查询字符串以从SCOPE_IDENTITY调用行数据
||
我有一个供用户输入数据的提交页面。然后,我重定向到一个查看页面,以便他们可以查看其输入。会话已结束,因为这将是一个高流量站点,但是我在提交命令的末尾使用了作用域标识方法。如何查询范围ID值,以便在查看页面中显示行数据?
代码如下:这是一个培训项目,出于简洁的考虑,我被明确禁止参数化。但是,是的,我知道要实现参数化。
protected void Button1_Click(object sender, EventArgs e)
{
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings[\"MyConnectionString\"].ConnectionString;
String thisQuery = \"INSERT INTO ProductInstance (CustId, CustName, SicNaic, CustAdd, CustCity, CustState, CustZip, BroId, BroName, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments) VALUES (\'\" + TextBox19.Text + \"\', \'\" + TextBox1.Text + \"\', \'\" + RadioButtonList1.SelectedItem + \"\', \'\" + TextBox2.Text + \"\', \'\" + TextBox3.Text + \"\', \'\" + DropDownList1.SelectedItem + \"\', \'\" + TextBox4.Text + \"\', \'\" + TextBox18.Text + \"\', \'\" + TextBox5.Text + \"\', \'\" + TextBox6.Text + \"\', \'\" + TextBox7.Text + \"\', \'\" + DropDownList2.SelectedItem + \"\', \'\" + TextBox8.Text + \"\', \'\" + DropDownList3.SelectedItem + \"\',\'\" + TextBox9.Text + \"\',\'\" + TextBox10.Text + \"\',\'\" + TextBox11.Text + \"\',\'\" + TextBox12.Text + \"\',\'\" + TextBox20.Text + \"\',\'\" + TextBox14.Text + \"\',\'\" + TextBox15.Text + \"\',\'\" + TextBox16.Text + \"\'); SELECT SCOPE_IDENTITY() AS [lastInsertedProductId]\";
using (SqlConnection sqlConn = new SqlConnection(connectionString))
{
sqlConn.Open();
using (SqlCommand command = new SqlCommand(thisQuery, sqlConn))
{
int lastInsertedProductId = Convert.ToInt32(command.ExecuteScalar());
}
}
Response.Redirect(\"~/View.aspx\");
然后查看页面代码在这里:
protected void Page_Load(object sender, EventArgs e)
{
string x = Request.QueryString[\"ProductId\"];
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings[\"MyConnectionString\"].ConnectionString;
string editQuery = \"SELECT CustId, CustName, SicNaic, CustCity, CustAdd, CustState, CustZip, BroName, BroId, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments FROM ProductInstance WHERE ProductId =\" + x;
using (SqlConnection editConn = new SqlConnection(connectionString))
{
editConn.Open();
using (SqlCommand command = new SqlCommand(editQuery, editConn))
{
SqlDataReader dr = command.ExecuteReader();
dr.Read();
Label6.Text = dr.GetInt32(0).ToString();
没有找到相关结果
已邀请:
2 个回复
逆捐凶撤小
范围扩大
但是请认真考虑一下参数化语句和http://bobby-tables.com/
街茬