1. 技术文章
  2. Return value of a select statement

Return value of a select statement

旧街凉风 提交于 2019-11-29 00:27:20
Soner Gönül

Use ExecuteReader() and not ExecuteNonQuery(). ExecuteNonQuery() returns only the number of rows affected.

try
{
    SqlDataReader dr = cmd1.ExecuteReader();
}
catch (SqlException oError)
{

}
while(dr.Read())
{
    string treatment = dr[0].ToString();
}

Or better, use a using statement for it.

using(SqlDataReader dr = cmd1.ExecuteReader())
{
    while(dr.Read())
    {
        string treatment = dr[0].ToString();
    }
}

But if your SqlCommand returns only 1 column, you can use the ExecuteScalar() method. It returns first column of the first row as follows:-

cmd.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
string str = Convert.ToString(cmd.ExecuteScalar());

Also you can open your code to SQL Injection. Always use parameterized queries. Jeff has a cool blog article called Give me parameterized SQL, or give me death. Please read it carefully. Also read DotNetPerl SqlParameter article. SQL Injection very important when you are working queries.

Execute Scalar: Getting Single Value from the Database method to retrieve a single value (for example, an aggregate value) from a database.

cmd1.Connection = GetConnection();
cmd1.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
if(cmd.ExecuteScalar()==null)
{
    var treatment = cmd.ExecuteScalar();
}

Other Way: ExecuteReader()

try
{
    cmd1.CommandText ="SELECT treatment FROM appointment WHERE patientid=@patientID";
    cmd1.Parameters.AddWithValue("@patientID", this.DropDownList1.SelectedValue);

    conn.Open();
    SqlDataReader dr = cmd1.ExecuteReader();
    while (dr.Read())
    {
        int PatientID = int.Parse(dr["treatment"]);
    }
    reader.Close();
    ((IDisposable)reader).Dispose();//always good idea to do proper cleanup
}
catch (Exception exc)
{
    Response.Write(exc.ToString());
}

the answer: 

String res = cmd1.ExecuteScalar();

the remark: use parametrized query to prevent sql injection

You just need to use the ExecuteScalar method of the command - this will give you the value at the first row and column of the result set.

OleDbCommand cmd1 = new OleDbCommand();
cmd1.Connection = GetConnection();
cmd1.CommandText = "SELECT treatment FROM appointment WHERE patientid = " + text;
var result = cmd1.ExecuteScalar();

If your SQL statement returns more than one row/column then you can use ExecuteReader().

You need to use OleDbAdapter. 

string connection = "your connection";
string query = "SELECT treatment FROM appointment WHERE patientid = " + text;
OleDbConnection conn = new OleDbConnection(connection);
OleDbDataAdapter adapter = new OleDbDataAdapter();
adapter.SelectCommand = new OleDbCommand(query, conn);
adapter.Fill(dataset);

There is a lot wrong with your example code.

  1. You have inline sql, which opens you up to sql injection in a major way.

  2. You are using ExecuteNonQuery() which means you get no data back.

     string sSQL = "SELECT treatment FROM appointment WHERE patientid = @patientId";
 OleDbCommand cmd1 = new OleDbCommand(sSQL, GetConnection()); // This may be slight different based on what `GetConnectionReturns`, just put the connection string in the second parameter.


    cmd1.Parameters.AddWithValue("@patientId", text);
    SqlDataReader reader = cmd1.ExecuteReader();
    string returnValue;
    while(reader.Read())
    {
       returnValue = reader[0].ToString();
    }

SqlConnection dbConnect = new SqlConnection("your SQL connection string");    
string name = " 'ProjectName' ";
string strPrj = "Select e.type, (e.surname +' '+ e.name) as fulln from dbo.tblEmployees e where id_prj = " + name;
        SqlCommand sqlcmd = new SqlCommand(strPrj, dbConnect);
        SqlDataAdapter sda = new SqlDataAdapter(strPrj, dbConnect);
        ds = new DataSet();
        sda.Fill(ds);
        dbConnect.Open();
        sqlcmd.ExecuteNonQuery();
        dbConnect.Close();
标签
c#
.net
ms-access
select
oledb
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!