在vb.net中添加记录并使用elseif检查记录是否存在
我是vb.net的新手。。事先非常抱歉。 谁能帮我一下我的另一行代码有什么问题吗在vb.net中添加记录并使用elseif检查记录是否存在,vb.net,Vb.net,我是vb.net的新手。。事先非常抱歉。 谁能帮我一下我的另一行代码有什么问题吗 Dim con As SqlConnection = New SqlConnection("Data Source=PC11-PC\kim;Initial Catalog=ordering;User ID=sa;Password=123") Dim cmd1 As SqlCommand = New SqlCommand("Select * from Customer", con) Dim
Dim con As SqlConnection = New SqlConnection("Data Source=PC11-PC\kim;Initial Catalog=ordering;User ID=sa;Password=123")
Dim cmd1 As SqlCommand = New SqlCommand("Select * from Customer", con)
Dim first1 As String
Dim second2 As String
first1 = "FirstName"
second2 = "LastName"
con.Open()
If TextBox1.Text = "" Or TextBox2.Text = "" Then
MsgBox("Please fill-up all fields!", MsgBoxStyle.Exclamation, "Add New Customer!")
'this will supposedly display error message for "User Already Exist"
' ElseIf textbox1.text = first1 and textbox2.text = second2 Then
' MsgBox("User Already Exist!", MsgBoxStyle.Exclamation, "Add New User!")
Else
Dim cmd As SqlCommand = New SqlCommand("Insert into [ordering].[dbo].[Customer] ([FirstName],[LastName]) values ('" + TextBox1.Text + "','" + TextBox2.Text + "')", con)
cmd.ExecuteNonQuery()
MsgBox("Records Successfully Added!", MsgBoxStyle.Information, "Add New Customer!")
TextBox1.Text = ""
TextBox2.Text = ""
con.Close()
End If
您需要通过执行
SELECT*fromcustomer
查询来检查用户是否已经存在,但您需要添加WHERE
子句,如下所示:
If TextBox1.Text = "" Or TextBox2.Text = "" Then
MsgBox("Please fill-up all fields!", MsgBoxStyle.Exclamation, "Add New Customer!")
Else
Dim theQuery As String = "SELECT * FROM Customer WHERE FirstName=@FirstName AND LastName=@LastName"
Dim cmd1 As SqlCommand = New SqlCommand(theQuery, con)
cmd1.Parameters.AddWithValue("@FirstName", TextBox1.Text)
cmd1.Parameters.AddWithValue("@LastName", TextBox2.Text)
Using reader As SqlDataReader = cmd1.ExecuteReader()
If reader.HasRows Then
' User already exists
MsgBox("User Already Exist!", MsgBoxStyle.Exclamation, "Add New User!")
Else
' User does not exist, add them
Dim cmd As SqlCommand = New SqlCommand("Insert into [ordering].[dbo].[Customer] ([FirstName],[LastName]) values ('" + TextBox1.Text + "','" + TextBox2.Text + "')", con)
cmd.ExecuteNonQuery()
MsgBox("Records Successfully Added!", MsgBoxStyle.Information, "Add New Customer!")
TextBox1.Text = ""
TextBox2.Text = ""
End If
End Using
con.Close()
End If
注意:我在
SELECT*
查询中添加了参数化查询的用法。您应该更喜欢参数化查询而不是内嵌SQL,因为它可以保护您的代码免受SQL注入攻击。永远不要信任用户键入的数据
事实上它是有效的。但是,当我输入一条现有记录时,它仍然会将该记录添加到数据库中,而不是显示一条错误消息“USER ready EXIST!”,您的elseif代码行只是检查文本框值是否等于“FirstName”和“LastName”,而不是检查它们是否存在于数据库中。如果您正在尝试这样做,您可以对DB运行select查询并查看是否得到结果,或者如果表上有唯一的约束,只要在出现约束错误时尝试插入并处理异常即可,我实际上分配了一个变量来保存FirstName和LastName的值,名为first1和second2。在那之后,我写了一个response.write,看看它是否显示了记录,它是否显示了。我想知道为什么它在其他条件下不起作用。先生,你能帮我为其他人创造一个条件吗?谢谢,卡尔先生。。与我在谷歌上搜索的其他代码相比,您的帮助很大,而且您的代码很容易理解@user3113490如果此答案回答了您的问题,请将其标记为“是”,那么其他搜索类似结果的人就会知道您的答案是有效的。@user3113490-当然没问题,很高兴它帮助了您。如果您愿意,请随时接受答案,并在可能的情况下对答案进行投票。:-)