我是新來vb.net和MySQL和我碰到一些代碼來全國各地關於如何連接並保存在MySQL數據庫VB數據互聯網..VB.net保存數據代碼
這是第一次我在保存數據時遇到代碼的類型..
Sub saveData()
Dim mysqlConn As MySqlConnection
Dim cmDsql As MySqlCommand
mysqlConn = New MySqlConnection
mysqlConn.ConnectionString = "server=localhost;user=root;password=root;database=dbsample"
Dim rdr As MySqlDataReader
Try
mysqlConn.Open()
Dim sqlQuery As String
sqlQuery = "INSERT INTO dbsample.tblsample (clName,clAge,clAddress) values ('" & txtName.Text & "','" & txtAge.Text & "','" & txtAddress.Text & "')"
cmDsql = New MySqlCommand(sqlQuery, mysqlConn)
rdr = cmDsql.ExecuteReader
MessageBox.Show("Data Saved")
txtName.Clear()
txtAge.Clear()
txtAddress.Clear()
mysqlConn.Close()
Catch ex As Exception
MessageBox.Show(ex.Message)
Finally
mysqlConn.Dispose()
End Try
End Sub
這是第二個......
Sub saveData2()
Dim mysqlconn As New MySqlConnection
mysqlconn = New MySqlConnection
mysqlconn.ConnectionString = "server=localhost;user=root;password=root;database=dbsample"
Dim cmdsql As MySqlCommand
Dim sqlQuery As String
Dim fName As String = txtName.Text
Dim fAge As Integer = txtAge.Text
Dim fAdd As String = txtAddress.Text
sqlQuery = "INSERT INTO dbsample.tblsample (clName,clAge,clAddress) VALUES (@clName,@clAge,@clAddress)"
cmdsql = New MySqlCommand(sqlQuery, mysqlconn)
Try
mysqlconn.Open()
With cmdsql.CommandText = sqlQuery
cmdsql.Connection = mysqlconn
cmdsql.Parameters.AddWithValue("@clName", fName)
cmdsql.Parameters.AddWithValue("@clAge", fAge)
cmdsql.Parameters.AddWithValue("@clAddress", fAge)
cmdsql.ExecuteNonQuery()
MessageBox.Show("Data Saved")
txtName.Clear()
txtAge.Clear()
txtAddress.Clear()
End With
Catch ex As Exception
MessageBox.Show(ex.Message)
Finally
mysqlconn.Close()
End Try
End Sub
這兩個代碼都成功地保存在MySQL數據庫的數據...我只是想知道什麼是差異e之間這些和他們的格式在連接數據庫意味着什麼,可有人請爲我解釋這兩個代碼..請原諒我的無知:)在此先感謝...
不同的是,第一個容易受到SQL注入,因此超級糟糕。不要從用戶輸入構建查詢。 – Ryan
我明白了...嗯..在第二個代碼中,我遇到了淨避免「.addWithValue」這是什麼意思,爲什麼它應該被避免的一些信息..謝謝... –
的http://博客.msmvps.com/jcoehoorn /博客/ 2014/05/12 /可-WE-停止使用,addwithvalue-已經/。是。爲你插入的內容使用適當的'SqlDbType'。 (另外,爲你的項目開啓'Option Strict'。) – Ryan