我试图自己参数化我的代码,我想我可能已经破坏了它。现在我可以让我的应用程序将记录插入到我的数据库中。任何人都可以查看此代码并告诉我我缺少什么吗?
编辑:我修改了我的代码,按照建议删除了 dbCmd.Dispose() 和 dbConn.Close() 方法。现在VB在调试@ dbCmd.ExecuteNonQuery() 行期间抛出以下异常:
列计数与第 1 行的值计数不匹配
这是我的代码:
Private Sub addCard()
Dim ConnectionString As String = String.Format("Server={0};Port={1};Uid={2};Password={3};Database=accounting", FormLogin.ComboBoxServerIP.SelectedItem, My.Settings.DB_Port, My.Settings.DB_UserID, My.Settings.DB_Password)
Using dbConn As New MySqlConnection(ConnectionString)
dbConn.Open()
'PERFORM CARD ENCRYPTION
Call encryptCard()
'PERFORM DATABASE SUBMISSION
Dim dbQuery As String = "INSERT INTO cc_master (ccType, cardholderFirstname, cardholderLastname, cardholderSalutation, ccLocation, " & _
"ccNumber, ccExpireMonth, ccExpireYear, ccZipcode, ccCode, ccAuthorizedUseStart, ccAuthorizedUseEnd, " & _
"dateAdded, addedBy, customer_accountNumber)" & _
"VALUES(@ccType, @cardholderFirstname, @cardholderLastname, @cardholderSalutation, @ccLocation, " & _
"@ccNumber, @ccExpireMonth, @ccExpireYear, @ccZipcode, @ccCode, @ccAuthorizedUseStart, @ccAuthorizedUseEnd " & _
"@dateAdded, @addedBy, @accountNumber)"
Using dbCmd As New MySqlCommand
With dbCmd
.Connection = dbConn
.CommandType = CommandType.Text
.CommandText = dbQuery
.Parameters.AddWithValue("@ccType", ComboBoxCardType.Text)
.Parameters.AddWithValue("@cardholderFirstname", TextBoxFirstName.Text)
.Parameters.AddWithValue("@cardholderLastname", TextBoxLastName.Text)
.Parameters.AddWithValue("@cardholderSalutation", ComboBoxSalutation.Text)
.Parameters.AddWithValue("@ccLocation", TextBoxLocation.Text)
.Parameters.AddWithValue("@ccNumber", encryptedCard)
.Parameters.AddWithValue("@ccExpireMonth", TextBoxExpireMonth.Text)
.Parameters.AddWithValue("@ccExpireYear", TextBoxExpireYear.Text)
.Parameters.AddWithValue("@ccZipcode", TextBoxZipCode.Text)
.Parameters.AddWithValue("@ccCode", TextBoxCVV2.Text)
.Parameters.AddWithValue("@ccAuthorizedUseStart", Format(DateTimePickerStartDate.Value, "yyyy-MM-dd HH:MM:ss"))
.Parameters.AddWithValue("@ccAuthorizedUseEnd", Format(DateTimePickerEndDate.Value, "yyyy-MM-dd HH:MM:ss"))
.Parameters.AddWithValue("@dateAdded", Format(DateTime.Now, "yyyy-MM-dd HH:MM:ss"))
.Parameters.AddWithValue("@addedBy", FormLogin.TextBoxUsername.Text)
.Parameters.AddWithValue("@accountNumber", TextBoxAccount.Text)
End With
Try
Dim affectedRow As Integer
affectedRow = dbCmd.ExecuteNonQuery()
If affectedRow > 0 Then
MsgBox("Credit/Debit Card Information Saved SUCCESSFULLY!", MsgBoxStyle.Information, "RECORD SAVED")
ButtonReset.PerformClick()
Else
MsgBox("Payment Card Was Not Added!", MsgBoxStyle.Critical, "ATTENTION")
End If
Catch ex As Exception
MessageBox.Show("A DATABASE ERROR HAS OCCURED" & vbCrLf & vbCrLf & ex.Message & vbCrLf & _
vbCrLf + "Please report this to the IT/Systems Helpdesk at Ext 131.")
