C# INSERT 数据从文本框到 Postgres SQL
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11237431/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
INSERT data from Textbox to Postgres SQL
提问by user1479013
I just learn how to connect C# and PostgresSQL. I want to INSERT data from tb1(Textbox) and tb2 to database. But I don't know how to code My previous code is SELECT from database. this is my code
我只是学习如何连接 C# 和 PostgresSQL。我想将数据从 tb1(Textbox) 和 tb2 插入数据库。但我不知道如何编码我以前的代码是从数据库中选择。这是我的代码
private void button1_Click(object sender, EventArgs e)
{
bool blnfound = false;
NpgsqlConnection conn = new NpgsqlConnection("Server=127.0.0.1;Port=5432;User Id=postgres;Password=admin123;Database=Login");
conn.Open();
NpgsqlCommand cmd = new NpgsqlCommand("SELECT * FROM login WHERE name='" + tb1.Text + "' and password = '" + tb2.Text + "'",conn);
NpgsqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
blnfound = true;
Form2 f5 = new Form2();
f5.Show();
this.Hide();
}
if (blnfound == false)
{
MessageBox.Show("Name or password is incorrect", "Message Box", MessageBoxButtons.OK, MessageBoxIcon.Exclamation, MessageBoxDefaultButton.Button1);
dr.Close();
conn.Close();
}
}
So please help me the code.
所以请帮我代码。
回答by Mike Christensen
First off, you need to use the ExecuteNonQuerymethod rather than ExecuteReadersince you're executing an INSERTrather than a SELECTstatement. So, something like:
首先,您需要使用ExecuteNonQuery方法而不是ExecuteReader因为您正在执行一个INSERT而不是一个SELECT语句。所以,像这样:
NpgsqlCommand cmd = new NpgsqlCommand("insert into table1 values(1, 1)", conn);
cmd.ExecuteNonQuery();
The ExecuteNonQuerymethod will also return the number of rows affected if that's important for you.
ExecuteNonQuery如果这对您很重要,该方法还将返回受影响的行数。
Second, you need to use SQL parameters rather than building an unsafe SQL string.
其次,您需要使用 SQL 参数而不是构建不安全的 SQL 字符串。
Use:
用:
cmd.Parameters.Add(new NpgsqlParameter("name", tb1.Text));
cmd.Parameters.Add(new NpgsqlParameter("pw", tb2.Text));
To add a parameter to your query. You can now refer to it in your INSERT statement with :nameor :pw, for example:
向您的查询添加参数。您现在可以在 INSERT 语句中使用:name或引用它:pw,例如:
NpgsqlCommand cmd = new NpgsqlCommand("insert into login (Name, Password) values(:name, :pw)", conn);
cmd.ExecuteNonQuery();
Lastly, you might be interested in using an ORMrather than executing raw SQL statements. I'd check into the .NET Entity Frameworkor Castle Active Record, which is built on NHibernate. These libraries will allow you to query, update, create and delete data within your database without writing the actual SQL statements involved. It's a great way to get started, and will simply your code quite a bit!
最后,您可能对使用ORM而不是执行原始 SQL 语句感兴趣。我会检查.NET Entity Framework或Castle Active Record,它是基于NHibernate构建的。这些库将允许您查询、更新、创建和删除数据库中的数据,而无需编写实际涉及的 SQL 语句。这是一个很好的入门方式,并且可以简化您的代码!
