在 webform 中显示 SQL 服务器 table 数据

Displaying SQL Server table data in webform

我有一个应用程序应该允许用户从数据库中的 table 查看宠物。

网页表单设计图片和宠物数据table:

这是我的按钮代码:

protected void viewAnimalsBreedButton_Click(object sender, EventArgs e)
{
    try
    {
        SqlConnection cnn = new SqlConnection("Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\FrendsWithPaws.mdf;Integrated Security=True");

        cnn.Open();
        SqlCommand command = new SqlCommand("SELECT PetID, Breed, Name, Age, Gender, Picture, Sanctuary FROM Pets WHERE Breed='+ breedDropDownList.SelectedValue +'", cnn);
        SqlDataReader reader = command.ExecuteReader();
        petsGridView.DataSource = reader;
        petsGridView.DataBind();
        cnn.Close();
    }
    catch (Exception ex)
    {
        Response.Write("error" + ex.ToString());
    }
}

首先,我有一个 dropdownlist 宠物品种,当我 select 在 dropdown 中有一个 breed 并单击查看动物时,我想要gridview 向我展示该品种的宠物(包含大部分信息)...然后我希望它适用于 SpeciesSanctuary...

目前我select一个品种点击查看动物没有任何反应,如下图:

select离子 'House' 品种和点击查看动物按钮后的网络表格图片:

如何让它工作?

首先,您应该始终使用 parameterized queries to avoid SQL Injection 并摆脱此类问题。 其次,您需要创建一个 DataTable 并通过数据填充它 reader 并将您的 table 绑定到网格:

cnn.Open();
SqlCommand command = new SqlCommand("SELECT PetID, Breed, Name, Age, Gender, Picture, " +
                                    "Sanctuary FROM Pets where Breed = @Breed ", cnn);

command.Parameters.AddWithValue("@Breed", breedDropDownList.SelectedValue);

DataTable table = new DataTable();
table.Load(command.ExecuteReader());    
petsGridView.DataSource = table;
petsGridView.DataBind();
cnn.Close();

虽然直接指定类型并使用值 属性 比 AddWithValue 更好。 https://blogs.msmvps.com/jcoehoorn/blog/2014/05/12/can-we-stop-using-addwithvalue-already/

您必须先将读取数据加载到datatable

protected void viewAnimalsBreedButton_Click(object sender, EventArgs e)
{
    try
    {
        SqlConnection cnn = new SqlConnection("Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\FrendsWithPaws.mdf;Integrated Security=True");

        cnn.Open();
        SqlCommand command = new SqlCommand("SELECT PetID, Breed, Name, Age, Gender, Picture, Sanctuary FROM Pets WHERE Breed='" +  breedDropDownList.SelectedValue + "'", cnn);
        SqlDataReader reader = command.ExecuteReader();
        var dataTable = new DataTable();
        dataTable.Load(dataReader);
        petsGridView.DataSource = dataTable;
        petsGridView.DataBind();
        cnn.Close();
    }
    catch (Exception ex)
    {
        Response.Write("error" + ex.ToString());
    }
}