0

我是 Visual Studio 的新手,我想让用户在查询中输入一个值

即搜索我将使用的员工

Select * From Employee Where ID = (i want the user to enter the value here)

我已经连接了数据库,我知道我可以从文本框中获取值,但我真的不知道如何将该值直接放入查询中并立即调用它

4

1 回答 1

1

参数化相对简单。

Private Sub Button1_Click(sender As System.Object, e As System.EventArgs) Handles Button1.Click
    ExecuteSQL("Data Source=Server;Initial Catalog=Database;Persist Security Info=True;Integrated Security=True", _
               "Select * From Employee Where ID=@id",
               New SqlClient.SqlParameter("@id", 123))
End Sub

Public Function ExecuteSQL(ByVal Connection As String, _
                      ByVal SQL As String, _
                      ByRef Param As SqlClient.SqlParameter) As System.Data.DataTable
    Try
        Dim dt As System.Data.DataTable = Nothing
        Dim SqlRdr As SqlClient.SqlDataReader

        Using SqlConn As SqlClient.SqlConnection = New SqlClient.SqlConnection(Connection)
            Using SqlCmd As SqlClient.SqlCommand = New SqlClient.SqlCommand(SQL, SqlConn)
                SqlCmd.CommandType = CommandType.Text
                SqlCmd.Parameters.Add(Param)
                SqlConn.Open()
                SqlRdr = SqlCmd.ExecuteReader()
                Try
                    If SqlRdr.IsClosed = False AndAlso SqlRdr.HasRows = True Then
                        dt = New System.Data.DataTable
                        dt.BeginLoadData()
                        dt.Load(SqlRdr)
                        dt.EndLoadData()
                    End If
                Finally
                    If SqlRdr IsNot Nothing Then
                        SqlRdr.Close()
                    End If
                End Try
            End Using
        End Using

        Return dt
    Catch ex As Exception
        Return Nothing
    End Try
End Function
于 2012-02-01T16:17:32.070 回答