1. 首頁
  2. 問答
  3. 我能做些什麼來解決我的SQLite的連接字符串

我能做些什麼來解決我的SQLite的連接字符串

2016-06-13 73 views
-1

我使用SQLite的工作是第一次,現在當我想要的東西添加到數據庫,它拋出一個錯誤說:我能做些什麼來解決我的SQLite的連接字符串

「無效ConnectionString的格式,不能解析:字符串值分割不能爲空」

這裏是我到目前爲止的代碼爲這個(我從一個教程工作):

String dbConnection; 

    /// <summary> 
    ///  Default Constructor for SQLiteDatabase Class. 
    /// </summary> 
    public void SQLiteDatabase() 
    { 
     dbConnection = "Data Source = StockDB.s3db; Version = 3;"; 

    } 

public int ExecuteNonQuery(string sql) 
    { 
     SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
     cnn.Open(); //error thrown here 
     SQLiteCommand mycommand = new SQLiteCommand(cnn); 
     mycommand.CommandText = sql; 
     int rowsUpdated = mycommand.ExecuteNonQuery(); 
     cnn.Close(); 
     return rowsUpdated; 
    }

我不知道,如果你需要的代碼,SQL查詢但是:

DBHelper db = new DBHelper(); 
UserInfo UI = new UserInfo(); 
UI.UserName = "henry"; 
UI.Code = 123; 
UI.Role = "LEADER";  
string sql = "INSERT INTO User (Username, Code, Role)" + 
        "VALUES (" + UI.UserName + "" + UI.Code.ToString() + "" + UI.Role + ")"; 
     db.ExecuteNonQuery(sql);

我不知道如何解決這個問題。我可以從數據庫中讀取沒有問題。

額外的信息:

namespace Stock_A_Lot 
{ 
public class DBHelper 
{ 

    String dbConnection; 
    /// <summary> 
    ///  Default Constructor for SQLiteDatabase Class. 
    /// </summary> 
    public void SQLiteDatabase() 
    { 
     dbConnection = "Data Source = StockDB.s3db; Version = 3;"; 
    }  
    public DataTable GetDataTable(string sql) 
    { 
     DataTable dt = new DataTable(); 
     try 
     { 
      SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
      cnn.Open(); 
      SQLiteCommand mycommand = new SQLiteCommand(cnn); 
      mycommand.CommandText = sql; 
      SQLiteDataReader reader = mycommand.ExecuteReader(); 
      dt.Load(reader); 
      reader.Close(); 
      cnn.Close(); 
     } 
     catch (Exception e) 
     { 
      throw new Exception(e.Message); 
     } 
     return dt; 
    } 
    /// <summary> 
    ///  Allows the programmer to interact with the database for purposes other than a query. 
    /// </summary> 
    /// <param name="sql">The SQL to be run.</param> 
    /// <returns>An Integer containing the number of rows updated.</returns> 
    public int ExecuteNonQuery(string sql) 
    { 
     SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
     cnn.Open(); 
     SQLiteCommand mycommand = new SQLiteCommand(cnn); 
     mycommand.CommandText = sql; 
     int rowsUpdated = mycommand.ExecuteNonQuery(); 
     cnn.Close(); 
     return rowsUpdated; 
    } 

    /// <summary> 
    ///  Allows the programmer to retrieve single items from the DB. 
    /// </summary> 
    /// <param name="sql">The query to run.</param> 
    /// <returns>A string.</returns> 
    public string ExecuteScalar(string sql) 
    { 
     SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
     cnn.Open(); 
     SQLiteCommand mycommand = new SQLiteCommand(cnn); 
     mycommand.CommandText = sql; 
     object value = mycommand.ExecuteScalar(); 
     cnn.Close(); 
     if (value != null) 
     { 
      return value.ToString(); 
     } 
     return ""; 
    }   

    /// <summary> 
    ///  Allows the programmer to easily insert into the DB 
    /// </summary> 
    /// <param name="tableName">The table into which we insert the data.</param> 
    /// <param name="data">A dictionary containing the column names and data for the insert.</param> 
    /// <returns>A boolean true or false to signify success or failure.</returns> 
    public bool Insert(String tableName, Dictionary<String, String> data) 
    { 
     String columns = ""; 
     String values = ""; 
     Boolean returnCode = true; 
     foreach (KeyValuePair<String, String> val in data) 
     { 
      columns += String.Format(" {0},", val.Key.ToString()); 
      values += String.Format(" '{0}',", val.Value); 
     } 
     columns = columns.Substring(0, columns.Length - 1); 
     values = values.Substring(0, values.Length - 1); 
     try 
     { 
      this.ExecuteNonQuery(String.Format("insert into {0}({1}) values({2});", tableName, columns, values)); 
     } 
     catch (Exception fail) 
     { 
      MessageBox.Show(fail.Message); 
      returnCode = false; 
     } 
     return returnCode; 
    } 
}

