我怎样才能让我的数据库方法更适合未来?
How can i make my database method more future proof?
我目前正在开发一个在两个数据库之间进行数据库数据传输的新应用程序。我目前已经编写了一个方法,但看起来我可以让这段代码更紧凑。我读了一篇使用 Using 语句的文章,但我不确定如何在我的代码中实现它。此外,我想说明我有以下 public 声明:
private IDbConnection ExportConnection = new OleDbConnection(Helper.CnnVal("ExportDatabase"));
private IDbConnection SchoolConnection;
private DataTable exportDb = new DataTable();
private DataTable schoolDb = new DataTable();
private OleDbCommandBuilder cb;
private OleDbDataAdapter dataAdapterSchool;
private OleDbDataAdapter dataAdapterExport;
private OleDbCommand dbCommand;
private string ZoekQuery { get; set; }
private DataAccess db = new DataAccess();
private string SchoolConnectionString;
private string selectSchoolQuery;
这是方法:
public void InlezenClientGegevens()
{
if ((bool)Checbox.IsChecked)
{
SchoolConnectionString = $@"I removed the string for privacy reasons";
try
{
ExportConnection.Open();
ZoekQuery = $"SELECT * FROM Client WHERE Cliëntnummer BETWEEN '{TxtVan.Text}' AND '{TxtTm.Text}'";
dbCommand = new OleDbCommand(ZoekQuery, (OleDbConnection)ExportConnection);
dataAdapterExport = new OleDbDataAdapter(ZoekQuery, (OleDbConnection)ExportConnection);
dbCommand.ExecuteNonQuery();
dataAdapterExport.AcceptChangesDuringFill = false;
dataAdapterExport.Fill(exportDb);
ExportConnection.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
SchoolConnection = new OleDbConnection(SchoolConnectionString);
try
{
SchoolConnection.Open();
selectSchoolQuery = "SELECT * FROM Info";
dbCommand = new OleDbCommand(selectSchoolQuery, (OleDbConnection)SchoolConnection);
dataAdapterSchool = new OleDbDataAdapter(selectSchoolQuery, (OleDbConnection)SchoolConnection);
dbCommand.ExecuteNonQuery();
dataAdapterSchool.FillSchema(schoolDb, SchemaType.Source);
dataAdapterSchool.Fill(schoolDb);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
try
{
cb = new OleDbCommandBuilder(dataAdapterSchool);
cb.GetUpdateCommand();
schoolDb.Merge(exportDb, false, MissingSchemaAction.Add);
dataAdapterSchool.Update(schoolDb);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
编辑:
public void InlezenClientGegevens()
{
if ((bool)Checkbox.IsChecked)
{
try
{
using (var connection = new OleDbConnection(Helper.CnnVal("ExportDatabase")))
{
var ZoekQuery = $"SELECT * FROM client WHERE Cliëntnummer BETWEEN '{TxtVan.Text}' AND '{TxtTm.Text}'";
using (var dbcommand = new OleDbCommand(ZoekQuery, connection))
{
using (var exportAdapter = new OleDbDataAdapter(ZoekQuery, connection))
{
exportAdapter.AcceptChangesDuringFill = false;
exportAdapter.Fill(exportDb);
}
}
}
using (var connection = new OleDbConnection($"))
{
var ZoekQuery = "SELECT * FROM info";
using (var dbcommand = new OleDbCommand(ZoekQuery, connection))
{
using (var SchoolAdapter = new OleDbDataAdapter(ZoekQuery, connection))
{
SchoolAdapter.FillSchema(schoolDb, SchemaType.Source);
SchoolAdapter.Fill(schoolDb);
using (var cb = new OleDbCommandBuilder(SchoolAdapter))
{
cb.GetUpdateCommand();
schoolDb.Merge(exportDb, false, MissingSchemaAction.Add);
SchoolAdapter.Update(schoolDb);
}
}
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
如果使用DataAdappter.Fill,则不需要打开关闭连接。我也会对所有实现 IDisposable 的东西使用 using 语句(比如 OleDbConnection 和 OleDbCommand,DataTable 不需要)。所以你应该在方法中创建连接。
您还应该为查询使用参数而不是字符串连接,以避免 sql 注入。您还应该首先尝试解析输入,看看它是否真的是 int:
public void InlezenClientGegevens()
{
bool validVan = int.TryParse(TxtVan.Text, out int van);
bool validTm = int.TryParse(TxtTm.Text, out int tm);
if (!validVan || !validTm)
{
// inform user
return;
}
if (Checkbox.IsChecked)
{
try
{
using (OleDbConnection connection = new OleDbConnection(Helper.CnnVal("ExportDatabase")))
{
string zoekQuery = $"SELECT * FROM client WHERE Cliëntnummer BETWEEN ? AND ?";
using (OleDbCommand dbCommand = new OleDbCommand(zoekQuery, connection))
{
dbCommand.Parameters.Add(new OleDbParameter("Van", OleDbType.Integer).Value = van);
dbCommand.Parameters.Add(new OleDbParameter("Tm", OleDbType.Integer).Value = tm);
using (OleDbDataAdapter exportAdapter = new OleDbDataAdapter(dbCommand))
{
exportAdapter.Fill(exportDb);
}
}
}
// ...
