SQL行更新不能在c#中工作

本文关键字:工作 不能 更新 SQL | 更新日期: 2023-09-27 18:16:25

我不知道为什么下面的代码没有更新我的GridView和MySQL数据库。有没有人能给我一些建议,告诉我哪里做得不对?

protected void GridView1_RowUpdating(object sender, GridViewUpdateEventArgs e)
    {
        connection();
        GridViewRow row = GridView1.Rows[e.RowIndex];
        Label lblID = (Label)row.FindControl("lblID");
        TextBox textName = (TextBox)row.Cells[3].Controls[0];
        TextBox textadd = (TextBox)row.Cells[4].Controls[0];
        TextBox textc = (TextBox)row.Cells[5].Controls[0];
        String query = "update employeeDB set [First Name:]='" + textName.Text + "', [Last Name:]='" + textadd.Text + "', [Email:]='" + textc.Text + "' where id='" + lblID + 1 + "'";
        SqlCommand com = new SqlCommand(query, con);        
        SqlDataReader dr;
        dr = com.ExecuteReader();
        GridView1.EditIndex = -1;
        bind();
    }

这是我的bind方法:

private void bind()
{
    connection();
    string query = "select * from employeeDB where [Last Name:] like'" + TextBox1.Text + "%'";
    SqlDataAdapter da = new SqlDataAdapter(query, con);
    DataSet ds = new DataSet();
    da.Fill(ds);
    GridView1.DataSource = ds;
    GridView1.DataBind();
}

SQL行更新不能在c#中工作

Replace

dr = com.ExecuteReader();

com.ExecuteNonQuery();

ExecuteReader用于SELECT查询。

另外,在实际应用程序中,您不应该像这样构建sql字符串。使用SqlParameter来避免sql注入和许多其他错误。

GridViewRow row = GridView1.Rows[e.RowIndex];
            Label lblID = (Label)row.FindControl("lblID");
            TextBox textName = (TextBox)row.Cells[3].Controls[0];
            TextBox textadd = (TextBox)row.Cells[4].Controls[0];
            TextBox textc = (TextBox)row.Cells[5].Controls[0];
            /*are you sure column names are like [First Name:],[Last Name:] and [Email:] in the table*/
            /*Syntax for update command should be like this "UPDATE TableName SET ColumnName1=@Parameter1, ColumnName2=@Parameter2 ....
             * WHERE ColumnName=@ParameterName"
             */
            String query = "update employeeDB set [First Name:]=@FirstName, [Last Name:]=@LastName, [Email:]=@Email where id=@id";
            SqlCommand com = new SqlCommand(query, con);
            com.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = textName.Text;
            com.Parameters.Add("@LastName", SqlDbType.VarChar).Value = textadd.Text;
            com.Parameters.Add("@Email", SqlDbType.VarChar).Value = textc.Text;
            com.Parameters.Add("@id", SqlDbType.Int).Value = Convert.ToInt32(lblID.Text) + 1;
            con.Open();
            com.ExecuteNonQuery();
            con.Close();
            GridView1.EditIndex = -1;
            bind();
        }

你应该这样做

//从会话对象中检索表。DataTable dt = (DataTable)Session["TaskTable"];

//Update the values.
GridViewRow row = TaskGridView.Rows[e.RowIndex];
dt.Rows[row.DataItemIndex]["Id"] = ((TextBox)(row.Cells[1].Controls[0])).Text;
dt.Rows[row.DataItemIndex]["Description"] = ((TextBox)(row.Cells[2].Controls[0])).Text;
dt.Rows[row.DataItemIndex]["IsComplete"] = ((CheckBox)(row.Cells[3].Controls[0])).Checked;
//Reset the edit index.
TaskGridView.EditIndex = -1;
//Bind data to the GridView control.
BindData();

你现在得到了什么?异常还是没有错误,什么都没发生?要检查的事情是db连接字符串-确保您的连接字符串指向您的目标数据库。其次,我想指出的是,查询是开放的sql注入攻击(你需要考虑的事情-如果你要使用它的生产代码)。第三,bind方法中有什么?它试图绑定什么数据源,使用什么控件?从示例代码本身来看,似乎没有从db返回任何数据。

更新:顺便说一下,冒号应该在你的查询中吗?例如,查看名字后面的冒号([first name:])字符串查询= "update employeeDB set [first name:]='" + textName。Text + "',[姓:]='" + textadd.;文本+"',[Email:]='"+文本。Text + "' where id='" + lblID + 1 + "'";