如何从C#texbox更新mysql中的数据_C#_Mysql_Wpf

如何从C#texbox更新mysql中的数据

c# mysql wpf

如何从C#texbox更新mysql中的数据,c#,mysql,wpf,C#,Mysql,Wpf,我正试图通过以下方式更新mysql数据库中的数据： private void executeQuery(string insertQuery) { MySqlCommand dataCommand = new MySqlCommand(); using (MySqlConnection dataConnection = new MySqlConnection()) try

我正试图通过以下方式更新mysql数据库中的数据：

private void executeQuery(string insertQuery)
            {
                MySqlCommand dataCommand = new MySqlCommand();
                using (MySqlConnection dataConnection = new MySqlConnection())
                try
                    {
                        dataConnection.ConnectionString = @"server=localhost;user id=root; password=root; database=pop-sf40-database";
                        dataConnection.Open();
                        dataCommand = new MySqlCommand(insertQuery, dataConnection);
                        if (dataCommand.ExecuteNonQuery() == 1)
                        {
                            MessageBox.Show("Done.");
                        }
                        else
                        {
                            MessageBox.Show("Error.");
                        }
                    }
                    catch (Exception ex)
                    {
                        MessageBox.Show(ex.Message);
                    }
                    finally
                    {
                        dataConnection.Close();
                    }
            }

        private void btnUpdate_Click(object sender, RoutedEventArgs e)
        {
            using (MySqlConnection dataConnection = new MySqlConnection())
                try
                {
                    dataConnection.ConnectionString = @"server=localhost;user id=root; password=root; database=pop-sf40-database";
                    dataConnection.Open();
                    string updateQuery = "UPDATE `pop-sf40-database`.`salons` SET `id` = '"+ txtSalonId.Text + "', `name` = '" + txtSalonName.Text + "', `adress` = '" + txtSalonAdress.Text + "', `telephone` = '" + txtSalonTelephone.Text + "', `email` = '" + txtSalonEmail.Text + "', `web_site` = '" + txtSalonSite.Text + "', `tin` = '" + txtSalonTin.Text + "', `uid` = '" + txtSalonUid.Text + "', `bank_account` = '" + txtSalonBankAccount.Text + "', `deleted` = '" + 0 + "'";
                    executeQuery(updateQuery);
                }
                catch (MySqlException ex)
                {
                    MessageBox.Show(ex.ToString());
                }
                finally
                {
                    dataConnection.Close();
                }
            txtSalonId.Clear();
            txtSalonName.Clear();
            txtSalonAdress.Clear();
            txtSalonTelephone.Clear();
            txtSalonEmail.Clear();
            txtSalonBankAccount.Clear();
            txtSalonSite.Clear();
            txtSalonTin.Clear();
            txtSalonUid.Clear();
            txtSalonBankAccount.Clear();
        }

当然，数据库中的Id必须是唯一的。问题是：

例如，如果我在文本框中显示所有沙龙数据，并且只更改地址，它仍然会为ID主键抛出ECException。

您正在尝试更新更新SQL中的

ID

，并且

where

子句缺失，因此，实际上您正在将

salons

表中的所有记录更新为相同的

id

（在您的情况下为2），这就是显示错误的原因

您应该在update SQL的

where

子句中使用

id

，如：

string updateQuery = "UPDATE `pop-sf40-database`.`salons` SET `name` = '" + txtSalonName.Text + "', `adress` = '" + txtSalonAdress.Text + "', `telephone` = '" + txtSalonTelephone.Text + "', `email` = '" + txtSalonEmail.Text + "', `web_site` = '" + txtSalonSite.Text + "', `tin` = '" + txtSalonTin.Text + "', `uid` = '" + txtSalonUid.Text + "', `bank_account` = '" + txtSalonBankAccount.Text + "', `deleted` = '" + 0 + "' WHERE `id` = '"+ txtSalonId.Text + "'" ;

我可以建议你读一下吗？在我看来，一个没有解决明显的SQL注入漏洞的答案弊大于利。