我想使用表单将数据插入到sql表中。
问题描述:
我想使用表单插入数据。我也有连接错误
OP在评论中发布的代码:
i want to insert data using form. i also got error in connectivity
Code posted by OP in comment:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
namespace Hospital_Management
{
public partial class admin_doctor_home : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btn_submit_click(object sender, EventArgs e)
{
SqlConnection sc = new SqlConnection("Data Source=.\\sqlexpress;initial Catalog=user_master; Integrated Security=True;Pooling=False");
SqlCommand cmd;
cmd = new SqlCommand();
cmd.CommandText = "insert into user_master values(" + Txt1.Text + "," + Txt2.Text + "," + TextBox1.Text + "," + TextBox2.Text + "," + TextBox3.Text + "," + DropDownList1.Text + "," + DropDownList2.Text + "," + email_id.Text + "," + no.Text + ")";
//cmd.CommandType = CodeConstructType.text;
cmd.Connection = sc;
Response.Redirect("admin_doctor_home.aspx");
}
}
}
答
如果是和连接错误,请尝试使用Server Explorer窗格在VS中设置连接:
1)打开服务器资源管理器。
2)右键单击数据连接并选择添加连接
3)在随后的对话框中,选择您的DataSource和数据库,指定安全信息,然后按测试连接按钮。
4)当连接有效时,按确定
5)在服务器资源管理器窗格中突出显示数据库,然后查看属性窗格。将显示连接字符串的工作示例,您可以将其复制并粘贴到您的应用程序或配置文件中。
那么,不要那样做!不要连接字符串以构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。请改用参数化查询。
完成后,请始终按顺序列出要插入的字段 - 这样任何数据库更改都不会破坏您的代码:
If it's and "error in connectivity", then try setting up a connection in VS with the Server Explorer pane:
1) Open Server Explorer.
2) Right click "Data connections" and select "Add connection"
3) In the dialog that follows, select your DataSource, and database, specify the security info, and press the "Test connection" button.
4) When the connection works, press "OK"
5) Highlight your database in the Server Explorer pane, and look at the Properties pane. A working example of the connection string will be shown, which you can copy and paste into your app or config file.
Then, don't do it like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
When you've done that, always list the fields you want to insert into in order - that way any DB changes don't break your code:
INSERT INTO myTable (myColumn1, myColumn2) VALUES (@C1, @C2)
最后,也许如果你打开连接并执行查询,INSERT可能会更好一点吗?
And finally, perhaps if you opened the connect, and executed the query, the INSERT might work a bit better?
sc.Open();
cmd.ExecuteNonQuery();可能会这样做...
尝试以下连接字符串
Try below connection string
Server=myServerAddress;Database=myDataBase;User Id=myUsername;Password=myPassword;
SqlCommand cmd=new SqlCommand();
cmd.Connection= <connection object="">;
cmd.CommandText = <insert sql="" statement="">;
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
请尝试以上代码。
添加了代码块
Try the above code.
code block added
首先,你认为你没有打开过连接到数据库。首先打开连接。
sc.open();
cmd.Connection = sc;
cmd.ExecuteNonQuery();
希望这样可行。如果不能正常工作请告诉我你的错误。
Hi,
First of all u i think u have not opened the connection to the database.So 1st open the connection.
sc.open();
cmd.Connection=sc;
cmd.ExecuteNonQuery();
Hopefully this would work.If not working fine pleas let me know about your error.