End Try
dbCmd.Dispose()
End Using
End Using
dbConn.Close()
End Sub
修改后的代码 - 现在抛出异常:
Private Sub addCard()
Dim ConnectionString As String = String.Format("Server={0};Port={1};Uid={2};Password={3};Database=accounting", FormLogin.ComboBoxServerIP.SelectedItem, My.Settings.DB_Port, My.Settings.DB_UserID, My.Settings.DB_Password)
Using dbConn As New MySqlConnection(ConnectionString)
'PERFORM CARD ENCRYPTION
Call encryptCard()
'PERFORM DATABASE SUBMISSION
Dim dbQuery As String = "INSERT INTO cc_master (ccType, cardholderFirstname, cardholderLastname, cardholderSalutation, ccLocation, " & _
"ccNumber, ccExpireMonth, ccExpireYear, ccZipcode, ccCode, ccAuthorizedUseStart, ccAuthorizedUseEnd, " & _
"dateAdded, addedBy, customer_accountNumber)" & _
"VALUES(@ccType, @cardholderFirstname, @cardholderLastname, @cardholderSalutation, @ccLocation, " & _
"@ccNumber, @ccExpireMonth, @ccExpireYear, @ccZipcode, @ccCode, @ccAuthorizedUseStart, @ccAuthorizedUseEnd " & _
"@dateAdded, @addedBy, @accountNumber)"
Using dbCmd As New MySqlCommand
With dbCmd
.Connection = dbConn
.CommandType = CommandType.Text
.CommandText = dbQuery
.Parameters.AddWithValue("@ccType", ComboBoxCardType.Text)
.Parameters.AddWithValue("@cardholderFirstname", TextBoxFirstName.Text)
.Parameters.AddWithValue("@cardholderLastname", TextBoxLastName.Text)
.Parameters.AddWithValue("@cardholderSalutation", ComboBoxSalutation.Text)
.Parameters.AddWithValue("@ccLocation", TextBoxLocation.Text)
.Parameters.AddWithValue("@ccNumber", encryptedCard)
.Parameters.AddWithValue("@ccExpireMonth", TextBoxExpireMonth.Text)
.Parameters.AddWithValue("@ccExpireYear", TextBoxExpireYear.Text)
.Parameters.AddWithValue("@ccZipcode", TextBoxZipCode.Text)
.Parameters.AddWithValue("@ccCode", TextBoxCVV2.Text)
.Parameters.AddWithValue("@ccAuthorizedUseStart", Format(DateTimePickerStartDate.Value, "yyyy-MM-dd HH:MM:ss"))
.Parameters.AddWithValue("@ccAuthorizedUseEnd", Format(DateTimePickerEndDate.Value, "yyyy-MM-dd HH:MM:ss"))
.Parameters.AddWithValue("@dateAdded", Format(DateTime.Now, "yyyy-MM-dd HH:MM:ss"))
.Parameters.AddWithValue("@addedBy", FormLogin.TextBoxUsername.Text)
.Parameters.AddWithValue("@accountNumber", TextBoxAccount.Text)
End With
Try
dbConn.Open()
dbCmd.ExecuteNonQuery()
Dim affectedRow As Integer
affectedRow = dbCmd.ExecuteNonQuery()
If affectedRow > 0 Then
MsgBox("Credit/Debit Card Information Saved SUCCESSFULLY!", MsgBoxStyle.Information, "RECORD SAVED")
ButtonReset.PerformClick()
Else
MsgBox("Payment Card Was Not Added!", MsgBoxStyle.Critical, "ATTENTION")
End If
Catch ex As Exception
MessageBox.Show("A DATABASE ERROR HAS OCCURED" & vbCrLf & vbCrLf & ex.Message & vbCrLf & _
vbCrLf + "Please report this to the IT/Systems Helpdesk at Ext 131.")
End Try
End Using
End Using
End Sub