C# select语句的返回值
我想将select语句的结果值检索到字符串变量中。像这样:C# select语句的返回值,c#,.net,ms-access,select,oledb,C#,.net,Ms Access,Select,Oledb,我想将select语句的结果值检索到字符串变量中。像这样: OleDbCommand cmd1 = new OleDbCommand(); cmd1.Connection = GetConnection(); cmd1.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text; cmd1.ExecuteNonQuery(); 我想将选定的治疗值放入字符串变量中。我
OleDbCommand cmd1 = new OleDbCommand();
cmd1.Connection = GetConnection();
cmd1.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
cmd1.ExecuteNonQuery();
我想将选定的治疗值放入字符串变量中。我如何才能做到这一点?使用和不使用ExecuteNonQuery()
只返回受影响的行数
try
{
SqlDataReader dr = cmd1.ExecuteReader();
}
catch (SqlException oError)
{
}
while(dr.Read())
{
string treatment = dr[0].ToString();
}
或者更好的是,使用一个
但是如果SqlCommand
仅返回1
列,则可以使用该方法。它返回第一行的第一列,如下所示:-
cmd.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
string str = Convert.ToString(cmd.ExecuteScalar());
您还可以将代码打开到。始终使用参数化查询。杰夫有一篇很酷的博客文章叫做。请仔细阅读。还要读一篇文章。SQL注入在处理查询时非常重要。您只需要使用命令的ExecuteScalar方法-这将为您提供结果集第一行和第一列的值
OleDbCommand cmd1 = new OleDbCommand();
cmd1.Connection = GetConnection();
cmd1.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
var result = cmd1.ExecuteScalar();
如果SQL语句返回多个行/列,则可以使用ExecuteReader()。答案:
String res = cmd1.ExecuteScalar();
备注:使用参数化查询来防止sql注入您需要使用OleDbAdapter
string connection = "your connection";
string query = "SELECT treatment FROM appointment WHERE patientid = " + text;
OleDbConnection conn = new OleDbConnection(connection);
OleDbDataAdapter adapter = new OleDbDataAdapter();
adapter.SelectCommand = new OleDbCommand(query, conn);
adapter.Fill(dataset);
方法从数据库检索单个值(例如,聚合值)
cmd1.Connection = GetConnection();
cmd1.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
if(cmd.ExecuteScalar()==null)
{
var treatment = cmd.ExecuteScalar();
}
其他方式:
try
{
cmd1.CommandText ="SELECT treatment FROM appointment WHERE patientid=@patientID";
cmd1.Parameters.AddWithValue("@patientID", this.DropDownList1.SelectedValue);
conn.Open();
SqlDataReader dr = cmd1.ExecuteReader();
while (dr.Read())
{
int PatientID = int.Parse(dr["treatment"]);
}
reader.Close();
((IDisposable)reader).Dispose();//always good idea to do proper cleanup
}
catch (Exception exc)
{
Response.Write(exc.ToString());
}
您的示例代码有很多错误
string sSQL = "SELECT treatment FROM appointment WHERE patientid = @patientId";
OleDbCommand cmd1 = new OleDbCommand(sSQL, GetConnection()); // This may be slight different based on what `GetConnectionReturns`, just put the connection string in the second parameter.
cmd1.Parameters.AddWithValue("@patientId", text);
SqlDataReader reader = cmd1.ExecuteReader();
string returnValue;
while(reader.Read())
{
returnValue = reader[0].ToString();
}
从避免“…NonQuery”方法开始。非查询意味着“执行此命令时不返回任何值”。使用ExecuteReader()获取datareader,并在datareaderSoner上调用Read(0)。您应该建议OP将其ExecuteReader()方法包装在try{catch@DJKRAZE好主意。更新。我要强调的是,从整体来看,这不是一个好的解决方案。它回答了这个问题,但没有解决sql注入问题。Cristoleg,他可以不用使用OLEDBADApter来完成这项工作。在您的示例中,Select语句在哪里?人力资源经理,在某个地方的翻译中丢失了它。我已经添加了它。Vishak,您正在发出cmd1.ExecuteReader()命令。如果返回的行数超过1行,您该怎么办。。?您不应该检查reader.HasRows还是在While循环中执行reader.Read()。。???您假设查询只返回1行,在这种情况下,您需要使用ExecuteScalar()并查看此链接,您有int PatientID=reader.GetOrdinal(“治疗”);读取下一条记录(如果有)的while循环在哪里?如何传回int PatientID=int.Parse(dr[“treatment”]);在Try是一个应在不同范围内声明的变量的外部无法访问..?+1表示干净的代码。。但我想问OP他打算如何返回PatientID,如果我们谈论的是Web应用程序或属性,您可能希望将其声明为会话[“PatientID”]或受保护的属性。。我不想假设,但我想这是一个Windows应用程序。这很好,但您假设OP的查询将始终返回1条记录。。此外,这不是一个很好的例子,说明如何回答OP的问题,为什么不将他的代码与工作解决方案粘贴在一起
string sSQL = "SELECT treatment FROM appointment WHERE patientid = @patientId";
OleDbCommand cmd1 = new OleDbCommand(sSQL, GetConnection()); // This may be slight different based on what `GetConnectionReturns`, just put the connection string in the second parameter.
cmd1.Parameters.AddWithValue("@patientId", text);
SqlDataReader reader = cmd1.ExecuteReader();
string returnValue;
while(reader.Read())
{
returnValue = reader[0].ToString();
}
SqlConnection dbConnect = new SqlConnection("your SQL connection string");
string name = " 'ProjectName' ";
string strPrj = "Select e.type, (e.surname +' '+ e.name) as fulln from dbo.tblEmployees e where id_prj = " + name;
SqlCommand sqlcmd = new SqlCommand(strPrj, dbConnect);
SqlDataAdapter sda = new SqlDataAdapter(strPrj, dbConnect);
ds = new DataSet();
sda.Fill(ds);
dbConnect.Open();
sqlcmd.ExecuteNonQuery();
dbConnect.Close();