1. 首頁
  2. 問答
  3. 如何在圖書館管理中發佈圖書時自動更新數據庫值

如何在圖書館管理中發佈圖書時自動更新數據庫值

2013-10-08 31 views
0

我想用C#製作圖書館系統。在這個系統中,一本書發佈時,它應該自動減少數據庫中的書籍數量。當​​應該有一個消息框顯示「不可用」。如何在圖書館管理中發佈圖書時自動更新數據庫值

這是我的代碼:

private void btnIssue_Click(object sender, EventArgs e) 
{ 
    if (cmbResID.Text != "" && cmbMemID.Text != "" && cmbBookID.Text != "" && txtBkTitle.Text != "" && txtCategory.Text != "" && txtAuthor.Text != "" && txtIssueDate.Text != "" && txtActDate.Text != "") 
    { 
     SqlCommand Quantity = new SqlCommand("Select * from tblBookDetails where Book_ID = '" + cmbBookID.Text +"'"); 
     DataSet ds = Library.Select(Quantity); 
     if (ds.Tables[0].Rows.Count > 0) 
     { 
      textBox1.Text = ds.Tables[0].Rows[0].ItemArray.GetValue(5).ToString(); 
      int b = Convert.ToInt32(textBox1.Text); 
      if (b > 0) 
      { 
       //a = a - 1; 
       //int b = Convert.ToInt32(a); 
       //label15.Text = a.ToString(); 

       SqlCommand update=new SqlCommand("UPDATE tblBookDetails SET Quantity=Quantity-1 WHERE Book_ID='"+ cmbBookID +"'");       
       Library.ExecuteInsert(update); 

       SqlCommand save = new SqlCommand("insert into tblBookIssue values(@ResID,@Member_ID,@Book_ID,@Issue_Date,@Act_Ret_Date)"); 
       save.Parameters.AddWithValue("@ResID", cmbResID.Text); 
       save.Parameters.AddWithValue("@Member_ID", cmbMemID.Text); 
       save.Parameters.AddWithValue("@Book_ID", cmbBookID.Text); 
       save.Parameters.AddWithValue("@Issue_Date", txtIssueDate.Text); 
       save.Parameters.AddWithValue("@Act_Ret_Date", txtActDate.Text); 
       Library.Insert(save); 
       MessageBox.Show("Book Issued", "Book Issue", MessageBoxButtons.OK, MessageBoxIcon.Information); 
       clear(); 
      } 
      else 
      { 
       MessageBox.Show("this book is not available"); 
      } 
     } 
    } 
    else 
    { 
     MessageBox.Show("FILL COLUMS"); 
    } 
}

來源

2013-10-08 user2192368

回答

1

基於關閉文本框的執行SQL是非常不安全,容易受到SQL注入攻擊。此外,要遵循面向對象的程序並製作更清晰的代碼,建議創建一個Book對象,我完成了一些代碼,其中顯示了一個示例,其中包括書籍增量器。最好是使集中存儲的特效執行獲取圖書和更新圖書結帳。你將不得不把你的基本選擇變成一個存儲的過程,並寫另一個過程,看看數量和如果數量< 1返回0否則返回1.讓我知道如果你需要更多的信息,這段代碼應該幫助你滾動

using System; 
using System.Data; 
using System.Data.SqlClient; 


namespace MockLibrary 
{ 
internal class Book 
{ 
    #region Constructors 

    public Book() 
    { 

    } 

    public Book(string resId, string memberId, string bookId, DateTime issueDate,  DateTime actRetDate) 
    { 
     this.ResId = resId; 
     this.MemberId = memberId; 
     this.BookId = bookId; 
     this.IssueDate = issueDate; 
     this.ActRetDate = actRetDate; 
    } 

    #endregion 

    #region Properties 

    private string _ResID; 
    private string _MemberID; 
    private string _BookId; 
    private DateTime _IssueDate; 
    private DateTime _ActRetDate; 

    public string ResId 
    { 
     get { return _ResID; } 
     set { _ResID = value; } 
    } 

    public string MemberId 
    { 
     get { return _MemberID; } 
     set { _MemberID = value; } 
    } 

    public string BookId 
    { 
     get { return _BookId; } 
     set { _BookId = value; } 
    } 

    public DateTime IssueDate 
    { 
     get { return _IssueDate; } 
     set { _IssueDate = value; } 
    } 

    public DateTime ActRetDate 
    { 
     get { return _ActRetDate; } 
     set { _ActRetDate = value; } 
    } 

    #endregion 

    public Book GetBookByID(string resId, string memberId) 
    { 

     try 
     { 
      using (SqlConnection con = new SqlConnection("put your db con string here")) 
      { 
       using (SqlCommand cmd = new SqlCommand("sp_GetBookById", con)) 
       { 
        cmd.CommandType = CommandType.StoredProcedure; 

        cmd.Parameters.Add("@ResId", SqlDbType.VarChar).Value = resId; 
        cmd.Parameters.Add("@MemberId", SqlDbType.VarChar).Value = memberId; 

        con.Open(); 
        cmd.ExecuteNonQuery(); 

        SqlDataReader rdr = cmd.ExecuteReader(); 

        while (rdr.Read()) 
        { 
         Book newBook = new Book(rdr["ResId"].ToString(),rdr["MemberId"].ToString(),rdr["BookId"].ToString(),DateTime.Now,DateTime.Now); 
         return newBook; 
        } 
       } 

      } 

     } 
     catch 
     { 
      throw new Exception("something went wrong"); 
     } 
     return null; 
    } 

    public bool CheckoutBook(string resId, string memberId) 
    { 
     using (SqlConnection con = new SqlConnection("put your db con string here")) 
     { 
      using (SqlCommand cmd = new SqlCommand("sp_CheckoutBook", con)) 
      { 
       cmd.CommandType = CommandType.StoredProcedure; 

       cmd.Parameters.Add("@ResId", SqlDbType.VarChar).Value = resId; 
       cmd.Parameters.Add("@MemberId", SqlDbType.VarChar).Value = memberId; 

       con.Open(); 
       cmd.ExecuteNonQuery(); 
       SqlDataReader rdr = cmd.ExecuteReader(); 

       while (rdr.Read()) 
       { 
        if (rdr["checkoutsuccessful"].ToString() == "1") 
        { 
         return true; 
        } 
       } 

      } 
     } 
     return false; 
    } 
}

}

來源

2013-10-08 20:36:03 Jwit

相關問題

 相關問題