c# - 我如何从gridview将数据插入数据库

Question

SqlConnection connStr = new SqlConnection ("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");

SqlCommand com;

protected void Button2_Click(object sender, EventArgs e)
{

SqlConnection connStr = new SqlConnection("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");
connStr.Open();
foreach  (GridViewRow g1 in GridView1.Rows) 
{
    com = new
    SqlCommand("INSERT INTO tblExmWrittn(Cirname,publishingDate,ApplicantId,Applicantname,HighestMrk,WrittnAchievMrk) VALUES( '" + row.Cells[0].Value.ToString(); + "', '" + row.Cells[1].Value.ToString();+ "' , '" + row.Cells[2].Value.ToString();+ "' ,'" + row.Cells[3].Value.ToString();+ "','" + row.Cells[4].Value.ToString();+ "' ,'" + row.Cells[5].Value.ToString();+ "','" + row.Cells[6].Value.ToString();+ "')", connStr);

    com.ExecuteNonQuery();
    connStr.Close();
}

Label1.Text = "Records inserted successfully"; 


}

Answer 1

尝试这个

SqlConnection connStr = new SqlConnection
    ("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");

SqlCommand com;
protected void Button2_Click(object sender, EventArgs e)
{
    SqlConnection connStr = new SqlConnection("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11");
    connStr.Open();
    foreach (DataGridViewRow row in dataGridView.SelectedRows) 
    {
        com = new
        SqlCommand("INSERT INTO tblExmWrittn(column1,column2....)  VALUES( '" + row.Cells[0].Value.ToString(); + "', '" + row.Cells[1].Value.ToString();+ "' , '" + row.Cells[2].Value.ToString();+ "' ,'" + row.Cells[3].Value.ToString();+ "','" + row.Cells[4].Value.ToString();+ "' ,'" + row.Cells[5].Value.ToString();+ "','" + row.Cells[6].Value.ToString();+ "')", connStr);

        com.ExecuteNonQuery();
        connStr.Close();
    }

    Label1.Text = "Records inserted successfully"; 

}

Answer 2

不要使用内联参数来构建 SQL 语句。

使用 SQL 参数并将数据访问和 UI 层分开。

您的表中有 int 值、字符串、日期时间值，但是您是否以正确的格式发送所有这些数据？（您不需要''int 值参数）

您可以通过使用 SQL 参数来避免所有这些。

请注意，您在循环中的第一行之后关闭连接，并且更新为下一行再次打开它。最好在所有行的末尾关闭连接。

我会为插入记录创建单独的方法，如下所示

public void InsertExamWrittn(int writtnId, string cirname, DateTime publishingDate, string applicantId, string applicantname, string highestMrk, string writtnAchievMrk)
{

    using (var con = new SqlConnection("Data Source=SERVER;Initial Catalog=HRPR;Persist Security Info=True;User ID=hr;Password=11"))
    using(var cmd= con.CreateCommand())
    {
        cmd.CommandText = "INSERT INTO tblExmWrittn (WrittnId, Cirname, publishingDate, ApplicantId, Applicantname, HighestMrk, WrittnAchievMrk) "+
                            "VALUES (@WrittnId, @Cirname, @publishingDate, @ApplicantId, @Applicantname, @HighestMrk, @WrittnAchievMrk)";
        cmd.Parameters.AddWithValue("@WrittnId", writtnId);
        cmd.Parameters.AddWithValue("@Cirname", cirname);
        cmd.Parameters.AddWithValue("@publishingDate", publishingDate);
        cmd.Parameters.AddWithValue("@ApplicantId", applicantId);
        cmd.Parameters.AddWithValue("@Applicantname", applicantname);
        cmd.Parameters.AddWithValue("@HighestMrk", highestMrk);
        cmd.Parameters.AddWithValue("@WrittnAchievMrk", writtnAchievMrk);
        con.Open();
        cmd.ExecuteNonQuery();
    }
}

从Button2_Click事件我会通过为每一行提供相关参数来调用这个方法