C# 2个SQL命令插入和更新到不同的表_C#_Mysql_Sql Server_Ms Access

C# 2个SQL命令插入和更新到不同的表

c# mysql sql-server ms-access

C# 2个SQL命令插入和更新到不同的表,c#,mysql,sql-server,ms-access,C#,Mysql,Sql Server,Ms Access,有2个sql命令，其中包含用于不同表的命令。这是我的密码 private void button1_Click(object sender, EventArgs e) { string txtbx9 = textBox9.Text.ToString(); string cmbbx2 = comboBox2.SelectedItem.ToString(); string name = textBox1.Text.ToString();

有2个sql命令，其中包含用于不同表的命令。这是我的密码

  private void button1_Click(object sender, EventArgs e)
    {
        string txtbx9 = textBox9.Text.ToString();
        string cmbbx2 = comboBox2.SelectedItem.ToString();
        string name = textBox1.Text.ToString();
        string surname = textBox2.Text.ToString();
        string company = textBox3.Text.ToString();
        string txtbx8 = textBox8.Text.ToString();
        string sts = "In House";

            try
            {
                connection.Open();


                MessageBox.Show("Payment approved.");
                richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
                 string rtb = richTextBox1.Text.ToString();

            OleDbCommand command = new OleDbCommand();
                command.Connection = connection;
                command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')"; ;
                command.ExecuteNonQuery();
                command.CommandType = CommandType.Text;
                command.CommandText = "UPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";

                command.Connection = connection;
                connection.Open();
                command.ExecuteNonQuery();

        }

如何将这两个命令一起执行？

程序执行第一个sql命令，但不执行第二个

您可以在on命令中执行这两个命令：

try
{
      connection.Open();   

      MessageBox.Show("Payment approved.");
      richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
      string rtb = richTextBox1.Text.ToString();
      command.Connection = connection;
      command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')";
      command.CommandText += "\nUPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";
      command.ExecuteNonQuery();
}

或者一个接一个地执行它们：

try
{
      connection.Open();   

      MessageBox.Show("Payment approved.");
      richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
      string rtb = richTextBox1.Text.ToString();
      command.Connection = connection;
      command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')";
      command.ExecuteNonQuery();
      command.CommandText = "UPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";
      command.ExecuteNonQuery();
}

编辑：

正如Steve提到的（他绝对正确），参数应该作为

SqlParameters

传递。其好处是可以更好地防止SQL注入，而且您可以确信，像“O'Neil”这样的意外输入不会破坏您的代码（参数名称可能更好）：

您可以在on命令中执行这两个命令：

try
{
      connection.Open();   

      MessageBox.Show("Payment approved.");
      richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
      string rtb = richTextBox1.Text.ToString();
      command.Connection = connection;
      command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')";
      command.CommandText += "\nUPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";
      command.ExecuteNonQuery();
}

或者一个接一个地执行它们：

try
{
      connection.Open();   

      MessageBox.Show("Payment approved.");
      richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
      string rtb = richTextBox1.Text.ToString();
      command.Connection = connection;
      command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')";
      command.ExecuteNonQuery();
      command.CommandText = "UPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";
      command.ExecuteNonQuery();
}

编辑：

正如Steve提到的（他绝对正确），参数应该作为

SqlParameters

传递。其好处是可以更好地防止SQL注入，而且您可以确信，像“O'Neil”这样的意外输入不会破坏您的代码（参数名称可能更好）：

你可以用这个。您必须创建两次命令

private void button1_Click(object sender, EventArgs e)
{
string txtbx9 = textBox9.Text.ToString();
string cmbbx2 = comboBox2.SelectedItem.ToString();
string name = textBox1.Text.ToString();
string surname = textBox2.Text.ToString();
string company = textBox3.Text.ToString();
string txtbx8 = textBox8.Text.ToString();
string sts = "In House";

    try
    {
        connection.Open();


        MessageBox.Show("Payment approved.");
        richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
            string rtb = richTextBox1.Text.ToString();

        OleDbCommand command = new OleDbCommand();

        command.Connection = connection;
        command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')"; ;
        command.ExecuteNonQuery();

        command = new OleDbCommand();
        command.Connection = connection;
        command.CommandText = "UPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";

        command.ExecuteNonQuery();

