我正在为我的项目开发购物车,但在如何检索 orderid 并将其插入另一个表时遇到了麻烦。
我在 sql server 中有两个表
Order
orderid (PK) | date| orderstatus| name| shippingaddress| contactnumber| totalprice| customerid|
Order_book
orderid (PK) | ISBN (PK)| quantity
我想从订单表中检索 orderid 并将其插入 order_book,每当订单提交到数据库时,订单表中的 orderid 是一个增量为 1 的标识 int。
使用 c# 从一个表到另一个表同时检索和插入的最佳选项是什么?
谢谢。
代码::
protected void checkout_Click(object sender, EventArgs e)
{
SQLInjection sql = new SQLInjection();
String name;
String address;
int contactnumber;
if (newaddresspanel.Visible == true)
{
name = sql.SafeSqlLiteral(NameLabel.Text, 2);
address = Address1.Text + " " + Address2.Text + "," + PostalCode.Text + "," + State.SelectedItem.Value;
contactnumber = int.Parse(Telephone1.SelectedItem.Value) + int.Parse(Telephone2.Text);
insertDetails(name, address, contactnumber);
}
else if (defaultaddresspanel.Visible)
{
SqlConnection myConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["BookWormDBConnectionString"].ConnectionString);//connect to database
SqlCommand bindDetails = new SqlCommand("SELECT NAME, ADDRESS, TELEPHONE_NUMBER FROM CUSTOMER WHERE CUSTOMERID = @username", myConnection);
bindDetails.Parameters.Add("@username", SqlDbType.VarChar);
bindDetails.Parameters["@username"].Value = username;
try
{
myConnection.Open();
SqlDataReader reader = bindDetails.ExecuteReader();
while (reader.Read())
{
name = reader["NAME"].ToString();
address = reader["ADDRESS"].ToString();
contactnumber = int.Parse(reader["TELEPHONE_NUMBER"].ToString());
insertDetails(name, address, contactnumber);
}
reader.Dispose();
myConnection.Close();
}
catch (SqlException se)
{
}
}
try
{
cart = (DataTable)HttpContext.Current.Session["Cart"];
foreach (DataRow dr in cart.Rows)
{
int isbn = int.Parse(dr["ISBN"].ToString());
int quantity = int.Parse(dr["quantity"].ToString());
insertOrderbook(isbn, quantity);
}
}
catch (Exception ae)
{
Response.Write(ae.Message);
}
插入订单:“失败”
protected void insertOrderbook(int isbn, int quantity)
{
int orderid;
SqlConnection myConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["BookWormDBConnectionString"].ConnectionString);//connect to database
SqlCommand orderId = new SqlCommand("SELECT SCOPE_IDENTITY() FROM ORDERBOOK", myConnection);
try
{
myConnection.Open();
orderid = int.Parse(orderId.ExecuteScalar().ToString());
SqlCommand insertOrderBook = new SqlCommand("INSERT INTO ORDERBOOK_BOOK (ISBN, ORDERID, QUANTITY) VALUES (@isbn, @orderid, @quantity)", myConnection);
insertOrderBook.Parameters.Add("@isbn", SqlDbType.Int);
insertOrderBook.Parameters["@isbn"].Value = isbn;
insertOrderBook.Parameters.Add("@orderid", SqlDbType.Int);
insertOrderBook.Parameters["@orderid"].Value = orderid;
insertOrderBook.Parameters.Add("@quantity", SqlDbType.Int);
insertOrderBook.Parameters["@quantity"].Value = quantity;
insertOrderBook.ExecuteNonQuery();
myConnection.Close();
}
catch (SqlException se)
{
Response.Write(se.Message);
}
}
插入订单详情::
protected void insertDetails(string name, string address, int contactnumber)
{
SqlConnection myConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["BookWormDBConnectionString"].ConnectionString);//connect to database
SqlCommand orderDetails = new SqlCommand("INSERT INTO ORDERBOOK (DATE, ORDERSTATUS, TOTALPRICE, SHIPPING_ADD, CUSTOMERID, NAME, CONTACTNUMBER) VALUES (@date, @orderstatus, @totalprice, @shippingadd, @username, @name, @contactnumber)", myConnection);
orderDetails.Parameters.Add("@date", SqlDbType.DateTime);
orderDetails.Parameters["@date"].Value = getTime();
orderDetails.Parameters.Add("@orderstatus", SqlDbType.VarChar);
orderDetails.Parameters["@orderstatus"].Value = "Order Processing";
orderDetails.Parameters.Add("@totalprice", SqlDbType.Decimal);
orderDetails.Parameters["@totalprice"].Value = totalPrice;
orderDetails.Parameters.Add("@shippingadd", SqlDbType.VarChar);
orderDetails.Parameters["@shippingadd"].Value = address;
orderDetails.Parameters.Add("@name", SqlDbType.VarChar);
orderDetails.Parameters["@name"].Value = name;
orderDetails.Parameters.Add("@contactnumber", SqlDbType.Int);
orderDetails.Parameters["@contactnumber"].Value = contactnumber;
orderDetails.Parameters.Add("@username", SqlDbType.VarChar);
orderDetails.Parameters["@username"].Value = username;
try {
myConnection.Open();
orderDetails.ExecuteNonQuery();
myConnection.Close();
}
catch ( SqlException se)
{
}
}
错误:输入字符串的格式不正确
我试图调试它,不知何故,orderid 显示 0