private void button14_Click(object sender, EventArgs e)
{
if (openFileDialog1.ShowDialog() == System.Windows.Forms.DialogResult.OK)
{
string c = openFileDialog1.FileName;
string connString = "Server=Localhost;Database=test;Uid=root;password=root;";
MySqlConnection conn = new MySqlConnection(connString);
MySqlCommand command = conn.CreateCommand();
command.CommandText = ("Insert into data (path) values('" + c + "')");
conn.Open();
command.ExecuteNonQuery();
conn.Close();
MessageBox.Show("Success");
}
}
这段代码对我有用,但不幸的是,存储在数据库中的路径不正确..存储的路径就像this(C:Users hesisDesktopREDEFENSEResourcesImagesRED1f.png),它应该像this(C:P/Users/thesis/Desktop..../1f.png).
但当我用这段代码检查"sr"值时... msgbox显示正确..
private void button14_Click(object sender, EventArgs e)
{
if (openFileDialog1.ShowDialog() == System.Windows.Forms.DialogResult.OK)
{
MessageBox.Show(openFileDialog1.FileName);
}
}
为什么会发生呢?
也许MySQL认为"\"字符是一个转义符,所以这就是它在字符串中不包含它的原因.尝试
c.Replace(@"\", @"\\")
插入时,转义字符将被转义.
编辑:例如,像这样替换命令文本初始化行.还为单引号添加转义.
string escapedPath = c.Replace(@"\", @"\\").Replace("'", @"\'");
command.CommandText = ("Insert into data (path) values('" + escapedPath + "')");
编辑:使用参数化查询,请参阅@ Matthew的答案,了解更多"最佳实践"解决方案.