无法获取数据以提交到 SQL 服务器
Unable to get data to commit to SQL Server
我一直在网上搜索答案,但还没有找到任何答案。
我有一个小型控制台应用程序,我正在尝试将一些数据插入 SQL 服务器数据库(.mdf 数据库文件),一切运行无误,但是当我打开服务器资源管理器中的数据库,数据不存在。
这是代码:
using (TransactionScope scope = new TransactionScope())
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["FrameBudgetDB"].ToString()))
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open();
cmd.CommandText = string.Format("SELECT TOP 1 category_id FROM businesses WHERE '{0}' LIKE CONCAT('%',description,'%')", transDescription.Replace("'", "''"));
SqlDataReader reader = cmd.ExecuteReader();
try
{
if (reader.HasRows)
{
while (reader.Read())
{
categoryId = (int)reader[0];
}
}
else
{
categoryId = 44; // Unknown
}
}
finally
{
reader.Close();
}
// Get Transaction Type
int transTypeId = 0;
cmd.CommandText = string.Format("SELECT trans_type_id FROM transaction_types WHERE description = '{0}'", transType);
reader = cmd.ExecuteReader();
try
{
if (reader.HasRows)
{
while (reader.Read())
{
transTypeId = (int)reader[0];
}
}
}
finally
{
reader.Close();
}
SqlTransaction trans = conn.BeginTransaction("InsertTransactiolns");
try
{
cmd.Transaction = trans;
cmd.CommandText = string.Format(
"BEGIN " +
"IF NOT EXISTS(SELECT * FROM transactions " +
"WHERE transaction_date = '{0}' " +
"AND description = '{1}' " +
"AND trans_type_id = {2} " +
"AND amount = {3} " +
"AND(category_id = {5} OR previous_category_id = {5} )) " +
"BEGIN " +
"INSERT INTO transactions(transaction_date, description, trans_type_id, import_date, category_id, amount) " +
"VALUES('{0}', '{1}', {2}, '{4}', {5}, {3}) " +
"END " +
"END", transDate, transDescription.Replace("'", "''"), transTypeId, amount, DateTime.Now, categoryId);
rowsInserted = rowsInserted + cmd.ExecuteNonQuery();
trans.Commit();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
try
{
trans.Rollback();
}
catch (Exception e2)
{
Console.WriteLine(e2.Message);
}
}
}
}
数据库连接字符串是:
<connectionStrings>
<add name="FrameBudgetDB"
connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|FrameBudget.mdf;Integrated Security=True;Connect Timeout=30"
providerName="System.Data.SqlClient" />
</connectionStrings>
数据目录是:
AppDomain.CurrentDomain.SetData("DataDirectory", Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + @"\FrameBudget\"));
确实不清楚为什么您同时拥有 TransactionScope 实例和对 BeginTransaction 的调用。我只会使用其中一个。然而这一行
using (TransactionScope scope = new TransactionScope())
{
...
需要完成以防
成功
scope.Complete();
}
如果不调用 Complete,退出 using 块意味着回滚。
我会通过调用
来删除块
SqlTransaction trans = conn.BeginTransaction("InsertTransactiolns");
和相关的 Rollback 或 Commit 调用只留下 TransactionScope 实例(处理起来更简单)。
作为旁注。您的代码容易受到 Sql 注入攻击。 string.Format 是字符串连接的一种形式,我们都知道 nasty things that can happen 使用字符串连接方法来构建 sql 查询
我一直在网上搜索答案,但还没有找到任何答案。
我有一个小型控制台应用程序,我正在尝试将一些数据插入 SQL 服务器数据库(.mdf 数据库文件),一切运行无误,但是当我打开服务器资源管理器中的数据库,数据不存在。
这是代码:
using (TransactionScope scope = new TransactionScope())
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["FrameBudgetDB"].ToString()))
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open();
cmd.CommandText = string.Format("SELECT TOP 1 category_id FROM businesses WHERE '{0}' LIKE CONCAT('%',description,'%')", transDescription.Replace("'", "''"));
SqlDataReader reader = cmd.ExecuteReader();
try
{
if (reader.HasRows)
{
while (reader.Read())
{
categoryId = (int)reader[0];
}
}
else
{
categoryId = 44; // Unknown
}
}
finally
{
reader.Close();
}
// Get Transaction Type
int transTypeId = 0;
cmd.CommandText = string.Format("SELECT trans_type_id FROM transaction_types WHERE description = '{0}'", transType);
reader = cmd.ExecuteReader();
try
{
if (reader.HasRows)
{
while (reader.Read())
{
transTypeId = (int)reader[0];
}
}
}
finally
{
reader.Close();
}
SqlTransaction trans = conn.BeginTransaction("InsertTransactiolns");
try
{
cmd.Transaction = trans;
cmd.CommandText = string.Format(
"BEGIN " +
"IF NOT EXISTS(SELECT * FROM transactions " +
"WHERE transaction_date = '{0}' " +
"AND description = '{1}' " +
"AND trans_type_id = {2} " +
"AND amount = {3} " +
"AND(category_id = {5} OR previous_category_id = {5} )) " +
"BEGIN " +
"INSERT INTO transactions(transaction_date, description, trans_type_id, import_date, category_id, amount) " +
"VALUES('{0}', '{1}', {2}, '{4}', {5}, {3}) " +
"END " +
"END", transDate, transDescription.Replace("'", "''"), transTypeId, amount, DateTime.Now, categoryId);
rowsInserted = rowsInserted + cmd.ExecuteNonQuery();
trans.Commit();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
try
{
trans.Rollback();
}
catch (Exception e2)
{
Console.WriteLine(e2.Message);
}
}
}
}
数据库连接字符串是:
<connectionStrings>
<add name="FrameBudgetDB"
connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|FrameBudget.mdf;Integrated Security=True;Connect Timeout=30"
providerName="System.Data.SqlClient" />
</connectionStrings>
数据目录是:
AppDomain.CurrentDomain.SetData("DataDirectory", Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + @"\FrameBudget\"));
确实不清楚为什么您同时拥有 TransactionScope 实例和对 BeginTransaction 的调用。我只会使用其中一个。然而这一行
using (TransactionScope scope = new TransactionScope())
{
...
需要完成以防
成功 scope.Complete();
}
如果不调用 Complete,退出 using 块意味着回滚。
我会通过调用
SqlTransaction trans = conn.BeginTransaction("InsertTransactiolns");
和相关的 Rollback 或 Commit 调用只留下 TransactionScope 实例(处理起来更简单)。
作为旁注。您的代码容易受到 Sql 注入攻击。 string.Format 是字符串连接的一种形式,我们都知道 nasty things that can happen 使用字符串连接方法来构建 sql 查询