|
 |
| |
อยากจะให้ช่วยดูโค้ด C# ให้หน่อยอะค่ะ คือมัน Connect Database sql 2008 ไม่ได้ ไม่รู้อะไรผิดอะไรยังไง |
| |
 |
|
|
 |
 |
|
ตามนี้เลยอะค่ะ ชื่อดาต้าเบสว่า BTmart
Code (C#)
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;
using System.Data;
using System.Collections;
using System.IO;
using System.Drawing;
namespace InterfaceSample
{
class ConnectDB
{
static SqlConnection conn = new SqlConnection("Data Source=localhost;Initial Catalog=BTMart;");
public static bool openconnection()
{
try
{
conn.Open();
return true;
}
catch { return false; }
}
public static bool closeconnection()
{
try
{
conn.Close();
return true;
}
catch { return false; }
}
public static bool connect(string u,string p)
{
try
{
return true;
SqlCommand sql = new SqlCommand("SELECT upper(username)+password FROM Staff s,Login l WHERE (upper(l.username) = upper('" + u + "') and s.st_id=l.st_id and (l.password='" + p + "'))", conn);
if ((string)sql.ExecuteScalar() == u.ToUpper()+p)
{
return true;
}
else { conn.Close(); return false; }
}
catch
{
Console.WriteLine("เกิดความผิดพลาดขณะตรวจสอบบุคคล");
conn.Close();
return false;
}
}
public static string getImage(string id,string type)
{
string a=null;
if (type == "Customer")
a = "cus";
if (type == "Staff")
a = "st";
if (type == "Supplier")
a = "sp";
if (type == "Product")
a = "pd";
SqlCommand sql = new SqlCommand("SELECT TOP 1 "+a+"_pic FROM "+type+" WHERE "+a+"_id = '"+id+"'", conn);
byte[] Img = (byte[])sql.ExecuteScalar();
string str = Convert.ToString(DateTime.Now.ToFileTime());
FileStream fs = new FileStream(str, FileMode.CreateNew, FileAccess.Write);
fs.Write(Img, 0, Img.Length);
fs.Flush();
fs.Close();
return str;
}
public static string getImage()
{
SqlCommand sql = new SqlCommand("SELECT TOP 1 pic FROM Defaults", conn);
byte[] Img = (byte[])sql.ExecuteScalar();
string str = Convert.ToString(DateTime.Now.ToFileTime());
FileStream fs = new FileStream(str, FileMode.CreateNew, FileAccess.Write);
fs.Write(Img, 0, Img.Length);
fs.Flush();
fs.Close();
return str;
}
public static byte[] ImageToStream(string fileName)
{
Bitmap image = new Bitmap(fileName);
MemoryStream stream = new MemoryStream();
image.Save(stream, System.Drawing.Imaging.ImageFormat.Bmp);
return stream.ToArray();
}
public static void StoreImage(string fileName,string id,string type)
{
if (type == "Customer")
{
byte[] content = ImageToStream(fileName);
SqlCommand insert = new SqlCommand(
@"UPDATE [BTMart].[dbo].[Customer] SET [cus_pic] = (@image) where cus_id = '" + id + "'", conn);
//@"UPDATE [BTMart].[dbo].[Defaults] SET [pic] = (@image)", conn);
SqlParameter imageParameter = insert.Parameters.Add("@image", SqlDbType.Binary);
imageParameter.Value = content;
imageParameter.Size = content.Length;
insert.ExecuteNonQuery();
}
else if (type == "Staff")
{
byte[] content = ImageToStream(fileName);
SqlCommand insert = new SqlCommand(
@"UPDATE [BTMart].[dbo].[Staff] SET [st_pic] = (@image) where st_id = '" + id + "'", conn);
SqlParameter imageParameter = insert.Parameters.Add("@image", SqlDbType.Binary);
imageParameter.Value = content;
imageParameter.Size = content.Length;
insert.ExecuteNonQuery();
}
else if (type == "Supplier")
{
byte[] content = ImageToStream(fileName);
SqlCommand insert = new SqlCommand(
@"UPDATE [BTMart].[dbo].[Supplier] SET [sp_pic] = (@image) where sp_id = '" + id + "'", conn);
SqlParameter imageParameter = insert.Parameters.Add("@image", SqlDbType.Binary);
imageParameter.Value = content;
imageParameter.Size = content.Length;
insert.ExecuteNonQuery();
}
else if (type == "Product")
{
byte[] content = ImageToStream(fileName);
SqlCommand insert = new SqlCommand(
