如何从C#中的SQL Server数据库中检索数据?

我有一个数据库表,其中包含3列firstnameLastnameage 。 在我的C#Windows应用程序中,我有3个名为textbox1文本框…我使用以下代码连接到我的SQL Server:

 SqlConnection con = new SqlConnection("Data Source = .; Initial Catalog = domain; Integrated Security = True"); con.Open(); SqlCommand cmd = new SqlCommand("Select * from tablename", con); 

我想从我的数据库中获取值; 如果我在textbox1给出一个值,它必须匹配数据库中的值并检索其他详细信息到相应的文本框。

我尝试过这种方法,但它不起作用:

 cmd.CommandText = "select * from tablename where firstname = '" + textBox1.Text + "' "; 

我怎样才能检索文本框中的所有其他值?

  public Person SomeMethod(string fName) { var con = ConfigurationManager.ConnectionStrings["Yourconnection"].ToString(); Person matchingPerson = new Person(); using (SqlConnection myConnection = new SqlConnection(con)) { string oString = "Select * from Employees where FirstName=@fName"; SqlCommand oCmd = new SqlCommand(oString, myConnection); oCmd.Parameters.AddWithValue("@Fname", fName); myConnection.Open(); using (SqlDataReader oReader = oCmd.ExecuteReader()) { while (oReader.Read()) { matchingPerson.firstName = oReader["FirstName"].ToString(); matchingPerson.lastName = oReader["LastName"].ToString(); } myConnection.Close(); } } return matchingPerson; } 

这里没有什么需要注意的:我使用了参数化查询,这使您的代码更安全。 使用"where x = "+ Textbox.Text +""部分创建select语句的方式可以打开SQL注入。

我把它改成了:

  "Select * from Employees where FirstName=@fName" oCmd.Parameters.AddWithValue("@fname", fName); 

那么这段代码将要做的是:

对您的数据库执行SQL语句,以查看是否有任何与您提供的名字匹配的名字。 如果是这种情况,那个人将被存储在一个Person对象中(请参阅我在该课程的答案中的下面)。 如果没有匹配项,Person对象的属性将为null

显然我并不确切知道你要做什么,所以有一些事情需要注意:当有超过1个具有匹配名称的人时,只有最后一个人会被保存并返回给你。 如果您希望能够存储此数据,可以将它们添加到List

使人更清洁的人类:

  public class Person { public string firstName { get; set; } public string lastName { get; set; } } 

现在调用方法:

 Person x = SomeMethod("John"); 

然后,您可以使用来自Person对象的值填充文本框,如下所示:

 txtLastName.Text = x.LastName; 

创建一个名为DbManager的类:

 Class DbManager { SqlConnection connection; SqlCommand command; public DbManager() { connection = new SqlConnection(); connection.ConnectionString = @"Data Source=. \SQLEXPRESS;AttachDbFilename=|DataDirectory|DatabaseName.mdf;Integrated Security=True;User Instance=True"; command = new SqlCommand(); command.Connection = connection; command.CommandType = CommandType.Text; } // constructor public bool GetUsersData(ref string lastname, ref string firstname, ref string age) { bool returnvalue = false; try { command.CommandText = "select * from TableName where firstname=@firstname and lastname=@lastname"; command.Parameters.Add("firstname",SqlDbType.VarChar).Value = firstname; command.Parameters.Add("lastname",SqlDbType.VarChar).Value = lastname; connection.Open(); SqlDataReader reader= command.ExecuteReader(); if (reader.HasRows) { while (reader.Read()) { lastname = reader.GetString(1); firstname = reader.GetString(2); age = reader.GetString(3); } } returnvalue = true; } catch { } finally { connection.Close(); } return returnvalue; } 

然后双击表单上的检索按钮(例如btnretrieve)并插入以下代码:

  private void btnretrieve_Click(object sender, EventArgs e) { try { string lastname = null; string firstname = null; string age = null; DbManager db = new DbManager(); bool status = db.GetUsersData(ref surname, ref firstname, ref age); if (status) { txtlastname.Text = surname; txtfirstname.Text = firstname; txtAge.Text = age; } } catch { } } 

要从数据库中检索数据:

 private SqlConnection Conn; private void CreateConnection() { string ConnStr = ConfigurationManager.ConnectionStrings["ConnStr"].ConnectionString; Conn = new SqlConnection(ConnStr); } public DataTable getData() { CreateConnection(); string SqlString = "SELECT * FROM TableName WHERE SomeID = @SomeID;"; SqlDataAdapter sda = new SqlDataAdapter(SqlString, Conn); DataTable dt = new DataTable(); try { Conn.Open(); sda.Fill(dt); } catch (SqlException se) { DBErLog.DbServLog(se, se.ToString()); } finally { Conn.Close(); } return dt; } 

设置连接后,您可以使用这个简单的方法:

 private void getAgentInfo(string key)//"key" is your search paramter inside database { con.Open(); string sqlquery = "SELECT * FROM TableName WHERE firstname = @fName"; SqlCommand command = new SqlCommand(sqlquery, con); SqlDataReader sReader; command.Parameters.Clear(); command.Parameters.AddWithValue("@fName", key); sReader = command.ExecuteReader(); while (sReader.Read()) { textBoxLastName.Text = sReader["Lastname"].ToString(); //SqlDataReader //["LastName"] the name of your column you want to retrieve from DB textBoxAge.Text = sReader["age"].ToString(); //["age"] another column you want to retrieve } con.Close(); } 

现在,您可以通过textBoxFirstName将密钥传递给此方法,如:

 getAgentInfo(textBoxFirstName.Text);