也不例外,但我的数据没有写入 SQL 服务器数据库
No exception, but my data isn't written into the SQL Server database
我在将新数据条目插入 SQL 服务器数据库时无所适从。我有我想存储在以下 class:
中的所有信息
public class NewSearchQuery //object reference q
{
public string Name, Location, SearchType, Path, Method;
public int RefNum;
public double Fee;
public bool Paid;
}
在用户填写表格等之后。这是我将信息保存到数据库的代码:
bool complete;
string sql = $"Insert into PrivateLog (Id,Applicant,ApplicationDate,Location,Search,Paid,Method,Amount,Files) values({q.RefNum}, '{q.Name}', {AppDate}, '{q.Location}', '{q.SearchType}', {q.Paid}, '{q.Method}', {q.Fee}, '{q.Path}')";
cnn.Open();
try
{
SqlDataAdapter adapter = new SqlDataAdapter();
SqlCommand command = new SqlCommand(sql, cnn); //The Connection String cnn is in a public string variable above this method.
adapter.InsertCommand = new SqlCommand(sql, cnn);
command.Dispose();
complete = true;
}
catch (System.Exception e)
{
complete = false;
}
cnn.Close();
return complete;
这是我的 table 设计师的样子:
谁能告诉我为什么新数据输入可能无法通过?
在那种情况下你不需要 SqlDataAdapter,你可以简单地执行你的命令:
try
{
SqlCommand command = new SqlCommand(sql, cnn);
command.ExecuteNonQuery();
complete = true;
}
尽管我建议使用 command.Parameters 添加参数值,以保护可能的 SQL 注入:
bool complete;
string sql = "Insert into PrivateLog (Id, Applicant, ApplicationDate, Location, Search, Paid, Method, Amount, Files) values(@RefNum, @Name, @AppDate, @Location, @SearchType, @Paid, @Method, @Fee, @Path)";
cnn.Open();
try
{
SqlCommand command = new SqlCommand(sql, cnn);
command.Parameters.Add("@RefNum", SqlDbType.Int).Value = q.RefNum;
command.Parameters.Add("@Name", SqlDbType.VarChar).Value = q.Name;
command.Parameters.Add("@AppDate", SqlDbType.DateTime).Value = AppDate;
command.Parameters.Add("@Location", SqlDbType.VarChar).Value = q.Location;
command.Parameters.Add("@SearchType", SqlDbType.VarChar).Value = q.SearchType;
command.Parameters.Add("@Paid", SqlDbType.Bit).Value = q.Paid;
command.Parameters.Add("@Method", SqlDbType.VarChar).Value = q.Method;
command.Parameters.Add("@Fee", SqlDbType.Decimal).Value = q.Fee;
command.Parameters.Add("@Path", SqlDbType.VarChar).Value = q.Path;
command.ExecuteNonQuery();
command.Dispose();
complete = true;
}
catch (System.Exception e)
{
complete = false;
}
cnn.Close();
return complete;
我在将新数据条目插入 SQL 服务器数据库时无所适从。我有我想存储在以下 class:
中的所有信息public class NewSearchQuery //object reference q
{
public string Name, Location, SearchType, Path, Method;
public int RefNum;
public double Fee;
public bool Paid;
}
在用户填写表格等之后。这是我将信息保存到数据库的代码:
bool complete;
string sql = $"Insert into PrivateLog (Id,Applicant,ApplicationDate,Location,Search,Paid,Method,Amount,Files) values({q.RefNum}, '{q.Name}', {AppDate}, '{q.Location}', '{q.SearchType}', {q.Paid}, '{q.Method}', {q.Fee}, '{q.Path}')";
cnn.Open();
try
{
SqlDataAdapter adapter = new SqlDataAdapter();
SqlCommand command = new SqlCommand(sql, cnn); //The Connection String cnn is in a public string variable above this method.
adapter.InsertCommand = new SqlCommand(sql, cnn);
command.Dispose();
complete = true;
}
catch (System.Exception e)
{
complete = false;
}
cnn.Close();
return complete;
这是我的 table 设计师的样子:
谁能告诉我为什么新数据输入可能无法通过?
在那种情况下你不需要 SqlDataAdapter,你可以简单地执行你的命令:
try
{
SqlCommand command = new SqlCommand(sql, cnn);
command.ExecuteNonQuery();
complete = true;
}
尽管我建议使用 command.Parameters 添加参数值,以保护可能的 SQL 注入:
bool complete;
string sql = "Insert into PrivateLog (Id, Applicant, ApplicationDate, Location, Search, Paid, Method, Amount, Files) values(@RefNum, @Name, @AppDate, @Location, @SearchType, @Paid, @Method, @Fee, @Path)";
cnn.Open();
try
{
SqlCommand command = new SqlCommand(sql, cnn);
command.Parameters.Add("@RefNum", SqlDbType.Int).Value = q.RefNum;
command.Parameters.Add("@Name", SqlDbType.VarChar).Value = q.Name;
command.Parameters.Add("@AppDate", SqlDbType.DateTime).Value = AppDate;
command.Parameters.Add("@Location", SqlDbType.VarChar).Value = q.Location;
command.Parameters.Add("@SearchType", SqlDbType.VarChar).Value = q.SearchType;
command.Parameters.Add("@Paid", SqlDbType.Bit).Value = q.Paid;
command.Parameters.Add("@Method", SqlDbType.VarChar).Value = q.Method;
command.Parameters.Add("@Fee", SqlDbType.Decimal).Value = q.Fee;
command.Parameters.Add("@Path", SqlDbType.VarChar).Value = q.Path;
command.ExecuteNonQuery();
command.Dispose();
complete = true;
}
catch (System.Exception e)
{
complete = false;
}
cnn.Close();
return complete;