C# 如何通过匹配文本框中的文本来显示记录?
我有两个表,即预约表和医疗中心,它们使用mcID相互关联。现在,在我的预约表单中,我使用外部联接在MedicalCenter表中显示McCenter,而不是在gridview中显示mcID。在我的表格中,所有医疗中心(McCenter)都显示在gridview中。但我只想显示黄和梁的家庭诊所记录,因为我想匹配文本框中的文本,即黄和梁的家庭诊所。这意味着文本框中有watever医院文本,我只希望该医院记录显示在gridview中。文本框名称为txtCentreC# 如何通过匹配文本框中的文本来显示记录?,c#,windows,datagridview,textbox,record,C#,Windows,Datagridview,Textbox,Record,我有两个表,即预约表和医疗中心,它们使用mcID相互关联。现在,在我的预约表单中,我使用外部联接在MedicalCenter表中显示McCenter,而不是在gridview中显示mcID。在我的表格中,所有医疗中心(McCenter)都显示在gridview中。但我只想显示黄和梁的家庭诊所记录,因为我想匹配文本框中的文本,即黄和梁的家庭诊所。这意味着文本框中有watever医院文本,我只希望该医院记录显示在gridview中。文本框名称为txtCentre private void Load
private void LoadAppointmentRecords()
{
//retrieve connection information info from App.config
string strConnectionString = ConfigurationManager.ConnectionStrings["SACPConnection"].ConnectionString;
//STEP 1: Create connection
SqlConnection myConnect = new SqlConnection(strConnectionString);
//STEP 2: Create command
//string strCommandText = "SELECT appointmentID, convert(varchar, aDate, 103) AS aDate, aTime, aStatus, aContact, aHeight, aWeight, patientID, mcID, nurseID FROM APPOINTMENT";
string strCommandText = "SELECT appointmentID, convert(varchar, aDate, 103) AS aDate, aTime, aStatus, aContact, aHeight, aWeight, pat.pFirstName, pat.pLastName, cen.mcCentre, nur.nUsername FROM APPOINTMENT AS app";
strCommandText += " LEFT OUTER JOIN PATIENT as pat on app.patientid = pat.patientid";
strCommandText += " LEFT OUTER JOIN MEDICALCENTRE as cen on app.mcid = cen.mcid";
strCommandText += " LEFT OUTER JOIN NURSE as nur on app.nurseid = nur.nurseid";
//strCommandText += " LEFT OUTER JOIN NURSE as nur on app.nurseid = nur.nurseid";
AppointmentAdapter = new SqlDataAdapter(strCommandText, myConnect);
//command builder generates Select, update, delete and insert SQL
// statements for MedicalCentreAdapter
//SqlCommandBuilder cmdBuilder = new SqlCommandBuilder(AppointmentAdapter);
// Empty Employee Table first
Appointment.Clear();
// Fill Employee Table with data retrieved by data adapter
// using SELECT statement
AppointmentAdapter.Fill(Appointment);
// if there are records, bind to Grid view & display
if (Appointment.Rows.Count > 0)
grdApp.DataSource = Appointment;
}
将此代码添加到字符串中。。。这将匹配txtcenter.Text中的任何内容,即使文本尚未完全键入,只需匹配几个字符或单词即可
strCommandText += " WHERE mcCentre like '%" + txtCentre.Text.Replace("'", "''").Trim() + "%'";
这将匹配TXTCenter中的任何内容。文本完全匹配
strCommandText += " WHERE mcCentre like '" + txtCentre.Text.Replace("'", "''").Trim() + "'";
在文本中添加.Replace(“'”,“'”).Trim()可以帮助您避免不使用参数的SQL注入,但如果您想使用参数,可以遵循Jon Barker的方法:)请记住,使用此方法会使您自己暴露在攻击之下。我建议使用ORM,比如实体框架。如果您仍然想使用chris_techno25发布的direct SQL,那么请始终使用参数,而不是直接嵌入来自用户的未初始化字符串