C# 参数化StringBuilder
我有一个动态gridview,可以用来添加两列的新行,以指定开始日期和结束日期。我试图使用字符串集合将文本框的输出传递到参数化查询,如图所示。我得到一个错误的语法接近9错误。我怎样才能做到这一点?我需要使用stringbuilder。任何帮助都将不胜感激,谢谢C# 参数化StringBuilder,c#,asp.net,C#,Asp.net,我有一个动态gridview,可以用来添加两列的新行,以指定开始日期和结束日期。我试图使用字符串集合将文本框的输出传递到参数化查询,如图所示。我得到一个错误的语法接近9错误。我怎样才能做到这一点?我需要使用stringbuilder。任何帮助都将不胜感激,谢谢 protected void btnSaveIterations_Click(object sender, EventArgs e) { int rowIndex = 0; StringCollection sc =
protected void btnSaveIterations_Click(object sender, EventArgs e)
{
int rowIndex = 0;
StringCollection sc = new StringCollection();
if (ViewState["CurrentTable"] != null)
{
DataTable dtCurrentTable = (DataTable)ViewState["CurrentTable"];
if (dtCurrentTable.Rows.Count > 0)
{
for (int i = 1; i <= dtCurrentTable.Rows.Count; i++)
{
//extract the TextBox values
TextBox box1 = (TextBox)Gridview1.Rows[rowIndex].Cells[1].FindControl("start_iteration");
TextBox box2 = (TextBox)Gridview1.Rows[rowIndex].Cells[2].FindControl("end_iteration");
start_date = box1.Text;
end_date = box2.Text;
//get the values from the TextBoxes
//then add it to the collections with a comma "," as the delimited values
sc.Add(proj_id + "," + start_date + "," + end_date);
rowIndex++;
}
//Call the method for executing inserts
InsertRecords(sc);
Response.Redirect(Request.Url.ToString());
//r.Close();
//conn.Close();
}
}
}
private void InsertRecords(StringCollection sc)
{
SqlConnection conn = new SqlConnection(GetConnectionString());
StringBuilder sb = new StringBuilder(string.Empty);
string[] splitItems = null;
foreach (string item in sc)
{
const string sqlStatement = "INSERT INTO Iterations (ProjectID, StartDate, EndDate) VALUES (@ProjectID, @StartDate, @EndDate)";
if (item.Contains(","))
{
splitItems = item.Split(",".ToCharArray());
sb.AppendFormat("{0}('{1}','{2}','{3}'); ", sqlStatement, splitItems[0], splitItems[1], splitItems[2]);
}
}
try
{
conn.Open();
SqlCommand cmd = new SqlCommand(sb.ToString(), conn);
SqlCommand cmd2 = new SqlCommand(sql, conn);
cmd.Parameters.Add("@ProjectID", SqlDbType.Int);
cmd.Parameters.Add("@StartDate", SqlDbType.DateTime);
cmd.Parameters.Add("@EndDate", SqlDbType.DateTime);
System.Globalization.CultureInfo ci = new System.Globalization.CultureInfo("en-GB");
cmd.Parameters["@ProjectID"].Value = proj_id;
cmd.Parameters["@StartDate"].Value = Convert.ToDateTime(start_date, ci);
cmd.Parameters["@EndDate"].Value = Convert.ToDateTime(end_date, ci);
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
...
}
protectedvoidbtnsaviterations\u单击(对象发送方,事件参数e)
{
int rowIndex=0;
StringCollection sc=新的StringCollection();
如果(ViewState[“CurrentTable”]!=null)
{
DataTable dtCurrentTable=(DataTable)视图状态[“CurrentTable”];
如果(dtCurrentTable.Rows.Count>0)
{
对于(inti=1;i您使用的是来自sb
的文本,这显然是不正确的sql
...
const string sqlStatement = "INSERT INTO Iterations (ProjectID, StartDate, EndDate) VALUES (@ProjectID, @StartDate, @EndDate)";
conn.Open();
SqlCommand cmd = new SqlCommand(sqlStatement, conn);
cmd.Parameters.Add("@ProjectID", SqlDbType.Int);
cmd.Parameters.Add("@StartDate", SqlDbType.DateTime);
cmd.Parameters.Add("@EndDate", SqlDbType.DateTime);
System.Globalization.CultureInfo ci = new System.Globalization.CultureInfo("en-GB");
foreach (string item in sc)
{
if (item.Contains(","))
{
splitItems = item.Split(",".ToCharArray());
cmd.Parameters["@ProjectID"].Value = splitItems[0];
cmd.Parameters["@StartDate"].Value = Convert.ToDateTime(splitItems[1], ci);
cmd.Parameters["@EndDate"].Value = Convert.ToDateTime(splitItems[2], ci);
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
}
...
您使用的是来自sb
的文本,这显然是不正确的sql。正确的代码如下
...
const string sqlStatement = "INSERT INTO Iterations (ProjectID, StartDate, EndDate) VALUES (@ProjectID, @StartDate, @EndDate)";
conn.Open();
SqlCommand cmd = new SqlCommand(sqlStatement, conn);
cmd.Parameters.Add("@ProjectID", SqlDbType.Int);
cmd.Parameters.Add("@StartDate", SqlDbType.DateTime);
cmd.Parameters.Add("@EndDate", SqlDbType.DateTime);
System.Globalization.CultureInfo ci = new System.Globalization.CultureInfo("en-GB");
foreach (string item in sc)
{
if (item.Contains(","))
{
splitItems = item.Split(",".ToCharArray());
cmd.Parameters["@ProjectID"].Value = splitItems[0];
cmd.Parameters["@StartDate"].Value = Convert.ToDateTime(splitItems[1], ci);
cmd.Parameters["@EndDate"].Value = Convert.ToDateTime(splitItems[2], ci);
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
}
...
你似乎混淆了两件不同的事情:
使用StringBuilder,可以将SQL文本设置为一个包含参数占位符的字符串,后跟另一个包含以下值的字符串:
在迭代(ProjectID、StartDate、EndDate)中插入值(@ProjectID,…)(12345,'2011-02-22',…)
后来您设置了参数,但是忘记了日期周围的单引号-因此出现了“9附近语法错误”错误
要么在最后省略整个SQL参数,然后在StringBuilder中设置值,给出
插入迭代(ProjectID、StartDate、EndDate)值(12345、‘2011-02-22’、…)
或者省略StringBuilder部分,并在参数占位符周围向sqlStatement添加单引号:
在迭代(ProjectID、StartDate、EndDate)中插入值(@ProjectID、@StartDate、“@EndDate”)
你似乎混淆了两件不同的事情:
使用StringBuilder,可以将SQL文本设置为一个包含参数占位符的字符串,后跟另一个包含以下值的字符串:
在迭代(ProjectID、StartDate、EndDate)中插入值(@ProjectID,…)(12345,'2011-02-22',…)
后来您设置了参数,但是忘记了日期周围的单引号-因此出现了“9附近语法错误”错误
要么在最后省略整个SQL参数,然后在StringBuilder中设置值,给出
插入迭代(ProjectID、StartDate、EndDate)值(12345、‘2011-02-22’、…)
或者省略StringBuilder部分,并在参数占位符周围向sqlStatement添加单引号:
在迭代(ProjectID、StartDate、EndDate)中插入值(@ProjectID、@StartDate、“@EndDate”)
你调试过代码吗?错误发生在哪里?你调试过代码吗?错误发生在哪里