013_.Net 数据操作

1.insert

  1）click button

  protected void btnAdd_Click(object sender, System.EventArgs e)
  {
   string strSql = "insert into tbUserInfo values ('"+tbName.Text+"','"+tbPass.Text+"',"+"'"+trblSex.SelectedItem.Text+"'"+",";
   strSql += " '"+cdDate.SelectedDate.ToString()+"','"+tbZhiWei.Text+"','"+tbNotes.Text+"')";
   ExcuteSql(strSql);

  }

  2）调用过程

   private void ExcuteSql(string strSql)
  {
   try
   {
    SqlConnection con = new SqlConnection();
    con.ConnectionString = System.Configuration.ConfigurationSettings.AppSettings["DSN"];
    con.Open();
    //添加纪录...
    SqlCommand com = new SqlCommand(strSql,con);
    com.ExecuteNonQuery();
    con.Close();
    Response.Write("<script language='javascript'>alert('插入成功!')</script>");
   }
   catch(Exception ee)
   {
    Response.Write("发生错误:"+ee.Message);
   }
  }

  3）web.config

<appSettings>
  <add key="DSN" value="server=(local);database=myDatabase;UID=sa;pwd=111"></add>
 </appSettings>

4)public static OleDbConnection createConnection()
    {
        string MyConnString = ConfigurationManager.ConnectionStrings["myDbConn"].ConnectionString;
       // string MyConnString = "provider=oraoledb.oracle;Data Source=hs01-3;user id=system;password=manager;";
        OleDbConnection con = new OleDbConnection(MyConnString);
        return con;
    }

//-----------web.config---------

<connectionStrings>
    <add name="myDbConn" connectionString="provider=oraoledb.oracle;Data Source=hs01-3;user id=system;password=manager;"/>
  </connectionStrings>

2.Login 判断

protected void btnLogin_Click(object sender, System.EventArgs e)
  {
   SqlConnection con = new SqlConnection();
   con.ConnectionString = System.Configuration.ConfigurationSettings.AppSettings["DSN"];
   con.Open();
  
   string strSql = "select UserName,UserPass from tbUserInfo where UserName='"+tbName.Text+"' and UserPass='"+tbPass.Text+"'";
   SqlCommand com = new SqlCommand(strSql,con);
   SqlDataReader dr = com.ExecuteReader();
   //以下执行查询
   bool bExist = false;
   while(dr.Read())
   {
    bExist = true;
    Session["UserName"] = dr.GetString(0);
    Session["UserPass"] = dr.GetString(1);
   }
   if(bExist)
    Response.Redirect("023Query.aspx");
   else
    Response.Write("<script language='javascript'>alert('用户名称或密码错误!')</script>");
   
   con.Close();
  }  

3.带参数 sql语句

  protected void btnQuery_Click(object sender, System.EventArgs e)
  {
   SqlConnection con = new SqlConnection();
   con.ConnectionString = System.Configuration.ConfigurationSettings.AppSettings["DSN"];
   con.Open();
   string strSql = "select EnterDate from tbUserInfo where UserName='"+tbName.Text+"'";
   SqlCommand com = new SqlCommand(strSql,con);
   
   com.Parameters.Add("@Name",SqlDbType.VarChar,50,"UserName");
   com.Parameters["@Name"].Value = tbName.Text;
   com.CommandText = "select EnterDate from tbUserInfo where UserName=@Name";

   object obj = com.ExecuteScalar();
   if(obj!=null)
    lbHireDate.Text = obj.ToString();
   else
    lbHireDate.Text = "数据库中没有此人!";
   con.Close();
  }