C# 連MSSQL
Data Source=ServerName ,Catalog=DatabaseName , Uid=Account ,Pwd=Password
在此假設
ServerName 為MY-PC(LOCALHOST)
DatabaseName 為test,
Account 為user
Pwd為1234
---------------------------------------------------------------------------------------------
using System.Data.SqlClient; //需導入System.Data.SqlClient
//用Windows身分驗證
String strCon = "Data Source=MY-PC;Initial Catalog=test;Integrated Security=SSPI;";
//用SQL Server身分驗證
//String strCon = @"Data Source=.;Database=test ;Uid=user;Pwd=1234;";
//
//連接資料庫設定
SqlConnection conn = new SqlConnection(strCon);
conn.Open();
string sqlstr = "select * from 資料表名稱";
//執行SQL指令
SqlCommand cmd = new SqlCommand(sqlstr, conn);
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
String s = dr["欄位名稱"].ToString();
Console.Write(s); //show
}
cmd.Cancel();
dr.Close();
conn.Close();
conn.Dispose();
在此假設
ServerName 為MY-PC(LOCALHOST)
DatabaseName 為test,
Account 為user
Pwd為1234
MY-PC部分可用一個"."或localhost表示=> .\\SQLEXPRESS = localhost\\SQLEXPRESS
1.DataReader 讀取的資料屬於唯讀
2.DataReader 必須要搭配 Command 物件使用,故為連線資料存取
3.DataReader 一次只針對一筆資料列作業
using System.Data.SqlClient; //需導入System.Data.SqlClient
//用Windows身分驗證
String strCon = "Data Source=MY-PC;Initial Catalog=test;Integrated Security=SSPI;";
//用SQL Server身分驗證
//String strCon = @"Data Source=.;Database=test ;Uid=user;Pwd=1234;";
//
//連接資料庫設定
SqlConnection conn = new SqlConnection(strCon);
conn.Open();
string sqlstr = "select * from 資料表名稱";
//執行SQL指令
SqlCommand cmd = new SqlCommand(sqlstr, conn);
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
String s = dr["欄位名稱"].ToString();
Console.Write(s); //show
}
cmd.Cancel();
dr.Close();
conn.Close();
conn.Dispose();
------------------------------------------------------------------------------------
//放入DATATABLE方式
SqlCommand cmd = new SqlCommand(sqlstr, conn);
SqlDataAdapter sda = new SqlDataAdapter(cmd);
DataSet dss = new DataSet();
dss.Clear();
sda.Fill(dss);
DataTable ddt = dss.Tables[0];
cmd.Cancel();
con.Close();
con.Dispose();
取值則用 ---> ddt[列][欄]
--------------------------------------------------------------------------------
帶參數(防SQL injection)
SqlConnection con = new SqlConnection(連線字串);
con.Open();
SqlCommand cmd = new SqlCommand("select * from a where b=@c", con);
cmd.Parameters.Add(參數名稱 , 參數資料型態);
cmd.Parameters[參數名稱].Value = 參數值;
cmd.Parameters.Add(@c, SqlDbType.VarChar);
cmd.Parameters[@c].Value = "123";
cmd.ExecuteNonQuery();
con.Close();
con.Dispose();
SqlCommand cmd = new SqlCommand(sqlstr, conn);
SqlDataAdapter sda = new SqlDataAdapter(cmd);
DataSet dss = new DataSet();
dss.Clear();
sda.Fill(dss);
DataTable ddt = dss.Tables[0];
cmd.Cancel();
con.Close();
con.Dispose();
取值則用 ---> ddt[列][欄]
--------------------------------------------------------------------------------
帶參數(防SQL injection)
SqlConnection con = new SqlConnection(連線字串);
con.Open();
SqlCommand cmd = new SqlCommand("select * from a where b=@c", con);
cmd.Parameters.Add(參數名稱 , 參數資料型態);
cmd.Parameters[參數名稱].Value = 參數值;
cmd.Parameters.Add(@c, SqlDbType.VarChar);
cmd.Parameters[@c].Value = "123";
cmd.ExecuteNonQuery();
con.Close();
con.Dispose();
String strCon = "Data Source=MY-PC;Initial Catalog=test;Integrated Security=SSPI;";
回覆刪除提醒:"Data前方沒加到 "@" :)
您好,我字串沒切斷落,應該沒影響。還是您測試之下有影響呢?
刪除