@"UPDATE [BTMart].[dbo].[Product] SET [pd_pic] = (@image) where pd_id = '" + id + "'", conn);
SqlParameter imageParameter = insert.Parameters.Add("@image", SqlDbType.Binary);
imageParameter.Value = content;
imageParameter.Size = content.Length;
insert.ExecuteNonQuery();
}
}
public static int AddSupplier(Supplier sp)
{
String SqlCom = "INSERT INTO [BTMart].[dbo].[Supplier](sp_id,sp_name,sp_address,sp_tel,sp_email,sp_remark) VALUES ('" + sp.id + "','" + sp.name + "','" + sp.address + "','" + sp.tel + "','" + sp.email + "','" + sp.remark + "')";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int UpdateSupplier(Supplier sp)
{
String SqlCom = "UPDATE [BTMart].[dbo].[Supplier] SET [sp_name]='" + sp.name + "', [sp_address]='" + sp.address + "', [sp_tel]='" + sp.tel + "', [sp_email]='" + sp.email + "', [sp_remark]='" + sp.remark + "' WHERE [sp_id]='" + sp.id + "';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int DeleteSupplier(Supplier sp)
{
String SqlCom = "DELETE FROM [BTMart].[dbo].[Supplier] WHERE [sp_id]='" + sp.id + "';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static ArrayList SelectSupplier()
{
ArrayList supplier = new ArrayList();
DataTable dt = new DataTable();
String SqlCom = "SELECT * FROM Supplier";
SqlDataAdapter sa = new SqlDataAdapter(SqlCom, conn);
sa.Fill(dt);
for (int i = 0; i < dt.Rows.Count; i++)
{
Supplier sp = new Supplier();
sp.id = dt.Rows[i]["sp_id"].ToString();
sp.name = dt.Rows[i]["sp_name"].ToString();
sp.address = dt.Rows[i]["sp_address"].ToString();
sp.tel = dt.Rows[i]["sp_tel"].ToString();
sp.email = dt.Rows[i]["sp_email"].ToString();
sp.remark = dt.Rows[i]["sp_remark"].ToString();
sp.pic = (byte[])dt.Rows[i]["sp_pic"];
supplier.Add(sp);
}
return supplier;
}
public static string getSupplierByID(string id)
{
SqlCommand sql = new SqlCommand("SELECT sp_name FROM Supplier WHERE sp_id = '"+id+"'", conn);
return (string)sql.ExecuteScalar();
}
public static int DeleteProduct(Product pd)
{
String SqlCom = "DELETE FROM [BTMart].[dbo].[Product] WHERE [pd_id]='" + pd.id + "';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int UpdateProduct(Product pd)
{
String SqlCom = "UPDATE [BTMart].[dbo].[Product] SET [pd_name]='" + pd.name + "', [pd_inprice]=" + pd.inprice + ", [pd_outprice]=" + pd.outprice + ", [pd_amount]=" + pd.amount + ", [pd_indate]='" + pd.indate + "', [pd_expiredate]='" + pd.expiredate + "' , [pd_pop]=" + pd.pop + ", [pd_from]='" + pd.from +"' WHERE [pd_id]='" + pd.id + "';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int AddProduct(Product pd)
{
String SqlCom = "INSERT INTO [BTMart].[dbo].[Product](pd_id,pd_name,pd_inprice,pd_outprice,pd_amount,pd_indate,pd_expiredate,pd_pop,pd_from) VALUES ('" + pd.id + "','" + pd.name + "'," + pd.inprice + "," + pd.outprice + "," + pd.amount + ",'" + pd.indate + "','" + pd.expiredate + "',"+pd.pop+",'"+pd.from+"')";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int AddCustomer(Person cus)
{
String SqlCom = "INSERT INTO [BTMart].[dbo].[Customer](cus_id,cus_first,cus_last,cus_address,cus_tel,cus_email,cus_level) VALUES ('" + cus.id + "','" + cus.first + "','" + cus.last + "','" + cus.address + "','" + cus.tel + "','" + cus.email + "','" + cus.level + "')";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int UpdateCustomer(Person cus)
{
String SqlCom = "UPDATE [BTMart].[dbo].[Customer] SET [cus_first]='"+cus.first+"', [cus_last]='"+cus.last+"', [cus_address]='"+cus.address+"', [cus_tel]='"+cus.tel+"', [cus_email]='"+cus.email+"', [cus_level]='"+cus.level+"' WHERE [cus_id]='"+cus.id+"';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int DeleteCustomer(Person cus)
{
