Din*_*lot 0 c# sql-server-2005 visual-studio-2010
我在数据库中插入图像的代码如下:
MemoryStream ms =new MemoryStream();
byte[] PhotoByte=null;
PhotoByte=ms.ToArray();
pictureBox1.Image.Save(ms, ImageFormat.Jpeg);
PhotoByte =ms.ToArray();
Str = "insert into Experimmm Values('" + PhotoByte + "','" + textBox1.Text + "')";
Conn.Open();
cmd.Connection = Conn;
cmd.CommandText = Str;
cmd.ExecuteNonQuery();
Conn.Close();
哪个进展顺利.我可以在ma数据库表中看到二进制数据,比如<Binary Data>
我的代码检索数据是:
Str ="select * from Experimmm where id = '" +textBox2.Text + "'";
Conn.Open();
cmd.Connection = Conn;
cmd.CommandText = Str;
dr = cmd.ExecuteReader();
if (dr.Read())
{ label1.Text = dr.GetValue(1).ToString();
byte[] PhotoByte = (byte[])dr.GetValue(0);
MemoryStream mem = new MemoryStream(PhotoByte, 0, PhotoByte.Length);
//but an error takes place on next line "Parameter is not valid."
pictureBox2.Image = Image.FromStream(mem);
} Conn.Close();
我正在使用visual studio 10,C#,sql server 2005
您的代码有几个问题.我会逐行解决这个问题:
MemoryStream ms =new MemoryStream();
byte[] PhotoByte=null;
PhotoByte=ms.ToArray();
pictureBox1.Image.Save(ms, ImageFormat.Jpeg);
PhotoByte =ms.ToArray();
虽然这不是问题,但你在这里有不必要的任务.上面的代码可以这样写得更清楚:
MemoryStream ms =new MemoryStream();
pictureBox1.Image.Save(ms, ImageFormat.Jpeg);
byte[] PhotoByte =ms.ToArray();
接下来,以下代码不使用参数.始终,始终,始终参数化您的SQL查询,而不是动态构建SQL.不,认真,永远.是的,即便如此.(另外,Str变量是什么?某种重用的实例变量?不要这样做.)
Str = "insert into Experimmm Values('" + PhotoByte + "','" + textBox1.Text + "')";
Conn.Open();
cmd.Connection = Conn;
cmd.CommandText = Str;
cmd.ExecuteNonQuery();
Conn.Close();
相反,它应该是这样的:
Conn.Open();
using(SqlCommand cmd = connection.CreateCommand())
{
cmd.CommandText = "insert into Experimmm (column list) values(@data, @name)";
cmd.Parameters.Add("@data", SqlDbType.VarBinary).Value = PhotoByte;
cmd.Parameters.Add("@name", SqlDbType.VarChar, yourlength).Value = textBox1.Text;
cmd.ExecuteNonQuery();
}
Conn.Close();
接下来,我们将继续您的检索.再次使用Str变量,不要做这种事情.此外,您还需要参数化此查询.
byte[] data;
string name;
Conn.Open();
using(SqlCommand cmd = Conn.CreateCommand())
{
cmd.CommandText = "select column_list from Experimmm where id = @id";
cmd.Parameters.Add("@id", SqlDbType.VarChar, field_length).Value = textBox2.Text;
using(SqlDataReader dr = cmd.ExecuteReader())
{
if (dr.Read())
{
data = (byte[])dr.GetValue(0);
name = (string)dr.GetValue(1);
}
}
}
Conn.Close();
label1.Text = name;
pictureBox2.Image = Image.FromStream(new MemoryStream(data));
| 归档时间: |
|
| 查看次数: |
13531 次 |
| 最近记录: |