<br />
        }<br />
        return ds;    <br />
    }</pre>

推荐答案

好吧，那只是返回一个DataSet所以它应该是非常简单：

Well, that just returns a DataSet so it should be pretty trivial:

DataSet found = recherche("356885021519453");
if (found.Tables.Count > 0)
    {
    DataTable dt = found.Tables[0];
    if (dt.Rows.Count > 0)
        {
        myTextBox.Text = (string)dt.Rows[0]["code_mck"];
        }
    }

但请不要这样做！永远不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。改为使用参数化查询。

你的尝试... catch 块实际上什么都不做......

试试这个：

But please, don't do it like that! Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
And your try...catch block doesn't actually do anything...
Try this:

public DataSet recherche(string code)
    {
    DataSet ds = null;
    using (OleDbConnection cnn = new OleDbConnection(strConn))
        {
        cnn.Open();
        string Oledb = "SELECT * FROM Code WHERE Imei=@IMEI";
        using (OleDbDataAdapter adapter = new OleDbDataAdapter(Oledb, cnn))
            {
            adapter.SelectCommand.Parameters.AddWithValue("@IMEI", code);
            ds = new DataSet();
            adapter.Fill(ds, "Code");
            }
        }
    return ds;
    }

这篇关于如何在文本框中显示搜索结果的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！