String SqlCom = "DELETE FROM [BTMart].[dbo].[Customer] WHERE [cus_id]='" + cus.id + "';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static ArrayList SelectCustomer()
{
ArrayList customer = new ArrayList();
DataTable dt = new DataTable();
String SqlCom = "SELECT * FROM Customer";
SqlDataAdapter sa = new SqlDataAdapter(SqlCom, conn);
sa.Fill(dt);
for (int i = 0; i < dt.Rows.Count; i++)
{
Person cus = new Person();
cus.id = dt.Rows[i]["cus_id"].ToString();
cus.first = dt.Rows[i]["cus_first"].ToString();
cus.last = dt.Rows[i]["cus_last"].ToString();
cus.address = dt.Rows[i]["cus_address"].ToString();
cus.tel = dt.Rows[i]["cus_tel"].ToString();
cus.email = dt.Rows[i]["cus_email"].ToString();
cus.level = dt.Rows[i]["cus_level"].ToString();
cus.pic = (byte[])dt.Rows[i]["cus_pic"];
customer.Add(cus);
}
return customer;
}
public static ArrayList SelectProductBySupplier()
{
ArrayList product = new ArrayList();
DataTable dt = new DataTable();
String SqlCom = "SELECT * FROM Product WHERE pd_from = '"+fmBuying.txt_spid.Text+"'";
SqlDataAdapter sa = new SqlDataAdapter(SqlCom, conn);
sa.Fill(dt);
for (int i = 0; i < dt.Rows.Count; i++)
{
Product pd = new Product();
pd.id = dt.Rows[i]["pd_id"].ToString();
pd.name = dt.Rows[i]["pd_name"].ToString();
pd.inprice = float.Parse(dt.Rows[i]["pd_inprice"].ToString());
pd.outprice = float.Parse(dt.Rows[i]["pd_outprice"].ToString());
pd.amount = Int32.Parse(dt.Rows[i]["pd_amount"].ToString());
pd.indate = (DateTime)dt.Rows[i]["pd_indate"];
pd.expiredate = int.Parse(dt.Rows[i]["pd_expiredate"].ToString());
pd.pop = Int32.Parse(dt.Rows[i]["pd_pop"].ToString());
pd.from = dt.Rows[i]["pd_from"].ToString();
pd.pic = (byte[])dt.Rows[i]["pd_pic"];
product.Add(pd);
}
return product;
}
public static ArrayList SelectProduct()
{
ArrayList product = new ArrayList();
DataTable dt = new DataTable();
String SqlCom = "SELECT * FROM Product";
SqlDataAdapter sa = new SqlDataAdapter(SqlCom, conn);
sa.Fill(dt);
for (int i = 0; i < dt.Rows.Count; i++)
{
Product pd = new Product();
pd.id = dt.Rows[i]["pd_id"].ToString();
pd.name = dt.Rows[i]["pd_name"].ToString();
pd.inprice = float.Parse(dt.Rows[i]["pd_inprice"].ToString());
pd.outprice = float.Parse(dt.Rows[i]["pd_outprice"].ToString());
pd.amount = Int32.Parse(dt.Rows[i]["pd_amount"].ToString());
pd.indate = (DateTime)dt.Rows[i]["pd_indate"];
pd.expiredate = int.Parse(dt.Rows[i]["pd_expiredate"].ToString());
pd.pop = Int32.Parse(dt.Rows[i]["pd_pop"].ToString());
pd.from = dt.Rows[i]["pd_from"].ToString();
pd.pic = (byte[])dt.Rows[i]["pd_pic"];
product.Add(pd);
}
return product;
}
public static bool CheckUser(string user)
{
SqlCommand sql = new SqlCommand("select COUNT(*) from Login where username = '"+user+"'",conn);
if ((int)sql.ExecuteScalar() == 0)
return true;
return false;
}
public static int AddStaff(Person st)
{
if (CheckUser(fmStaff.txt_username.Text))
{
String SqlCom = "INSERT INTO [BTMart].[dbo].[Staff](st_id,st_first,st_last,st_address,st_tel,st_email,st_level) VALUES ('" + st.id + "','" + st.first + "','" + st.last + "','" + st.address + "','" + st.tel + "','" + st.email + "','" + st.level + "')";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
SqlCom = "INSERT INTO [BTMart].[dbo].[Login](username,password,st_id) VALUES ('" + fmStaff.txt_username.Text + "','" + fmStaff.txt_password.Text + "','" + st.id + "')";
sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
}
else return -1;
return 0;
}
public static int UpdateStaff(Person st)
{
String SqlCom = "UPDATE [BTMart].[dbo].[Staff] SET [st_first]='" + st.first + "', [st_last]='" + st.last + "', [st_address]='" + st.address + "', [st_tel]='" + st.tel + "', [st_email]='" + st.email + "', [st_level]='" + st.level + "' WHERE [st_id]='" + st.id + "';";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
