1. 首頁
  2. 問答
  3. 我的查詢不正確地執行

我的查詢不正確地執行

2016-11-02 111 views
0

這是我的C#代碼中的一個方法,應該在一個特定的按鈕,點擊執行:我的查詢不正確地執行

private void button2_Click(object sender, EventArgs e) 
    { 
     try 
     { 

      string connectionString = "Data Source=LPMSW09000012JD\\SQLEXPRESS;Initial Catalog=Pharmacies;Integrated Security=True"; 
      SqlConnection con = new SqlConnection(connectionString); 
      con.Open(); 
      string query = "SELECT Code, Description, Next_Code FROM Liguanea_Lane2 WHERE code LIKE '%" + search.Text + "%'; "; 
      SqlCommand cmd = new SqlCommand(query, con); 

      SqlDataReader dr = cmd.ExecuteReader(); 

      while (dr.Read()) 
      { 
       string scode = dr.GetString(dr.GetOrdinal("next_code")); 
       textBox2.Text = scode; 

      } 
     } 
     catch (Exception ex) 
     { 

      MessageBox.Show(ex.ToString()); 
     } 
     //next description 
     try 
     { 

      string connectionString1 = "Data Source=LPMSW09000012JD\\SQLEXPRESS;Initial Catalog=Pharmacies;Integrated Security=True"; 
      SqlConnection con1 = new SqlConnection(connectionString1); 
      con1.Open(); 
      string query1 = "SELECT Code, Description, Next_Description FROM Liguanea_Lane2 WHERE code LIKE '%" + search.Text + "%'; "; 


      SqlCommand cmd1 = new SqlCommand(query1, con1); 

      SqlDataReader dr1 = cmd1.ExecuteReader(); 

      while (dr1.Read()) 
      { 
       string sdes = dr1.GetString(dr1.GetOrdinal("Next_Description")); 
       textBox3.Text = sdes; 

      } 
     } 
     catch (Exception ex) 
     { 

      MessageBox.Show(ex.ToString()); 
     } 
     search.ResetText(); 
     textBox1.Clear(); 
     search.SelectedIndex = search.SelectedIndex + 1; 
     textBox2.Clear(); 
     textBox3.Clear(); 

     string connectionString2 = "Data Source=LPMSW09000012JD\\SQLEXPRESS;Initial Catalog=Pharmacies;Integrated Security=True"; 
     SqlConnection con2 = new SqlConnection(connectionString2); 
     con2.Open(); 
     string query2 = "UPDATE Liguanea_Lane2 SET Update_val= '0' where code = '" + search.Text + "'; "; 


    } 


}

這種特殊的區塊內它是給這個問題:

string connectionString2 = "Data Source=LPMSW09000012JD\\SQLEXPRESS;Initial Catalog=Pharmacies;Integrated Security=True"; 
     SqlConnection con2 = new SqlConnection(connectionString2); 
     con2.Open(); 
     string query2 = "UPDATE Liguanea_Lane2 SET Update_val= '0' where code = '" + search.Text + "'; ";

爲了增加更多洞察力,它的功能是插入到我的MSSQL數據庫表中名爲「update_val」的列中。該值基於稱爲「搜索」的組合框的輸入插入。我在MSSQL中運行了查詢,並且它工作正常。唯一的區別是,不是從comboBox接收,而是使用「WHERE」命令指定值。 在c#中的問題是它根本不會更新MSSQL中的表。所以我問我的語法是否錯誤。

PS。是的,我知道應該實施參數化查詢以避免SQL注入。這僅僅是我自己的做法。所以沒有評論,因爲它涉及到這一點是相關的。

來源

2016-11-02 Jevon

+0

你執行'query2'?如果是這樣,那麼代碼就不會出現在上面。 – UtopiaLtd

+0

我錯過了什麼? – Jevon

回答

2

要執行的update命令,你會想要做的事更是這樣的:

using (SqlConnection connection = new SqlConnection(
       connectionstring1)) // You won't need a second connection string if both are the same 
    { 
     SqlCommand command = new SqlCommand(query2, connection); 
     command.Connection.Open(); 
     command.ExecuteNonQuery(); 
    }

來源

2016-11-02 21:46:54 UtopiaLtd

+0

is ok: 'string connectionString2 =「Data Source = LPMSW09000012JD \\ SQLEXPRESS; Initial Catalog = Pharmacies; Integrated Security = True」; SqlConnection con2 = new SqlConnection(connectionString2); string query2 =「UPDATE Liguanea_Lane2 SET Update_val ='0'where code ='」+ search.Text +「';」; (SqlConnection connection = new SqlConnection(connectionString2)) SqlCommand command = new SqlCommand(query2,connection); command.Connection.Open(); command.ExecuteNonQuery(); }' – Jevon

+0

似乎我濫用了代碼段。道歉,如果它很難破譯 – Jevon

+1

看起來不錯,但正如我所說,你不需要兩個不同的連接字符串。您不必使用'使用'塊,但它們是一個非常好的主意 - 它們確保您的連接在出現錯誤時關閉,有助於防止內存泄漏等。 – UtopiaLtd

相關問題

 相關問題