发表新帖
发表新帖

Check if record in a table exist in a database through ExecuteNonQuery

前端 未结
关注
5 454
心在旅途
心在旅途 2020-12-03 14:06

in my program i need to check if a record in the database already exists in the table using the if statement. using c# i am trying to do this through an sql con

相关标签:
5条回答
  • 一个人的身影
    2020-12-03 14:29

    If someday you want to use EF just do:

    private MyDb db = new MyDb();

public bool UserExists(string userName, string password){

   return db.Users.Any(x => x.user_name.Equals(userName, StringComparison.InvariantCultureIgnoreCase)
                         && x.password.Equals(password, StringComparison.InvariantCultureIgnoreCase));
}

    Or do a generic method, so you can handle multiple entites:

    public bool EntityExists<T>(Expression<Func<T, bool>> predicate) where T : class, new()
{
   return db.Set<T>().Any(predicate);
}

    Usage:

    EntityExists<Users>(x => x.user_name.Equals(userName, StringComparison.InvariantCultureIgnoreCase)
                      && x.password.Equals(password, StringComparison.InvariantCultureIgnoreCase));
    0 讨论(0)
  • 自闭症患者
    2020-12-03 14:30

    You should do a count(1) on the table instead of a select * and then executescalar to get that integer value.

    Using your existing code I would change it to be:

    using (SqlConnection sqlConnection = dbUtil.GetSqlConnection(dbUtil.GetConnectionStringByName("NonConnectionString")))
        {
            using (SqlCommand sqlCommand = new SqlCommand("SELECT count(1) from users where user_name = 'Adam' AND password = '123456'", sqlConnection))
            {
                sqlresult = sqlCommand.ExecuteNonQuery();
            }
        }

    Please note that I have used equals values instead of like values.

    Also if I were do to this I would change your inline sql to use a stored procedure.

    0 讨论(0)
  • 鱼传尺愫
    2020-12-03 14:31

    If you want to check if the user exists, you have to change your sql and use COUNT or EXISTS:

    So instead of 

    SELECT * from users where user_name like 'Adam' AND password like '123456'

    this

    SELECT COUNT(*) from users where user_name like 'Adam' AND password like '123456'

    Now you can use ExecuteScalar to retrieve the count of users with this username and password:

    int userCount = (int) sqlCommand.ExecuteScalar();
if(userCount > 0)
    // user exists ....

    Note that you should use sql-parameters to prevent sql-injection:

    using (SqlCommand sqlCommand = new SqlCommand("SELECT COUNT(*) from users where user_name like @username AND password like @password", sqlConnection))
{
    sqlConnection.Open();
    sqlCommand.Parameters.AddWithValue("@username", userName);
    sqlCommand.Parameters.AddWithValue("@password", passWord);
    int userCount = (int) sqlCommand.ExecuteScalar();
    ...
}
    0 讨论(0)
  • 孤街浪徒
    2020-12-03 14:31

    You should be using ExecuteScalar for cheking if the record exists. ExecuteNonQuery runs a transact-SQL statement against the connection and returns the number of rows affected for an UPDATE, INSERT, or DELETE. It doesn't apply for SELECT statements

    0 讨论(0)
  • 时光说笑
    2020-12-03 14:54

    I would use Select Top 1 Id rather than the count(*) because it can be much faster

    0 讨论(0)
 看不清?
提交回复
热议问题