問題描述

我對以下問題感到困惑；

I am confused by the following issue;

我有一個 C# (WindowsForms) 應用程序，我連接到 SQL Server 數據庫，并且在我開始使用數字數據之前，插入、選擇、更新都沒有問題；

I have a C# (WindowsForms) application which I connect to a SQL Server DB and have no problem to INSERT, SELECT, UPDATE... until I started to work with numerical data;

此應用程序的目的是管理員工、他們的合同、工作費率、合同期限、小時費率......并用它來做一些有趣的計算，沒什么魔法.

Purpose of this application is to manage employees, their contracts, rate of work, contracts durations, hourly rates... and do some funny calculations with that, nothing magic.

基本上，我需要在我的數據庫中存儲一些格式為0000,0000"的值(十進制?雙精度?浮點數?).

Basically, I need to store some values (decimal? double? float?) with the format "0000,0000" in my DB.

• 在我的數據庫中，我已將我的表設置為我需要將這些000,0000"值設為十進制的所有列

• In my DB, I have set my table with all columns where I require these "000,0000" values to decimal

在我的表單中，我沒有為我的文本框指定任何特定屬性，

In my forms, I haven't specified any specific properties to my textboxes,

為了插入，我使用了我定義了十進制參數的方法

To insert I use a method for which I defined decimal arguments

    public void createNewContract(int employeeId, string agency, string role, string contractType, string startDate,
    string endDate, string lineManager, string reportTo, string costCenter, string functionEng, string atrNo, string atrDate, string prNo, string prDate,
    string poNo, string poDate, string comments, decimal duration, decimal workRatePercent, string currency, decimal hourlyRate, decimal value)
{
    if (conn.State.ToString() == "Closed")
    {
        conn.Open();
    }
    SqlCommand newCmd = conn.CreateCommand();
    newCmd.Connection = conn;
    newCmd.CommandType = CommandType.Text;
    newCmd.CommandText = "INSERT INTO tblContracts (CreatedById, CreationDate, EmployeeId, Role, ContractType, StartDate, "
    + "EndDate, Agency, LineManager, ReportTo, CostCenter, FunctionEng, AtrNo, AtrDate, PrNo, PrDate, PoNo, PoDate, Comments, Duration, WorkRatePercent, Currency, HourlyRate, Value)"
    + "VALUES ('" + connectedUser.getUserId() + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm:ss") + "','" + employeeId + "','" + role + "','" + contractType
    + "','" + startDate + "','" + endDate + "','" + agency + "','" + lineManager + "','" + reportTo + "','" + costCenter + "','" + functionEng + "','" + atrNo + "','" + atrDate + "','" + prNo
     + "','" + prDate + "','" + poNo + "','" + poDate + "','" + comments + "','" + duration + "','" + workRatePercent + "','" + currency + "','" + hourlyRate + "','" + value + "')";
    newCmd.ExecuteNonQuery();
    MessageBox.Show("Contract has been successfully created", "Completed", MessageBoxButtons.OK, MessageBoxIcon.Information);
}

(通過這種方法，我只需要插入00,0000作為持續時間(nb小時)，工作率百分比，每小時費率(貨幣貨幣)和價值(貨幣貨幣))

(through this method, I only need to insert as 00,0000 a duration (nb hours), workrate percentage, an hourly rate (money in a currency) and a value (money in a currency))

• 為了捕獲我的文本框值并通過我的方法createNewContrat"發送它們，我嘗試過Convert.ToDecimal(this.txtDuration.Text) 和許多其他對我來說似乎不錯的東西，但我無法理解機制，我當然沒有使用最實用/最聰明的解決方案......

我不斷收到以下錯誤；

System.FormatException: Le format de la cha?ne d'entrée est 不正確.= 輸入/輸入字符串的格式不正確
à System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal)
à System.Number.ParseDecimal(String value, NumberStyles options, NumberFormatInfo numfmt)
à System.Convert.ToDecimal(String value)

你會推薦什么?

推薦答案

首先，在處理SqlConnection和SqlCommandusing> 和所有其他實現 IDisposable 的類只需閱讀更多相關信息..

First of all, Always use using when dealing with SqlConnection and SqlCommand and all other classes that implements IDisposable just read more about it..

第二件事，始終將參數與 SqlCommand 一起使用，并且永遠不要將值作為字符串傳遞給 sql 字符串.這是一個嚴重的安全問題.除了這些參數之外，還可以讓您的代碼人性化！

Second thing, Always use parameters with SqlCommand and never pass the values as a string to the sql string. This is a serious security issue. In addition to that parameters makes your code human friendly!

// Always use (using) when dealing with Sql Connections and Commands
using (sqlConnection conn = new SqlConnection())
{
    conn.Open();

    using (SqlCommand newCmd = new SqlCommand(conn))
    {
        newCmd.CommandType = CommandType.Text;

        newCmd.CommandText = 
              @"INSERT INTO tblContracts (CreatedById, CreationDate, EmployeeId, Role, ContractType, StartDate, EndDate, Agency, LineManager, ReportTo, CostCenter, FunctionEng, AtrNo, AtrDate, PrNo, PrDate, PoNo, PoDate, Comments, Duration, WorkRatePercent, Currency, HourlyRate, Value) 
              VALUES (@UserID, @CreationDate, @EmployeeID, @Role.....etc)";

        // for security reasons (Sql Injection attacks) always use parameters
        newCmd.Parameters.Add("@UserID", SqlDbType.NVarChar, 50)
             .Value = connectedUser.getUserId();

        newCmd.Parameters.Add("@CreationDate", SqlDbType.DateTime)
             .Value = DateTime.Now;

        // To add a decimal value from TextBox
        newCmd.Parameters.Add("@SomeValue", SqlDbType.Decimal)
             .Value = System.Convert.ToDecimal(txtValueTextBox.Text);

        // complete the rest of the parameters
        // ........

        newCmd.ExecuteNonQuery();

        MessageBox.Show("Contract has been successfully created", "Completed", MessageBoxButtons.OK, MessageBoxIcon.Information);
    }
}

這篇關于從文本框值插入數字(十進制)數據的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！