0
這是我怎麼會在vb.net插入新行中vbnet
Dim cmd2 As New MySqlCommand("INSERT INTO login (username, password) VALUES (username ,
password)", db_con)
插入一個新的人在MySQL還是有這樣做的更好的方法。
A
回答
1
使用參數化查詢來防止SQL注入或甚至更好地使用存儲過程。
Imports System
Imports System.Collections.Generic
Imports System.Linq
Imports System.Text
Imports System.Data
Imports MySql.Data
Imports MySql.Data.MySqlClient
Module Module1
Sub Main()
Dim conn As New MySqlConnection()
conn.ConnectionString = "xyz"
Dim cmd As New MySqlCommand()
'Here we execute a command to insert data via stored procedure
Try
Console.WriteLine("Connecting to MySQL...")
conn.Open()
cmd.Connection = conn
cmd.CommandText = "add_emp"
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@uname", "Jeremy")
cmd.Parameters("@uname").Direction = ParameterDirection.Input
cmd.Parameters.AddWithValue("@pword", "123abc")
cmd.Parameters("@pword").Direction = ParameterDirection.Input
cmd.Parameters.AddWithValue("@empno", MySqlDbType.Int32)
cmd.Parameters("@empno").Direction = ParameterDirection.Output
cmd.ExecuteNonQuery()
Console.WriteLine("Employee number: " & cmd.Parameters("@empno").Value)
Catch ex As MySql.Data.MySqlClient.MySqlException
Console.WriteLine(("Error " & ex.Number & " has occurred: ") + ex.Message)
End Try
conn.Close()
Console.WriteLine("Done.")
End Sub
End Module
Sub Main()
Dim conn As New MySqlConnection()
conn.ConnectionString = "server=localhost;user=root;database=world;port=3306;password=******;"
Dim cmd As New MySqlCommand()
'HERE WE EXECUTE A COMMAND TO CREATE THE TABLE AND STORED PROCEDURE
Try
Console.WriteLine("Connecting to MySQL...")
conn.Open()
cmd.Connection = conn
cmd.CommandText = "DROP PROCEDURE IF EXISTS add_emp"
cmd.ExecuteNonQuery()
cmd.CommandText = "DROP TABLE IF EXISTS emp"
cmd.ExecuteNonQuery()
cmd.CommandText = "CREATE TABLE emp (empno INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, user_name VARCHAR(20), password VARCHAR(20))"
cmd.ExecuteNonQuery()
cmd.CommandText = "CREATE PROCEDURE add_emp(" & "IN uname VARCHAR(20), IN pword VARCHAR(20), OUT empno INT)" & "BEGIN INSERT INTO emp(user_name, password, birthdate) " & "VALUES(uname, pword); SET empno = LAST_INSERT_ID(); END"
cmd.ExecuteNonQuery()
Catch ex As MySqlException
Console.WriteLine(("Error " & ex.Number & " has occurred: ") + ex.Message)
End Try
conn.Close()
Console.WriteLine("Connection closed.")
End Sub
+0
你能給我一個例子,說明你將如何寫這行代碼 – user2264202 2013-04-10 23:49:24
+0
我會盡快發佈完整的解決方案,[所以]給我錯誤atm試圖發佈代碼?#$ ^# $ ^#? – 2013-04-11 00:29:47
+0
好的時候,當你可以發佈請做 – user2264202 2013-04-11 01:26:45
0
INSERT INTO登錄信息(用戶名,密碼)VALUES(?,?)
1
從SQL注入防止您必須使用參數query.I我給你一個功能的refrence,你必須做出你的函數類似的東西,如
插入函數
Public Shared Function InsertFile(ByVal name As String, ByVal pwd As String) As Integer
Dim sql As String
sql = "insert into login (username,password) values (?uname, ?upass);"
Dim params1(2) As MySqlParameter
params1(1) = New MySqlParameter("?uname", name)
params1(2) = New MySqlParameter("?upass", pwd)
Return MySqlHelper.ExecuteNonQuery(sql, params1)
End Function
現在做一個新的ExecuteNonQuery功能執行查詢
ExecuteNonQuery函數
Public Shared Function ExecuteNonQuery(ByVal sql As String, ByVal params() As MySqlParameter) As Integer
Dim cnn As New MySqlConnection(connectionstring)
Dim cmd As New MySqlCommand(sql, cnn)
For i As Integer = 0 To params.Length - 1
cmd.Parameters.Add(params(i))
Next
cnn.Open()
Dim retval As Integer = cmd.ExecuteNonQuery()
cnn.Close()
Return retval
End Function
就是這樣,希望你能理解。
相關問題
- 1. 我怎樣才能插入使用VBNet
- 2. 插入新行
- 3. 插入新行
- 4. 插入和檢索Postgresql數據庫形式VBNet中的圖像
- 5. 聲明並插入新表並在新表中插入新行
- 6. 在NSTextFieldCell中插入新行
- 7. 在表中插入新行
- 8. 插入變量值在插入mysql查詢中插入新行
- 9. Mysql插入新行
- 10. SQL插入新行
- 11. 只有當Mysql插入新行時,纔會插入新行
- 12. VBNet 2008手機:按鈕中的新文本行
- 13. 插入新行,更新舊行:如何?
- 14. SSIS - 插入新行,更新行
- 15. 在VBNet中執行Postgres函數
- 16. 與VBnet
- 17. 插入新的隨機UUID()在運行插入,每次插入
- 18. 插入新行並填充
- 19. 更新DGV插入行後
- 20. UITableView不插入新行
- 21. 插入新行手動玉
- 22. Swift TableView插入新行
- 23. jquery插入一個新行
- 24. JTable插入行並刷新
- 25. 插入新行的DataTable
- 26. xlsxwriter:如何插入新行
- 27. 如何插入新行 - xlwings
- 28. 插入新行訪問
- 29. 插入更新多行mysql
- 30. 用SQLite插入新行PCL
是密碼和/或用戶名保留字嗎?如果是這樣,把它們放在方括號內 – Pezzzz 2013-04-11 10:08:43