1. Add data using SQL statements
Insert...
Insert into tb_member (name, sex, place) values ('"+ textbox1.text +"', '"+ textbox2.text +"' and nplace = '"+ textbox3.text + "'");
Note that the inserted data is duplicated.
Public int getconut ()
{
Sqlconnection con = new sqlconnection ("Data Source = (local); database = fangdawei; uid = sa; Pwd = ;");
Con. open ();
String STR = "select * From tb_member where name = '" + textbox1.text + "' and sex = '" + textbox2.text + "' and place = '" + textbox3.text + "'";
Sqlcommand COM = new sqlcommand (STR, con );
Int intcont = convert. toint32 (COM. executescalar ());
Con. Close ();
Com. Clone ();
Return intcont;
}
The "add" button click event code is as follows.
Protected void button#click (Object sender, eventargs E)
{
If (getconut ()! = 0) // determine whether the same record is added
{
Response. Write ("alert ('Sorry! The same record cannot be entered! ')");
}
Else
{
Try
{
Sqlconnection sqlcon = new sqlconnection ("Data Source = (local); database = fangdawei; uid = sa; Pwd = ;");
Sqlcon. open ();
String insertsql = "insert into tb_member (name, sex, nplace) values ('" + textbox1.text + "', '" + textbox2.text + "', '" + textbox3.text + "') ";
Sqlcommand COM = new sqlcommand (insertsql, sqlcon );
Com. executenonquery ();
Sqldataadapter Ada = new sqldataadapter ("select * From tb_member", sqlcon );
Dataset DS = new dataset ();
Ada. Fill (DS, "tb_member ");
Gridview1.datasource = Ds;
Gridview1.databind ();
Sqlcon. Close ();
Response. Write ("alert ('added successfully! ')");
}
Catch (exception ex)
{
Response. Write ("ex. Message. tostring ()");
}
}
}
II,
Use the sqlparameter parameter to add
Nsert into tb_bookinfo (bookname, bookintroduce, bookprice, bookisnew) values (@ bookname, @ bookintroduce, @ bookprice, @ bookisnew)
The "add info" button click event code is as follows:
Protected void button#click (Object sender, eventargs E)
{
Sqlconnection con = new sqlconnection ("Data Source = (local); database = fangdawei; uid = sa; Pwd = ;");
Con. open ();
String STR = "select count (*) from tb_bookinfo where bookname = '" + textbox1.text. tostring () + "'";
Sqlcommand COM = new sqlcommand (STR, con );
Int intcont = convert. toint32 (COM. executescalar ());
If (intcont> 0) // determines whether the same records exist in the database.
{
Response. Write ("alert ('Sorry! The same record cannot be entered! ')");
}
Else
{
Try
{
// INSERT command
String sqlstr = "insert into tb_bookinfo (bookname, bookintroduce, bookprice, bookisnew) values (@ bookname, @ bookintroduce, @ bookprice, @ bookisnew )";
Sqlcommand mycom = new sqlcommand (sqlstr, con );
// Add Parameters
Mycom. Parameters. Add (New sqlparameter ("@ bookname", sqldbtype. varchar, 50 ));
Mycom. Parameters. Add (New sqlparameter ("@ bookintroduce", sqldbtype. varchar, 50 ));
Mycom. Parameters. Add (New sqlparameter ("@ bookprice", sqldbtype. Money, 8 ));
Mycom. Parameters. Add (New sqlparameter ("@ bookisnew", sqldbtype. Char, 10 ));
// Assign a value to the parameter
Mycom. Parameters ["@ bookname"]. value = textbox1.text;
Mycom. Parameters ["@ bookintroduce"]. value = textbox2.text;
Mycom. Parameters ["@ bookprice"]. value = convert. todecimal (textbox3.text );
Mycom. Parameters ["@ bookisnew"]. value = dropdownlist1.selectedvalue. tostring ();
// Execute the add statement
Mycom. executenonquery ();
Con. Close ();
Binddata ();
Response. Write ("alert ('added successfully! ')");
}
Catch (exception ex)
{
Response. Write (ex. messgae. tostring ());
}
}
}
III,
The stored procedure can filter illegal characters in SQL statements and compile them on the server directly during creation. Therefore, the execution speed is faster than that of a single SQL statement. Adding data in a stored procedure can improve the execution efficiency of the program and facilitate future maintenance.
Create procedure probookinfo
(@ Bookname [varchar] (50 ),
@ Bookintroduce [varchar] (50 ),
@ Bookprice [money],
@ Bookisnew [varchar] (50 ))
As insert into [fangdawei]. [DBO]. [tb_bookinfo] (
[Bookname],
[Bookintroduce],
[Bookprice],
[Bookisnew])
Values (
@ Bookname,
@ Bookintroduce,
@ Bookprice,
@ Bookisnew)
Go
The "add info" button click event code is as follows:
Protected void button#click (Object sender, eventargs E)
{
Sqlconnection myconn = new sqlconnection ("Server = (local); database = fangdawei; uid = sa; Pwd = ");
// Open the link
Myconn. open ();
String STR = "select count (*) from tb_bookinfo where bookname = '" + textbox1.text. tostring () + "'";
// Create a sqlcommand object
Sqlcommand COM = new sqlcommand (STR, myconn );
Int intcont = convert. toint32 (COM. executescalar ());
If (intcont> 0)
{
Response. Write ("alert ('Sorry! The same record cannot be entered! ')");
}
Else
{
Try
{
Sqlcommand mycom = new sqlcommand ("probookinfo", myconn );
// Call the Stored Procedure
Mycom. commandtype = commandtype. storedprocedure;
// Add Parameters
Sqlparameter [] prams = {
New sqlparameter ("@ bookname", sqldbtype. varchar, 50 ),
New sqlparameter ("@ bookintroduce", sqldbtype. varchar, 50 ),
New sqlparameter ("@ bookprice", sqldbtype. Money, 8 ),
New sqlparameter ("@ bookisnew", sqldbtype. Char, 10 ),
};
// Assign a value to the parameter
Prams [0]. value = textbox1.text;
Prams [1]. value = textbox2.text;
Prams [2]. value = convert. todecimal (textbox3.text );
Prams [3]. value = dropdownlist1.selectedvalue. tostring ();
Foreach (sqlparameter parameter in prams)
{
Mycom. Parameters. Add (parameter );
}
// Execute the SQL statement
Mycom. executenonquery ();
Myconn. Close ();
Binddata ();
Response. Write ("alert ('added successfully! ')");
}
Catch (exception ex)
{
Response. Write (ex. Message. tostring ());
}
}
}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
