0

我有这个代码:

private void btnPotvrdi_Click(object sender, EventArgs e)
{
     SqlConnection con = new SqlConnection("Data Source=BCKPSRVR;Initial Catalog=protokol;Integrated Security=True");
     con.Open();
     SqlCommand sc = new SqlCommand("insert into Knjiga (Datum_prijema, Predmet, Posiljalac, Adresa_posiljaoca, Primaoc, Datum_proslijeda)  values ('" + dateTimePicker1.Value.ToString("yyyy-MM-dd") + "','" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "','" + dateTimePicker2.Value.ToString("yyyy-MM-dd") + "');", con);
     int o=sc.ExecuteNonQuery();
     MessageBox.Show(o + " :Podaci su unešeni");
     con.Close();
}

当我插入这个表时,我有一个名为 Osnovni_br 的 auto_increment int 主键列。如何在 MessageBox 或 MessageBox 中获取该列 (Osnovni_br) 的最后一个值?

4

1 回答 1

0 
//read about sql injection here http://www.codeproject.com/Articles/11020/SQL-injection-attacks
using (var conn = new SqlCeConnection("Data Source=BCKPSRVR;Initial Catalog=protokol;Integrated Security=True"))
      {
          conn.Open();
          using (var cmd = new SqlCeCommand())
          {
              cmd.Connection = conn;
              cmd.CommandText = "insert into Knjiga (Datum_prijema, Predmet, Posiljalac, Adresa_posiljaoca, Primaoc, Datum_proslijeda)  values (@Datum_prijema,@Predmet,@Posiljalac,@Adresa_posiljaoca,@Primaoc,@Datum_proslijeda);SELECT CAST(scope_identity() AS int)";
              cmd.Parameters.AddWithValue("Datum_prijema", dateTimePicker1.Value.ToString("yyyy-MM-dd"));
              //.... similarly add other values
              int id = (int)cmd.ExecuteScalar();
          }
      }
于 2014-04-10T07:21:07.317 回答