1. 首页
  2. 问答
  3. 插入查询在C#与MS Access数据库

插入查询在C#与MS Access数据库

2015-10-16 67 views
1

当我插入数据MS Access数据库。它是不是给数据库没有插入任何错误,但数据插入查询在C#与MS Access数据库

代码:

private void btnsubmit_Click(object sender, EventArgs e) 
    { 

     int row = dataGridView1.RowCount; 
     for (int i = 0; i < row - 1; i++) 
     { 
      String str = "insert into JDS_Data(job_no,order_no,Revision,DesignSpec,Engine_Type,date,LE_IN_Designer,CPH_Designer,Exp_Del_Week,Action_code,Rev_Description,Ref_pattern,Name_of_mock_up,EPC_Drawing,Turbocharger_no_Type,Engine_Specific_Requirement,Draft_sketch_with_details,Air_cooler_type,Description_of_Job,SF_No,Standard,Prority_Sequence,Remark,Part_family,Modified_Date,User) values('" + txtjobno.Text + "','" + txtorderno.Text + "','" + txtrevison.Text + "','" + txtds.Text + "','" + txtenginetype.Text + "','" + dateTimePicker1.Text + "','" + txtleindesigner.Text + "','" + txtcphdesigner.Text + "','" + txtexpweek.Text + "','" + txtactioncode.Text + "','" + txtrevdescription.Text + "','" + txtrefpatern.Text + "','" + txtmockup.Text + "','" + txtepcdwg.Text + "','" + txtturbono.Text + "','" + txtenginereq.Text + "','" + txtdraft.Text + "','" + txtaircolertype.Text + "','" + txtdespjob.Text + "','" + dataGridView1.Rows[i].Cells[0].Value.ToString() + "','" + dataGridView1.Rows[i].Cells[1].Value.ToString() + "','" + dataGridView1.Rows[i].Cells[2].Value.ToString() + "','" + dataGridView1.Rows[i].Cells[3].Value.ToString() + "','" + dataGridView1.Rows[i].Cells[4].Value.ToString() + "','" + DateTime.Today + "','" + mdlconnection.user_name + "')"; 

      int dd = mdlconnection.excuteQuery(str); 
      MessageBox.Show(str); 
      //if (dd > 0) 
      { 
       MessageBox.Show("Data Saved Successfully..!!!"); 

      } 

     } 

    }

代码:

public static int excuteQuery(string q) 
    { 
     int d = 0; 
     try 
     { 
      OleDbCommand cmd = new OleDbCommand(q, con); 
      d = cmd.ExecuteNonQuery(); 
     } 
     catch (Exception e) 
     { 
      Console.WriteLine(e.Message); 
     } 
     return d; 
    }

来源

2015-10-16 shweta

+1

这是什么'mdlconnection.excuteQuery'方法是什么呢?你应该总是使用[参数化查询](http://blog.codinghorror.com/give-me-parameterized-sql-or-give-me-death/)。这种字符串连接对于[SQL注入](http://en.wikipedia.org/wiki/SQL_injection)攻击是开放的。 –

+0

用它下面的[edit]按钮更新你的问题。 ExcuteQuery是:public static int excuteQuery(string q) { int d = 0; –

+0

尝试 OleDbCommand cmd = new OleDbCommand(q,con); d = cmd.ExecuteNonQuery(); } catch(Exception e) { } Console.WriteLine(e.Message); } return d; } – shweta

回答

0

如果你正在使用DataContext(你一点信息提供) 你应该重写你的语句来马TCH的例子:

var customers = db.ExecuteQuery<Customer>(@"SELECT CustomerID, CompanyName, ContactName, ContactTitle, 
    Address, City, Region, PostalCode, Country, Phone, Fax 
    FROM dbo.Customers 
    WHERE City = {0}", "London");

我应该建议使用this tutorial for the connection不是实际

来源

2015-10-16 07:25:11

相关问题

 相关问题