Vb.net SQL命令未将datagrid中的所有值插入数据库,
我正在尝试将gridview数据传递到数据库中。我遇到的问题是,并非gridview中的所有数据都进入了数据库。执行messagebox时,只显示进入的名称列。这是我的密码Vb.net SQL命令未将datagrid中的所有值插入数据库,,vb.net,Vb.net,我正在尝试将gridview数据传递到数据库中。我遇到的问题是,并非gridview中的所有数据都进入了数据库。执行messagebox时,只显示进入的名称列。这是我的密码 Protected Sub Button2_Click1(sender As Object, e As EventArgs) Handles Button2.Click Dim sc As StringCollection = New StringCollection Dim field1 As String
Protected Sub Button2_Click1(sender As Object, e As EventArgs) Handles Button2.Click
Dim sc As StringCollection = New StringCollection
Dim field1 As String = String.Empty
Dim i As Integer = 0
Do While (i < GridView1.Rows.Count)
field1 = GridView1.Rows(i).Cells(0).Text
i = (i + 1)
Loop
' get the field to be Inserted
sc.Add(field1)
' add the field to be Inserted in the StringCollection
InsertRecords(sc)
' call method for insert and pass the StringCollection values
End Sub
Dim conn As MySqlConnection = New MySqlConnection("Server=****************;Database=******;Uid=*******;Pwd=****;allow user variables=true")
Dim sb As StringBuilder = New StringBuilder(String.Empty)
For Each item As String In sc
Const sqlStatement As String = "INSERT INTO student(name, age, adress) VALUES ("
sb.AppendFormat("{0}'{1}' ", sqlStatement, item)
Next
sb.Append(")")
MsgBox(sb.ToString)
Try
conn.Open()
Dim cmd As MySqlCommand = New MySqlCommand(sb.ToString, conn)
cmd.CommandType = CommandType.Text
cmd.ExecuteNonQuery()
Catch ex As System.Data.SqlClient.SqlException
Dim msg As String = "Insert Error:"
msg = (msg + ex.Message)
Throw New Exception(msg)
Finally
conn.Close()
End Try
End Sub
受保护的子按钮2\u Click1(发送者作为对象,e作为事件参数)处理按钮2。单击
Dim sc As StringCollection=新建StringCollection
Dim field1作为字符串=字符串。空
尺寸i为整数=0
执行时(i
不要连接字符串来创建sql命令,而是使用参数来主要避免sql注入
Const sqlStatement As String = "INSERT INTO student(name, age, adress) VALUES (?Pname,?Page,?Padress)"
Try
Using con = New MySqlConnection(connectionString)
con.Open()
For Each item In sc
Using cmd = New MySqlCommand(sqlStatement, con)
cmd.Parameters.AddWithValue("?Pname", item.Name)
cmd.Parameters.AddWithValue("?Page", item.Page)
cmd.Parameters.AddWithValue("?Padress", item.Padress)
cmd.ExecuteNonQuery()
End Using
Next
End Using
Catch ex As System.Data.SqlClient.SqlException
' log message '
Throw ' don't use throw new Exception or throw ex '
End Try
请注意,我使用了
sc
,就像一个具有所有所需属性的自定义类的集合。但是,即使这是不正确的,它也应该让您了解它是如何工作的。不要连接字符串来创建sql命令,而要使用参数。请您举例说明什么是sc
,执行命令的代码在哪里?Tim我刚刚更新了我的codeYes,但再次,什么是sc
?@Steve:我忘了添加我的sql语句;)谢谢大家,我要试一试。非常感谢!!我现在遇到的问题是paramater部分中的Pname不是string@user1712552:那么你应该告诉我它是什么类型的。例如,您可以将其转换为int:int.Parse(stringValue)
等。我不明白。这就是我现在正在做的cmd.Parameters.AddWithValue(“?Pname”,item.name),当我砰的一声,在im get error中,item.name下面有一条蓝线。将鼠标悬停在其上方时,会显示“name”不是“String”的成员。