尝试将数据插入SQL Server数据库时打开连接问题

时间:2021-12-20 14:51:40

I have created a Main form with password request to login to next form depend on a username. Now here I have made another form with tabs. One tab for inserting data, other one for checking data.

我创建了一个带有密码请求的主表单,以便根据用户名登录到下一个表单。现在我在这里制作了另一个带标签的表格。一个用于插入数据的选项卡,另一个用于检查数据。

I have create the form like this Picture

我已经创建了像这张图片的表格

This is my code:

这是我的代码:

`

`

namespace Kartice
{
    public partial class Matjaz : Form
    {
    //   string KarticaMString = "Data Source=hostname;Initial Catalog=mydatabase;uid=uid;pwd=pwd;Integrated Security=True;";
      // SqlConnection KarticaM = new SqlConnection();
        public Matjaz()
        {
            InitializeComponent();
        }

    private void karticaMBindingNavigatorSaveItem_Click(object sender, EventArgs e)
    {
    }

    private void usersBindingNavigatorSaveItem_Click(object sender, EventArgs e)
    {
    }

    private void usersBindingNavigatorSaveItem_Click_1(object sender, EventArgs e)
    {
    }

    private void karticaMBindingNavigatorSaveItem_Click_1(object sender, EventArgs e)
    {
    }

    private void Matjaz_Load(object sender, EventArgs e)
    {
        // TODO: This line of code loads data into the 'kartice1.KarticaM' table. You can move, or remove it, as needed.
        this.karticaMTableAdapter.Fill(this.kartice1.KarticaM);

    }

    private void tabPage1_Click(object sender, EventArgs e)
    {

    }

    private void ExitBtn_Click(object sender, EventArgs e)
    {
        Application.Exit();

    }

    private void InsertBtn_Click(object sender, EventArgs e)
    {
        string Sqlquery = null;
       string  KarticaMString = null;

        using (SqlConnection conn = new SqlConnection(KarticaMString))
        {
            {
                Sqlquery = "INSERT INTO KarticaM (DateInsert, DateTransaction, Value, Purpose, DepositLift) VALUES (" + DateInsertPicker.Value + "," + DateTransactionPicker.Value + "," + ValueTxt.Text + "," + PurposeTxt.Text + "," + DepositLiftCombobox.SelectedText + ")";
                conn.Open();
                using (SqlCommand cmd = new SqlCommand(Sqlquery, conn))
                {
                    cmd.Parameters.Add("@DateInsert", SqlDbType.DateTime).Value = DateInsertPicker.Value;
                    cmd.Parameters.Add("@DateTransaction", SqlDbType.DateTime).Value = DateTransactionPicker.Value;
                    cmd.Parameters.Add("@Value", SqlDbType.Money).Value = ValueTxt.Text;
                    cmd.Parameters.Add("@Purpose", SqlDbType.Text).Value = PurposeTxt.Text;
                    cmd.Parameters.Add("DepositLift", SqlDbType.Text).Value = DepositLiftCombobox.SelectedValue;

                    cmd.ExecuteNonQuery();
                    cmd.Connection = conn;
                }
                conn.Close();
            }
        }

    }
  }
}

I got this error :( Error

我收到了这个错误:(错误

2 个解决方案

#1


3  

Though your major or first Problem is ConnectionString is null, i could also find other errors from your code:

虽然你的主要或第一个问题是ConnectionString为null,我也可以从你的代码中找到其他错误:

1. Your ConnectionString is null .

1.您的ConnectionString为空。

 string  KarticaMString = null;//assign your connection string here    
 using (SqlConnection conn = new SqlConnection(KarticaMString))

Solution:

解:

assign the proper Connection String before assigning it to the SqlConnection object.

在将其分配给SqlConnection对象之前,请分配正确的连接字符串。

Example:

例:

string  KarticaMString = "Data Source=hostname;Initial   
Catalog=mydatabase;uid=uid;pwd=pwd;Integrated Security=True";

2. your Insert Into Statement can be attacked using SQL Injection.
Solution: Use Parametrised Queries.

2.使用SQL注入可以攻击您的Insert Into Statement。解决方案:使用参数化查询。

3. though you are assigning parameters using SqlCommand.Parameters.AddWithValue() they will not be reflected to your sql statement untill unless you specify those parameters in the sql statement.

3.虽然您使用SqlCommand.Parameters.AddWithValue()分配参数,但除非您在sql语句中指定这些参数,否则它们不会反映到您的sql语句中。

Solution: first add the parameters in insert into statement then add the values to the respective parameters using SqlCommand.Parameters.AddWithValue() statement.

解决方案:首先在insert语句中添加参数,然后使用SqlCommand.Parameters.AddWithValue()语句将值添加到相应的参数中。

4. you are assigning the SqlConnection object after calling the ExecuteNonQuery() Statement. Solution: Not Required as you have already done it before.

4.在调用ExecuteNonQuery()语句后分配SqlConnection对象。解决方案:不需要,因为您之前已经完成了。

5. suggestion: what i feel is you dont need to close the SqlConnection object explicitly as you have declared it inside the using{} block, object Disposal willbe taken care by using block Solution: Remove the statement conn.Close();

5.建议:我觉得你不需要显式关闭SqlConnection对象,因为你已经在using {}块中声明它,对象Disposal将通过使用块解决方案解决方法:删除语句conn.Close();