}
}

你可以用这个。您必须创建两次命令

private void button1_Click(object sender, EventArgs e)
{
string txtbx9 = textBox9.Text.ToString();
string cmbbx2 = comboBox2.SelectedItem.ToString();
string name = textBox1.Text.ToString();
string surname = textBox2.Text.ToString();
string company = textBox3.Text.ToString();
string txtbx8 = textBox8.Text.ToString();
string sts = "In House";

    try
    {
        connection.Open();


        MessageBox.Show("Payment approved.");
        richTextBox1.Text = richTextBox1.Text + "The hotel received " + txtbx9 + " from this guest";
            string rtb = richTextBox1.Text.ToString();

        OleDbCommand command = new OleDbCommand();

        command.Connection = connection;
        command.CommandText = "INSERT INTO billing(g_name,g_surname,g_company,g_totalrate, g_paid, g_typepaid, info, u_add, u_tadd, g_ad, g_dd, g_amountofdays) VALUES('" + name + "','" + surname + "','" + company + "','" + txtbx8 + "', '" + txtbx9 + "', '" + cmbbx2 + "', '" + rtb + "', '" + label12.Text.ToString() + "', '" + this.dateTimePicker1.Value +"','"+textBox4.Text.ToString()+"','"+textBox5.Text.ToString()+"','"+textBox6.Text.ToString()+"')"; ;
        command.ExecuteNonQuery();

        command = new OleDbCommand();
        command.Connection = connection;
        command.CommandText = "UPDATE guestreg SET g_paidstatus='Paid '"+txtbx9+"'' where g_name ='"+name+"' and g_status = '"+sts"'";

        command.ExecuteNonQuery();

}
}

有很多方法可以做到这一点，但对我来说，最简单的方法是关闭并重新这样做：

SqlCommand importCommand = new SqlCommand("select * from * ", connection);
        SqlDataReader sqlDR = importCommand.ExecuteReader();
        int index = 0;
        while (sqlDR.Read()) { //something }
        sqlDR.Close();

        index = 0;
        importCommand = new SqlCommand("select * from * ", connection);
        sqlDR = importCommand.ExecuteReader();
        sqlDR.Close();

有很多方法可以做到这一点，但对我来说，最简单的方法是关闭并重新这样做：

SqlCommand importCommand = new SqlCommand("select * from * ", connection);
        SqlDataReader sqlDR = importCommand.ExecuteReader();
        int index = 0;
        while (sqlDR.Read()) { //something }
        sqlDR.Close();

        index = 0;
        importCommand = new SqlCommand("select * from * ", connection);
        sqlDR = importCommand.ExecuteReader();
        sqlDR.Close();

您可以删除第二个

command.Connection=Connection；connection.Open（），只需更改命令并再次执行，然后记得关闭连接。这是针对MySql、Sql Server还是MS Access？使用MySql/SQLServer，您可以使用两条Sql语句生成一条命令。这是无法访问的。您的问题是第二个连接已打开，而该连接已关闭open@stuartd在尝试之后有一个{
第二个ExecuteNonQuery
@stuartd之前还有一个，谢谢！一切都好worked@KeyurPATEL一切正常！非常感谢！！！你说得对！你可以删除第二个command.Connection=Connection；Connection.Open（）；
，只需更改命令并再次执行，然后记得关闭连接。这是针对MySql、Sql Server还是MS Access？对于MySql/Sql Server，您可以使用两个Sql语句执行一个命令。对于Access，这是不可能的。您的问题是，当连接已打开时，第二个连接已打开open@stuartd在try{
之后有一个，在第二个ExecuteNonQuery
之前有一个，谢谢！一切都好worked@KeyurPATEL一切正常！非常感谢！！！你说得对！这对MS Access不起作用（而且你忘记了两个命令文本之间的分号）我不知道这是为了访问。在SQL Server上，命令之间不需要分号OP标记了3个数据库。只有他/她知道，但我的第二个建议（编辑后）如果你不想给出完整的答案并推荐最佳实践，那么你就没有兴趣让你的答案成为未来读者的好参考，因此你应该期待有人批评你的工作这对MS Access不起作用（而且你忘记了两个命令文本之间的分号）我不知道这是为了访问。在SQL Server上，命令之间不需要分号OP标记了3个数据库。只有他/她知道，但我的第二个建议（编辑后）如果你不愿意给出完整的答案并推荐最佳实践，那么你就没有兴趣让你的答案成为未来读者的好参考，因此你应该期待有人批评你的工作