Adekolurejo wrote:this line of code "Values (@firstParam, @secondParam)",
@firstParam will this be the name of the first textbox and @secondParam the name of the second textbox etc.
In the SQL String @firstParam and @secondParam match up with whatever parameters you add to the Parameters collection. This can be anything you define. It doesn't have to be values from user controls. (See the lines with Parameters.AddWithValue)
Adekolurejo wrote:Also myCommand.Parameters.AddWithValue("@firstParam", myStringValue); myStringValue will be if am getting string from the textbox.
myStringValue is just a string value, it doesn't have to come from a control. The database command doesn't know anything about controls (like, for example, a text box). It just knows about data.
You can create a string and populate it with the value from a textbox if that's what you need it to be.
Okay - Let's step back and show the whole thing from text box to database. NOTE: that this example shows everything in one place. This is generally considered poor practice, but as you are only just starting I'll not burden you with the principles of layered archtecture and the single responsiblity principle and so on. (Just be aware they exist and one day you'll have to learn about them)
So, let's say you have a form with two text boxes, one for a name, and one for an age. Lets call them
The user can enter information in these text boxes and press a button that addes them to the database.
First, we need to get the data from the text boxes into a form we can use.
string name = NameTB.Text;
int age = Convert.ToInt32(AgeTB.Text);
Since text boxes only deal with strings we have to convert the string into a number (an Int32 - a 32bit integer)
Now, we need to set up the database connection and command in order to insert this. I'll assume you already have a connections string to your database, I've called it
myConnectionString for this example.
SqlConnection myConnection = new SqlConnection(myConnectionString);
SqlCommand myCommand = new SqlCommand("INSERT Person(NameField, AgeField) "+
VALUES (@nameParam, @ageParam)", myConnection);
I've now set up the SQL Command with an insert statement. I've assumed there is a table called
Person and it has two columns called
AgeField. I'm also going to insert the values via parameters, which I've indicated with
@ageParam. SQL Server requires that all parameter names start with an @ symbol. Other databases may vary.
I've now added the parameters into the SQL command. I've given it each parameter with the value we got earlier. Finally:
This opens the connection, runs the INSERT statement and closes the connection again. I'm using
ExecuteNonQuery because we don't expect any results back from SQL Server. If we were expecting data back (e.g. because we were using a SELECT statement) we could use ExecuteReader (for many rows/columns) or ExecuteScalar (for a single value).
I hope this helps.
Man who stand on hill with mouth open wait long time for roast duck to drop in
General News Suggestion Question Bug Answer Joke Praise Rant Admin
Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.