您的位置:首页 > 数据库

参数化Sql向数据库插入一条数据

2013-05-26 15:48 85 查看 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<script type="text/javascript">
function gel(id) {
return document.getElementById(id);
}
function DoAdd() {
//            var uName = gel("txtName").value;
//            var uPwd = gel("txtPwd").value;
//            var uCName = gel("txtCNName").value;
//            var uCNo = gel("txtClassNo").value;
//判断数据是否符合要求
//gel("myForm").action = "";
gel("myForm").submit();
}
</script>
</head>
<body>
<center>
<form  id = "myForm" method="post" action="Add.ashx">
<table style="width: 100%;">
<tr>
<td>
CilentID:
</td>
<td>
<input type="text" id="txtID" name="txtID"/>
</td>
</tr>
<tr>
<td>
ClientName:
</td>
<td>
<input  type="text"  id="txtName" name ="txtName"/>
</td>
</tr>
<tr>
<td>
AddressStr:
</td>
<td>
<input  type="text" id="txtAddr" name="txtAddr"/>
</td>
</tr>
<tr>
<td>
PostCode:
</td>
<td>
<input  type="text" id="txtPost"  name="txtPost"/>
</td>
</tr>
<tr>
<td>
Telphone:
</td>
<td>
<input  type="text"  id="txtPhone" name="txtPhone"/>
</td>
</tr>
<tr>
<td>
Email:
</td>
<td>
<input  type="text" id="txtEmail" name="txtEmail"/>
</td>
</tr>
<tr>
<td colspan="2">
<input type="submit" onclick="DoAdd()" value="提交" />
</td>
</tr>

</table>
</form>
</center>
</body>
</html>


后台.ashx文件代码

<%@ WebHandler Language="C#" Class="Add" %>

using System;
using System.Web;

using System.Data;
using System.Data.SqlClient;

public class Add : IHttpHandler {

public void ProcessRequest (HttpContext context) {
//context.Response.ContentType = "text/plain";
//context.Response.Write("Hello World");
//int  ClientID = Convert.ToInt32(context.Request.Form["txtID"]);
int result = 0;
string ClientName = context.Request.Form["txtName"];
string AddressStr = context.Request.Form["txtAddr"];
string PostCode = context.Request.Form["txtPost"];
string TelPhone = context.Request.Form["txtPhone"];
string Email = context.Request.Form["txtEmail"];
//context.Response.Write("11"+ClientName+AddressStr+PostCode+TelPhone+Email);

//链接数据库
string connectionStr = "Data Source=PC--20130405SCI\\YAOSIR;Initial Catalog=Clients;User ID= sa;Password=123456";

try
{
SqlConnection conn = new SqlConnection(connectionStr);
conn.Open();
string sqlStr = "insert into OrderClient(ClientName,AddressStr,PostCode,Telephone,Email) values(@ClientName,@AddressStr,@PostCode,@Telephone,@Email)";
SqlCommand cmd = new SqlCommand(sqlStr, conn);
SqlParameter[] parames = {
// new SqlParameter("@id",ClientID),
new SqlParameter("@ClientName",ClientName),
new SqlParameter("@AddressStr",AddressStr),
new SqlParameter("@PostCode",PostCode),
new SqlParameter("@Telephone",TelPhone),
new SqlParameter("@Email",Email)
};

cmd.Parameters.AddRange(parames);

result = cmd.ExecuteNonQuery();
}
catch (Exception)
{

throw;
}
if (result != 0)
{
context.Response.Write("插入成功!");
}
else
{
context.Response.Write("插入失败!");
}
}

public bool IsReusable {
get {
return false;
}
}

}


注意Table要位于form表单内才能提交数据到服务器端交给.ashx处理,要提交的数据要包含name属性!
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航