}

來源

2016-06-13 Cleaven

回答

2

連接字符串可能被罰款,但它從來沒有被設置。因爲你永遠不會調用SQLiteDatabase()函數來設置它。

它看起來像你想成爲一個構造函數,而不是一個可調用的方法。事情是這樣的:

public SQLiteDatabase() 
{ 
    dbConnection = "Data Source = StockDB.s3db; Version = 3;"; 
}

(注缺乏void關鍵字。)

或許這樣的:

public DBHelper() 
{ 
    dbConnection = "Data Source = StockDB.s3db; Version = 3;"; 
}

要看什麼實際上命名。

注意:還值得指出的是,您的代碼當前對SQL注入攻擊開放。你應該看看參數化查詢,而不是直接連接這樣的值。目前,您可能允許用戶在數據庫上執行任意代碼,這是非常糟糕的事情。查詢參數將輸入值視爲而不是可執行代碼

來源

2016-06-13 12:54:10 David

+1

大概類是一個名爲DBHelper在最後一個例子 – Steve

+0

沒有值之間是暫時安全的逗號。 :-) – Steve

+1

@Steve:你可能是對的(第一評論),儘管該方法頭部評論需要改變(或刪除):)(第二個評論)除非第一個值是被攻陷的,其餘的是評論說。這是我想到的第一件事,鮑比桌子和所有:) – David

0

試試這個

dbConnection = "Data Source = StockDB.db3;";

來源

2016-06-13 12:58:33

0

這是類的樣子才能工作。

namespace Stock_A_Lot 
{ 
public class DBHelper 
{ 

    String dbConnection; 
    /// <summary> 
    ///  Default Constructor for DBHelper Class. 
    /// </summary> 
    public DBHelper() 
    { 
     dbConnection = "Data Source = StockDB.s3db; Version = 3;"; 
    } 

    /// 
    /* /// <summary> 
    ///  Single Param Constructor for specifying the DB file. 
    /// </summary> 
    /// <param name="inputFile">The File containing the DB</param> 
    public void SQLiteDatabase(String inputFile) 
    { 
     dbConnection = String.Format("Data Source={0}", inputFile); 
    } 

    /// <summary> 
    ///  Single Param Constructor for specifying advanced connection options. 
    /// </summary> 
    /// <param name="connectionOpts">A dictionary containing all desired options and their values</param> 
    public void SQLiteDatabase(Dictionary<String, String> connectionOpts) 
    { 
     String str = ""; 
     foreach (KeyValuePair<String, String> row in connectionOpts) 
     { 
      str += String.Format("{0}={1}; ", row.Key, row.Value); 
     } 
     str = str.Trim().Substring(0, str.Length - 1); 
     dbConnection = str; 
    }*/ 

    /// <summary> 
    ///  Allows the programmer to run a query against the Database. 
    /// </summary> 
    /// <param name="sql">The SQL to run</param> 
    /// <returns>A DataTable containing the result set.</returns> 
    public DataTable GetDataTable(string sql) 
    { 
     DataTable dt = new DataTable(); 
     try 
     { 
      SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
      cnn.Open(); 
      SQLiteCommand mycommand = new SQLiteCommand(cnn); 
      mycommand.CommandText = sql; 
      SQLiteDataReader reader = mycommand.ExecuteReader(); 
      dt.Load(reader); 
      reader.Close(); 
      cnn.Close(); 
     } 
     catch (Exception e) 
     { 
      throw new Exception(e.Message); 
     } 
     return dt; 
    } 
    /// <summary> 
    ///  Allows the programmer to interact with the database for purposes other than a query. 
    /// </summary> 
    /// <param name="sql">The SQL to be run.</param> 
    /// <returns>An Integer containing the number of rows updated.</returns> 
    public int ExecuteNonQuery(string sql) 
    { 
     SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
     cnn.Open(); 
     SQLiteCommand mycommand = new SQLiteCommand(cnn); 
     mycommand.CommandText = sql; 
     int rowsUpdated = mycommand.ExecuteNonQuery(); 
     cnn.Close(); 
     return rowsUpdated; 
    } 