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
我目前正在开发一个在两个数据库之间进行数据库数据传输的新应用程序。我目前已经编写了一个方法,但看起来我可以让这段代码更紧凑。我读了一篇使用 Using 语句的文章,但我不确定如何在我的代码中实现它。此外,我想说明我有以下 public 声明:
private IDbConnection ExportConnection = new OleDbConnection(Helper.CnnVal("ExportDatabase"));
private IDbConnection SchoolConnection;
private DataTable exportDb = new DataTable();
private DataTable schoolDb = new DataTable();
private OleDbCommandBuilder cb;
private OleDbDataAdapter dataAdapterSchool;
private OleDbDataAdapter dataAdapterExport;
private OleDbCommand dbCommand;
private string ZoekQuery { get; set; }
private DataAccess db = new DataAccess();
private string SchoolConnectionString;
private string selectSchoolQuery;
这是方法:
public void InlezenClientGegevens()
{
if ((bool)Checbox.IsChecked)
{
SchoolConnectionString = $@"I removed the string for privacy reasons";
try
{
ExportConnection.Open();
ZoekQuery = $"SELECT * FROM Client WHERE Cliëntnummer BETWEEN '{TxtVan.Text}' AND '{TxtTm.Text}'";
dbCommand = new OleDbCommand(ZoekQuery, (OleDbConnection)ExportConnection);
dataAdapterExport = new OleDbDataAdapter(ZoekQuery, (OleDbConnection)ExportConnection);
dbCommand.ExecuteNonQuery();
dataAdapterExport.AcceptChangesDuringFill = false;
dataAdapterExport.Fill(exportDb);
ExportConnection.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
SchoolConnection = new OleDbConnection(SchoolConnectionString);
try
{
SchoolConnection.Open();
selectSchoolQuery = "SELECT * FROM Info";
dbCommand = new OleDbCommand(selectSchoolQuery, (OleDbConnection)SchoolConnection);
dataAdapterSchool = new OleDbDataAdapter(selectSchoolQuery, (OleDbConnection)SchoolConnection);
dbCommand.ExecuteNonQuery();
dataAdapterSchool.FillSchema(schoolDb, SchemaType.Source);
dataAdapterSchool.Fill(schoolDb);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
try
{
cb = new OleDbCommandBuilder(dataAdapterSchool);
cb.GetUpdateCommand();
schoolDb.Merge(exportDb, false, MissingSchemaAction.Add);
dataAdapterSchool.Update(schoolDb);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
编辑:
public void InlezenClientGegevens()
{
if ((bool)Checkbox.IsChecked)
{
try
{
using (var connection = new OleDbConnection(Helper.CnnVal("ExportDatabase")))
{
var ZoekQuery = $"SELECT * FROM client WHERE Cliëntnummer BETWEEN '{TxtVan.Text}' AND '{TxtTm.Text}'";
using (var dbcommand = new OleDbCommand(ZoekQuery, connection))
{
using (var exportAdapter = new OleDbDataAdapter(ZoekQuery, connection))
{
exportAdapter.AcceptChangesDuringFill = false;
exportAdapter.Fill(exportDb);
}
}
}
using (var connection = new OleDbConnection($"))
{
var ZoekQuery = "SELECT * FROM info";
using (var dbcommand = new OleDbCommand(ZoekQuery, connection))
{
using (var SchoolAdapter = new OleDbDataAdapter(ZoekQuery, connection))
{
SchoolAdapter.FillSchema(schoolDb, SchemaType.Source);
SchoolAdapter.Fill(schoolDb);
using (var cb = new OleDbCommandBuilder(SchoolAdapter))
{
cb.GetUpdateCommand();
schoolDb.Merge(exportDb, false, MissingSchemaAction.Add);
SchoolAdapter.Update(schoolDb);
}
}
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
如果使用DataAdappter.Fill,则不需要打开关闭连接。我也会对所有实现 IDisposable 的东西使用 using 语句(比如 OleDbConnection 和 OleDbCommand,DataTable 不需要)。所以你应该在方法中创建连接。
您还应该为查询使用参数而不是字符串连接,以避免 sql 注入。您还应该首先尝试解析输入,看看它是否真的是 int:
public void InlezenClientGegevens()
{
bool validVan = int.TryParse(TxtVan.Text, out int van);
bool validTm = int.TryParse(TxtTm.Text, out int tm);
if (!validVan || !validTm)
{
// inform user
return;
}
if (Checkbox.IsChecked)
{
try
{
using (OleDbConnection connection = new OleDbConnection(Helper.CnnVal("ExportDatabase")))
{
string zoekQuery = $"SELECT * FROM client WHERE Cliëntnummer BETWEEN ? AND ?";
using (OleDbCommand dbCommand = new OleDbCommand(zoekQuery, connection))
{
dbCommand.Parameters.Add(new OleDbParameter("Van", OleDbType.Integer).Value = van);
dbCommand.Parameters.Add(new OleDbParameter("Tm", OleDbType.Integer).Value = tm);
using (OleDbDataAdapter exportAdapter = new OleDbDataAdapter(dbCommand))
{
exportAdapter.Fill(exportDb);
}
}
}
// ...
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}