Final Solution

最终解决方案

private void InsertBtn_Click(object sender, EventArgs e)
    {
       string Sqlquery = null;
       string  KarticaMString = "@Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Bojan\Desktop\Programiranje\School‌​\Kartice\Kartice\Kartice.mdf;Integrated Security=True;User Instance=True";

        using (SqlConnection conn = new SqlConnection(KarticaMString))
        {

                Sqlquery = "INSERT INTO KarticaM (DateInsert, DateTransaction, Value, Purpose, DepositLift) VALUES (@DateInsert,@DateTransaction,@Value,@Purpose,@DepositLift)";
                conn.Open();
                using (SqlCommand cmd = new SqlCommand(Sqlquery, conn))
                {
                    cmd.Parameters.Add("@DateInsert", SqlDbType.DateTime).Value = DateInsertPicker.Value;
                    cmd.Parameters.Add("@DateTransaction", SqlDbType.DateTime).Value = DateTransactionPicker.Value;
                    cmd.Parameters.Add("@Value", SqlDbType.Money).Value = ValueTxt.Text;
                    cmd.Parameters.Add("@Purpose", SqlDbType.Text).Value = PurposeTxt.Text;
                    cmd.Parameters.Add("@DepositLift", SqlDbType.Text).Value = DepositLiftCombobox.SelectedValue;

                    cmd.ExecuteNonQuery();                    
                }


        }

    }

#2


2  

Notice this:

注意这个:

string KarticaMString = null;

using (SqlConnection conn = new SqlConnection(KarticaMString))
{
    ...
}

The connection string, KarticaMString, is obviously null. You'll have to provide a valid connection string to the SqlConnection constructor. See ConnectionString for more information on how to write a valid connection string, or use a SqlConnectionStringBuilder.

连接字符串KarticaMString显然为null。您必须为SqlConnection构造函数提供有效的连接字符串。有关如何编写有效连接字符串或使用SqlConnectionStringBuilder的更多信息,请参阅ConnectionString。

#1


3  

Though your major or first Problem is ConnectionString is null, i could also find other errors from your code:

虽然你的主要或第一个问题是ConnectionString为null,我也可以从你的代码中找到其他错误:

1. Your ConnectionString is null .

1.您的ConnectionString为空。

 string  KarticaMString = null;//assign your connection string here    
 using (SqlConnection conn = new SqlConnection(KarticaMString))

Solution:

解:

assign the proper Connection String before assigning it to the SqlConnection object.

在将其分配给SqlConnection对象之前,请分配正确的连接字符串。

Example:

例:

string  KarticaMString = "Data Source=hostname;Initial   
Catalog=mydatabase;uid=uid;pwd=pwd;Integrated Security=True";

2. your Insert Into Statement can be attacked using SQL Injection.
Solution: Use Parametrised Queries.

2.使用SQL注入可以攻击您的Insert Into Statement。解决方案:使用参数化查询。

3. though you are assigning parameters using SqlCommand.Parameters.AddWithValue() they will not be reflected to your sql statement untill unless you specify those parameters in the sql statement.

3.虽然您使用SqlCommand.Parameters.AddWithValue()分配参数,但除非您在sql语句中指定这些参数,否则它们不会反映到您的sql语句中。

Solution: first add the parameters in insert into statement then add the values to the respective parameters using SqlCommand.Parameters.AddWithValue() statement.

解决方案:首先在insert语句中添加参数,然后使用SqlCommand.Parameters.AddWithValue()语句将值添加到相应的参数中。

4. you are assigning the SqlConnection object after calling the ExecuteNonQuery() Statement. Solution: Not Required as you have already done it before.

4.在调用ExecuteNonQuery()语句后分配SqlConnection对象。解决方案:不需要,因为您之前已经完成了。

5. suggestion: what i feel is you dont need to close the SqlConnection object explicitly as you have declared it inside the using{} block, object Disposal willbe taken care by using block Solution: Remove the statement conn.Close();

5.建议:我觉得你不需要显式关闭SqlConnection对象,因为你已经在using {}块中声明它,对象Disposal将通过使用块解决方案解决方法:删除语句conn.Close();

Final Solution

最终解决方案

private void InsertBtn_Click(object sender, EventArgs e)
    {
       string Sqlquery = null;
       string  KarticaMString = "@Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Bojan\Desktop\Programiranje\School‌​\Kartice\Kartice\Kartice.mdf;Integrated Security=True;User Instance=True";

        using (SqlConnection conn = new SqlConnection(KarticaMString))
        {

                Sqlquery = "INSERT INTO KarticaM (DateInsert, DateTransaction, Value, Purpose, DepositLift) VALUES (@DateInsert,@DateTransaction,@Value,@Purpose,@DepositLift)";
                conn.Open();
                using (SqlCommand cmd = new SqlCommand(Sqlquery, conn))
                {
                    cmd.Parameters.Add("@DateInsert", SqlDbType.DateTime).Value = DateInsertPicker.Value;
                    cmd.Parameters.Add("@DateTransaction", SqlDbType.DateTime).Value = DateTransactionPicker.Value;
                    cmd.Parameters.Add("@Value", SqlDbType.Money).Value = ValueTxt.Text;
                    cmd.Parameters.Add("@Purpose", SqlDbType.Text).Value = PurposeTxt.Text;
                    cmd.Parameters.Add("@DepositLift", SqlDbType.Text).Value = DepositLiftCombobox.SelectedValue;

                    cmd.ExecuteNonQuery();                    
                }


        }

    }

#2


2  

Notice this:

注意这个:

string KarticaMString = null;

using (SqlConnection conn = new SqlConnection(KarticaMString))
{
    ...
}

The connection string, KarticaMString, is obviously null. You'll have to provide a valid connection string to the SqlConnection constructor. See ConnectionString for more information on how to write a valid connection string, or use a SqlConnectionStringBuilder.

连接字符串KarticaMString显然为null。您必须为SqlConnection构造函数提供有效的连接字符串。有关如何编写有效连接字符串或使用SqlConnectionStringBuilder的更多信息,请参阅ConnectionString。