如何在文本框中运行SQL查询？ [英] how can run sql query in textbox?

问题描述

先生，我有一个文本框和一个按钮。这里我想执行（选择命令）只有其他。请帮助我。我希望如果我在文本框中编写选择查询（从表名中选择*）然后单击按钮。我们将显示数据。

sir,I have one textbox and one button.and here i want to execute (select command)only not other.please help me.here I want IF I am writing select query(select*from table name)in textbox and then click button.our data will display.

推荐答案

这是一个糟糕的主意，因为它会为SQL注入打开数据库。但是，如果必须这样做，则必须确保解析SQL语句以验证其中没有更新，插入，删除，更改，删除等语句。



但是一旦你清理了SQL语句，你只需要使用SqlConnection类和SqlCommand类来执行它。既然你想要一个SELECT语句，你也可以使用一个gridview来自动生成与结果相关的列。



再次，我建议找一个不同的方法来做任何事情业务规则是。

This is a terrible idea because it opens your database for SQL injections. However, if you have to do it you will have to make sure you parse the SQL statement to verify there are no update, insert, delete, alter, drop, etc, statements embedded in it.

But once you have sanitized the SQL statement you just need to use the SqlConnection class and the SqlCommand class to execute it. Since you want a SELECT statement you can also have a gridview that autogenerates the columns tied to the result.

Again, I would recommend finding a different way to do whatever the business rule is.

试试这段代码。我希望它会对你有所帮助：

Try this code. I hope it will help you:

protected void btnSave_Click(object sender, EventArgs e)
    {
        string query = txtsave.Text;

        SqlConnection cnn = new SqlConnection("Data Source=hoth;Initial Catalog=Chintan;User ID=sa;Password=sa@123");
        cnn.Open();
        SqlDataAdapter da = new SqlDataAdapter(query,cnn);
        DataSet ds = new DataSet();
        da.Fill(ds);

        if (ds.Tables[0].Rows.Count != 0)
        {
            GridView1.DataSource = ds.Tables[0];
            GridView1.DataBind();
        }
    }

这篇关于如何在文本框中运行SQL查询？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！