我的应用程序中有100%的临时sql.我的朋友建议我转换为存储过程以获得额外的性能和安全性.这提出了一个问题,除了速度和安全性之外还有其他任何理由坚持使用ad hoc sql查询吗?
我正在尝试将用户输入的值/文本从文本框添加到我的数据库中.
目前我无法获取将值插入sqldatabase的代码.
这是我的aspx代码
<asp:TextBox ID="txt_WineName" runat="server" PlaceHolder="WineName" />
<asp:TextBox ID="txt_WineYear" runat="server" PlaceHolder="WineYear" />
<asp:TextBox ID="txt_WinePrice" runat="server" PlaceHolder="WinePrice" />
<asp:TextBox ID="txt_WineType" runat="server" PlaceHolder="WineType" />
<asp:Button ID="btn_AddWine" runat="server" Text="Add" />
这是我的C#代码:
protected void btn_AddWine(object sender, EventArgs e)
{
using (SqlConnection connection = new SqlConnection("Data Source=PCM13812;Initial Catalog=Kronhjorten;Integrated Security=True"))
{
connection.Open();
string query = "SELECT * FROM Wines";
using (SqlCommand command = new SqlCommand(query, connection))
{
using (SqlDataReader reader = command.ExecuteReader())
{
while (reader.Read())
{
string Name = txt_WineName.Text;
string Year = txt_WineYear.Text;
string …