    /// <summary> 
    ///  Allows the programmer to retrieve single items from the DB. 
    /// </summary> 
    /// <param name="sql">The query to run.</param> 
    /// <returns>A string.</returns> 
    public string ExecuteScalar(string sql) 
    { 
     SQLiteConnection cnn = new SQLiteConnection(dbConnection); 
     cnn.Open(); 
     SQLiteCommand mycommand = new SQLiteCommand(cnn); 
     mycommand.CommandText = sql; 
     object value = mycommand.ExecuteScalar(); 
     cnn.Close(); 
     if (value != null) 
     { 
      return value.ToString(); 
     } 
     return ""; 
    } 

    /// <summary> 
    ///  Allows the programmer to easily update rows in the DB. 
    /// </summary> 
    /// <param name="tableName">The table to update.</param> 
    /// <param name="data">A dictionary containing Column names and their new values.</param> 
    /// <param name="where">The where clause for the update statement.</param> 
    /// <returns>A boolean true or false to signify success or failure.</returns> 
    public bool Update(String tableName, Dictionary<String, String> data, String where) 
    { 
     String vals = ""; 
     Boolean returnCode = true; 
     if (data.Count >= 1) 
     { 
      foreach (KeyValuePair<String, String> val in data) 
      { 
       vals += String.Format(" {0} = '{1}',", val.Key.ToString(), val.Value.ToString()); 
      } 
      vals = vals.Substring(0, vals.Length - 1); 
     } 
     try 
     { 
      this.ExecuteNonQuery(String.Format("update {0} set {1} where {2};", tableName, vals, where)); 
     } 
     catch 
     { 
      returnCode = false; 
     } 
     return returnCode; 
    } 

    /// <summary> 
    ///  Allows the programmer to easily delete rows from the DB. 
    /// </summary> 
    /// <param name="tableName">The table from which to delete.</param> 
    /// <param name="where">The where clause for the delete.</param> 
    /// <returns>A boolean true or false to signify success or failure.</returns> 
    public bool Delete(String tableName, String where) 
    { 
     Boolean returnCode = true; 
     try 
     { 
      this.ExecuteNonQuery(String.Format("delete from {0} where {1};", tableName, where)); 
     } 
     catch (Exception fail) 
     { 
      MessageBox.Show(fail.Message); 
      returnCode = false; 
     } 
     return returnCode; 
    } 

    /// <summary> 
    ///  Allows the programmer to easily insert into the DB 
    /// </summary> 
    /// <param name="tableName">The table into which we insert the data.</param> 
    /// <param name="data">A dictionary containing the column names and data for the insert.</param> 
    /// <returns>A boolean true or false to signify success or failure.</returns> 
    public bool Insert(String tableName, Dictionary<String, String> data) 
    { 
     String columns = ""; 
     String values = ""; 
     Boolean returnCode = true; 
     foreach (KeyValuePair<String, String> val in data) 
     { 
      columns += String.Format(" {0},", val.Key.ToString()); 
      values += String.Format(" '{0}',", val.Value); 
     } 
     columns = columns.Substring(0, columns.Length - 1); 
     values = values.Substring(0, values.Length - 1); 
     try 
     { 
      this.ExecuteNonQuery(String.Format("insert into {0}({1}) values({2});", tableName, columns, values)); 
     } 
     catch (Exception fail) 
     { 
      MessageBox.Show(fail.Message); 
      returnCode = false; 
     } 
     return returnCode; 
    } 

    /// <summary> 
    ///  Allows the programmer to easily delete all data from the DB. 
    /// </summary> 
    /// <returns>A boolean true or false to signify success or failure.</returns> 
    public bool ClearDB() 
    { 
     DataTable tables; 
     try 
     { 
      tables = this.GetDataTable("select NAME from SQLITE_MASTER where type='table' order by NAME;"); 
      foreach (DataRow table in tables.Rows) 
      { 
       this.ClearTable(table["NAME"].ToString()); 
      } 
      return true; 
     } 
     catch 
     { 
      return false; 
     } 
    } 

    /// <summary> 
    ///  Allows the user to easily clear all data from a specific table. 
    /// </summary> 
    /// <param name="table">The name of the table to clear.</param> 
    /// <returns>A boolean true or false to signify success or failure.</returns> 
    public bool ClearTable(String table) 
    { 
     try 
     { 

      this.ExecuteNonQuery(String.Format("delete from {0};", table)); 
      return true; 
     } 
     catch 
     { 
      return false; 
     } 
    } 

} 
}

來源

2016-06-27 13:03:23 Cleaven

相關問題

 相關問題