如何在消息框中显示SQL数据库中的字段
我在VB上已经有了:如何在消息框中显示SQL数据库中的字段,sql,vb.net,sql-server-express,Sql,Vb.net,Sql Server Express,我在VB上已经有了: Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click Dim con As New SqlConnection Dim cmd As New SqlCommand Try con.ConnectionString = "Server=SISTEMAS\SQLEXPRESS;Database=UPC;Trusted_Connection=Yes" 'Coneccio
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim con As New SqlConnection
Dim cmd As New SqlCommand
Try
con.ConnectionString = "Server=SISTEMAS\SQLEXPRESS;Database=UPC;Trusted_Connection=Yes" 'Coneccion a la base de datos'"
con.Open()
cmd.Connection = con
cmd = New SqlCommand("SELECT * FROM UPC_Table WHERE UPCNumber='" & TextBox1.Text & "' AND Description= '" & TextBox2.Text & "'", con)
Dim numerorecord As Int32 = cmd.ExecuteScalar
If numerorecord > 0 Then
MsgBox("NUMERO DE UPC YA EXISTE")
Else
cmd.CommandText = "INSERT INTO UPC_Table (UPCNumber, Description) VALUES ('" & TextBox1.Text & "','" & TextBox2.Text & "')" 'Codigo para insertar UPC del text box a la base de datos'
cmd.ExecuteNonQuery()
MessageBox.Show("UPC Entrado")
End If
Catch ex As Exception
MessageBox.Show("Error..." & ex.Message, "Inserta el Record")
Finally
con.Close()
End Try
End Sub
我想在第一个消息框中为我带来一条来自SQL的记录。例如:
我在upc文本框upc 123456上输入,然后再次输入一个消息框,说upc 123456属于番茄酱,比如说番茄酱这来自SQL数据库我将做一些更改来实现这一点: 1在我的示例中,仅从数据库返回所需的列。将myFieldName更改为列的名称 2从查询中返回一个对象,并检查该对象是否有值,并相应地进行处理 修订后的代码如下
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim con As New SqlConnection
Dim cmd As New SqlCommand
Try
con.ConnectionString = "Server=SISTEMAS\SQLEXPRESS;Database=UPC;Trusted_Connection=Yes" 'Coneccion a la base de datos'"
con.Open()
cmd.Connection = con
cmd = New SqlCommand("SELECT myFieldName FROM UPC_Table WHERE UPCNumber='" & TextBox1.Text & "' AND Description= '" & TextBox2.Text & "'", con)
Dim val As Object = cmd.ExecuteScalar()
If val Is Nothing Then
cmd.CommandText = "INSERT INTO UPC_Table (UPCNumber, Description) VALUES ('" & TextBox1.Text & "','" & TextBox2.Text & "')" 'Codigo para insertar UPC del text box a la base de datos'
cmd.ExecuteNonQuery()
MessageBox.Show("UPC Entrado")
Else
MsgBox("The UPC is" & val)
End If
Catch ex As Exception
MessageBox.Show("Error..." & ex.Message, "Inserta el Record")
Finally
con.Close()
End Try
End Sub
更好地了解如何使用参数来避免sql注入。强制链接。