{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 霸刀☆藐视天下 的问题《C# with MySQL INSERT parameters》','https://www.manongdao.com/q-77676.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Good day to all, I'm using Visual C# 2010 and MySQL Version 5.1.48-community. I hope you can help me with this code. I don't find it working on me. What am I missing?
string connString = ConfigurationManager.ConnectionStrings["default"].ConnectionString;
MySqlConnection conn = new MySqlConnection(connString);
conn.Open();
MySqlCommand comm = conn.CreateCommand();
comm.CommandText = "INSERT INTO room(person,address) VALUES(@person, @address)";
comm.Parameters.Add("@person", "Myname");
comm.Parameters.Add("@address", "Myaddress");
comm.ExecuteNonQuery();
conn.Close();
And when I try to compile it. It says:
Person column cannot be null
EDITED:
But when I try this code.
comm.CommandText = "INSERT INTO room(person,address) VALUES('Myname', 'Myaddress')";
But this code is prone to sql injection attack but it works, doesn't gives me an error.
EDITED:
I tried to use this. I found it here so I thought It would work but gives me this error
Index (zero based) must be greater than or equal to zero and less than the size of the argument list.
Any idea?
string a = "myname";
MySqlCommand cmd = new MySqlCommand();
cmd.Connection = conn;
cmd.CommandText = "INSERT INTO room(person,address) VALUES(?,?)";
//cmd.Prepare();
cmd.Parameters.Add("person", MySqlDbType.VarChar).Value = a;
cmd.Parameters.Add("address", MySqlDbType.VarChar).Value = "myaddress";
cmd.ExecuteNonQuery(); // HERE I GOT AN EXCEPTION IN THIS LINE
Any help would be much appreciated.
EDITED: SOLVED I used this code:
cmd.CommandText = "INSERT INTO room(person,address) VALUES(?person,?address)";
cmd.Parameters.Add("?person", MySqlDbType.VarChar).Value = "myname";
cmd.Parameters.Add("?address", MySqlDbType.VarChar).Value = "myaddress";
cmd.ExecuteNonQuery();
Thanks SO!
Three things: use the
usingstatement, useAddWithValueand prefix parameters with ? and addAllow User Variables=Trueto the connection string.Also see http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.parameters.aspx for more information about the command usage, and http://dev.mysql.com/doc/refman/5.1/en/connector-net-connection-options.html for information about the Allow User Variables option (only supported in version 5.2.2 and above).
I was facing very similar problem while trying to insert data using mysql-connector-net-5.1.7-noinstall and Visual Studio(2015) in Windows Form Application. I am not a C# guru. So, it takes around 2 hours to resolve everything.
The following code works lately:
Try adjusting the code at "SqlDbType" to match your DB type if necessary and use this code:
or:
That should work but remember with Command.Parameters.Add(), you can define the specific SqlDbType and with Command.Parameters.AddWithValue(), it will try get the SqlDbType based on parameter value implicitly which can break sometimes if it can not implicitly convert the datatype.
Hope this helps.
try this it is working
You may use
AddWithValuemethod like:OR
Try with
?instead of@, like:Hope it helps...
I had the same issue -- Finally tried the ? sigil instead of @, and it worked.
According to the docs:
Really? Why don't you just throw an exception if someone tries to use the so called old syntax? A few hours down the drain for a 20 line program...
MySQL::MySQLCommand