im quite new to programming and c#/ssms and i wanted to insert data into a table i created in ssms with a program in c#. So this is my code right now. it works somehow, but it doesnt insert the data into the table in ssms. The part above "myConnection.Open();" is fine, its just about the rest.
using (SqlConnection myConnection = new SqlConnection(conString))
{
using (SqlCommand myCommand = new SqlCommand(sqlStatement, myConnection))
{
myConnection.Open();
SqlCommand MyCommand = new SqlCommand("Insert Into Artikel (Artikelnummer, Bezeichnung, Lieferant, Einkaufspreis, Verkaufspreis, Rabatt) VALUES ('" + textBox1.Text + "', '" + textBox2.Text + "', '" + textBox3.Text + "', '" + textBox4.Text + "', '" + textBox5.Text + "', '" + textBox6.Text + "')");
myCommand.ExecuteNonQuery();
myConnection.Close();
hope you can help me, thanks.
You're not executing this sentence:
SqlCommand MyCommand = new SqlCommand("Insert Into Artikel (Artikelnummer, Bezeichnung, Lieferant, Einkaufspreis, Verkaufspreis, Rabatt) VALUES ('" + textBox1.Text + "', '" + textBox2.Text + "', '" + textBox3.Text + "', '" + textBox4.Text + "', '" + textBox5.Text + "', '" + textBox6.Text + "')");
Because you declared the variable before with a different name:
using (SqlCommand myCommand = new SqlCommand(sqlStatement, myConnection))
In order to work, you firstly need to declare the SQL Statement and later execute it:
string sqlStatement = "Insert Into Artikel (Artikelnummer, Bezeichnung, Lieferant, Einkaufspreis, Verkaufspreis, Rabatt) VALUES ('" + textBox1.Text + "', '" + textBox2.Text + "', '" + textBox3.Text + "', '" + textBox4.Text + "', '" + textBox5.Text + "', '" + textBox6.Text + "')";
using (SqlConnection myConnection = new SqlConnection(conString))
{
using (SqlCommand myCommand = new SqlCommand(sqlStatement, myConnection))
{
myConnection.Open();
myCommand.ExecuteNonQuery();
myConnection.Close();
}
}
I think it should work with this change. Also, for the near future, I recommend you Entity Framework, it's going to help you a lot in your programming career:
http://www.tutorialspoint.com/entity_framework/
Also, you should avoid this code and you are going to avoid SQL Injections, you can do something like this:
string sqlStatement = "Insert Into Artikel (Artikelnummer, Bezeichnung, Lieferant, Einkaufspreis, Verkaufspreis, Rabatt) VALUES (@val1, @val2, @val3, @val4, @val5, @val6)";
using (SqlConnection myConnection = new SqlConnection(conString))
{
using (SqlCommand myCommand = new SqlCommand(sqlStatement, myConnection))
{
myConnection.Open();
myCommand.Parameters.Add(new SqlParameter("@val1", SqlDbType.VarChar, 200){Value = textBox1.Text ?? (object) System.DBNull.Value});
myCommand.Parameters.Add(new SqlParameter("@val2", SqlDbType.VarChar, 200){Value = textBox2.Text ?? (object) System.DBNull.Value});
myCommand.Parameters.Add(new SqlParameter("@val3", SqlDbType.VarChar, 200){Value = textBox3.Text ?? (object) System.DBNull.Value});
myCommand.Parameters.Add(new SqlParameter("@val4", SqlDbType.VarChar, 200){Value = textBox4.Text ?? (object) System.DBNull.Value});
myCommand.Parameters.Add(new SqlParameter("@val5", SqlDbType.VarChar, 200){Value = textBox5.Text ?? (object) System.DBNull.Value});
myCommand.Parameters.Add(new SqlParameter("@val6", SqlDbType.VarChar, 200){Value = textBox6.Text ?? (object) System.DBNull.Value});
myCommand.ExecuteNonQuery();
myConnection.Close();
}
}