停止保存现有数据(vb.net) [英] to stop saving existing data (vb.net)

问题描述

这是停止保存现有文件但未发生的编码.有人可以告诉我为什么吗，因为我是编程新手，所以可以进行wat更改.

this is the coding to stop saving the existing file but its not happening . can some one tell me why is that so wat changes can i make as i am new to programming.

Dim strsql As String = "select * from loading where loadingrefno='" & loadingrefno.Text & "'and loaddate='" & DateTimePicker1.Value.Date & "'"
Dim cmd As New SqlCommand(strsql, con)
Dim dr As SqlDataReader
dr = db.ExecuteReader(CommandType.Text, strsql)
If dr.Read Then
    MsgBox("template existing")
Else

    con.Close()
    con.Open()
    Dim strsql1 As String = "insert into loading values ('" & loadingrefno.Text & "','" & Format(DateTimePicker1.Value.Date, "dd/MM/yyyy") & "','" & loadby.Text & "','" & Tapedesc.Text & "','" & ComboBox1.Text & "','" & ostype.Text & "','" & template & "','" & barcode.Text & "')"
    Dim cmd1 As New SqlCommand(strsql1, con)
    cmd1.ExecuteNonQuery()
    MsgBox("details entered")
    fill()
    loadby.Text = Guser
    Loading_Load(sender, e)
    ''AutoGenerate()
    Tapedesc.Clear()
    ComboBox1.Text = "select"
    tempname.Clear()
    LCOUNT2.Text = ListBox1.Items.Count
    barcode.Clear()
    lcount.Text = ListBox2.Items.Count
    extemp.Text = ""

End If

[edit]已添加代码块，将我的内容作为纯文本..."选项已禁用-OriginalGriff [/edit]

[edit]Code block added, "Treat my content as plain text..." option disabled - OriginalGriff[/edit]

推荐答案

制作存储过程并执行某些操作像这样:

Make a stored procedure and do something like this:

IF NOT EXISTS(SELECT 1 FROM loading WHERE loadingrefno = @loadingrefno AND loaddate = @loaddate)
BEGIN
   -- DO INSERT HERE
END

问候，
Eduard

Regards,
Eduard

首先要注意的是-不要将字符串连接在一起以构建SQL命令.它使您对意外或蓄意的SQL注入攻击敞开大门，这可能会破坏整个数据库.改用参数化查询

First things first - do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead

Dim strsql As String = "select * from loading where loadingrefno=@LRN and loaddate=@LDD"
Dim cmd As New SqlCommand(strsql, con)
cmd.Parameters.AddWithValue("@LRN", loadingrefno.Text)
cmd.Parameters.AddWithValue("@LDD", DateTimePicker1.Value)

执行相同的操作用于您的插入语句.

然后，检查您的列:进行INSERT时，最好按要提供值的顺序命名字段:

Do the same for your insert statement.

Then, check your columns: When you do an INSERT, it is a very good idea to name the fields, in the order you are going to supply the values:

INSERT INTO myTable (column1, column2) VALUES @C1, @C2

不是，那么SQL必须假设您是指从左到右的列.如果您将索引列作为第一个索引列，则SQL会尝试将其设置为加载参考号，并且可能全部崩溃.如果有人编辑您的表定义，肯定会在将来！

尝试这些，看看问题是否消失.它可能做得很好.如果没有，那么我们将需要知道您得到的任何错误消息.

If you don''t, then SQL has to assume that you mean the columns as they are from left to right. If you have an index column as the first one, then SQL will try to set it to the loading reference number and it may all fall apart. It certainly will in future, if anyone edits your table definition!

Try these, and see if you problem goes away. It may well do. If it doesn''t, then we will need to know any error message your get.

这篇关于停止保存现有数据(vb.net)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！