SqlCom = "UPDATE [BTMart].[dbo].[Login] SET [username] = '"+fmStaff.txt_username.Text+"', [password]= '"+fmStaff.txt_password.Text+"', [st_id] = '"+st.id+"' WHERE [st_id]= '"+st.id+"'";
sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static int DeleteStaff(Person st)
{
String SqlCom = "DELETE FROM [BTMart].[dbo].[Staff] WHERE [st_id]='" + st.id + "'";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
SqlCom = "DELETE FROM [BTMart].[dbo].[Login] WHERE [st_id]= '" + st.id + "'";
sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
return 0;
}
public static ArrayList SelectStaff()
{
ArrayList staff = new ArrayList();
DataTable dt = new DataTable();
String SqlCom = "SELECT * FROM Staff";
SqlDataAdapter sa = new SqlDataAdapter(SqlCom, conn);
sa.Fill(dt);
for (int i = 0; i < dt.Rows.Count; i++)
{
Person st = new Person();
st.id = dt.Rows[i]["st_id"].ToString();
st.first = dt.Rows[i]["st_first"].ToString();
st.last = dt.Rows[i]["st_last"].ToString();
st.address = dt.Rows[i]["st_address"].ToString();
st.tel = dt.Rows[i]["st_tel"].ToString();
st.email = dt.Rows[i]["st_email"].ToString();
st.level = dt.Rows[i]["st_level"].ToString();
st.pic = (byte[])dt.Rows[i]["st_pic"];
staff.Add(st);
}
return staff;
}
public static string getCustomerID()
{
string select = "SELECT 'CTM' + left(convert(varchar, getdate(),111),4) + right('00000' + CONVERT(varchar,MAX(RIGHT([cus_id],5))+1),5) FROM Customer;";
SqlCommand cmd = new SqlCommand(select, conn);
if (cmd.ExecuteScalar() == DBNull.Value)
return "CTM201000000";
return cmd.ExecuteScalar().ToString();
}
public static string getStaffID()
{
string select = "SELECT 'ST' + left(convert(varchar, getdate(),111),4) + right('00000' + CONVERT(varchar,MAX(RIGHT([st_id],5))+1),5) FROM Staff;";
SqlCommand cmd = new SqlCommand(select, conn);
if (cmd.ExecuteScalar() == DBNull.Value)
return "ST201000000";
return cmd.ExecuteScalar().ToString();
}
public static string getSupplierID()
{
string select = "SELECT 'SP' + left(convert(varchar, getdate(),111),4) + right('00000' + CONVERT(varchar,MAX(RIGHT([sp_id],5))+1),5) FROM Supplier;";
SqlCommand cmd = new SqlCommand(select, conn);
if (cmd.ExecuteScalar() == DBNull.Value)
return "SP201000000";
return cmd.ExecuteScalar().ToString();
}
public static string getProductID()
{
string select = "SELECT 'PD' + left(convert(varchar, getdate(),111),4) + right('00000' + CONVERT(varchar,MAX(RIGHT([pd_id],5))+1),5) FROM Product;";
SqlCommand cmd = new SqlCommand(select, conn);
if (cmd.ExecuteScalar() == DBNull.Value)
return "PD201000000";
return cmd.ExecuteScalar().ToString();
}
public static string getBuyID()
{
string select = "SELECT 'B' + left(convert(varchar, getdate(),111),4) + right('00000' + CONVERT(varchar,MAX(RIGHT([buy_id],5))+1),5) FROM Buy;";
SqlCommand cmd = new SqlCommand(select, conn);
if (cmd.ExecuteScalar() == DBNull.Value)
return "B201000000";
return cmd.ExecuteScalar().ToString();
}
public static DataTable getSupplierList()
{
DataTable dt = new DataTable("SupplierList");
SqlDataAdapter da = new SqlDataAdapter("SELECT sp_id,sp_name FROM Supplier", conn);
da.Fill(dt);
return dt;
}
public static string getUser(string id)
{
string select = "SELECT username FROM Login WHERE st_id='"+id+"'";
SqlCommand cmd = new SqlCommand(select, conn);
return cmd.ExecuteScalar().ToString();
}
public static bool Buy(string sp_id, DataTable product, float total)
{
try
{
string bid = getBuyID();
String SqlCom = "INSERT INTO [BTMart].[dbo].[Buy](buy_id,sp_id,date,total,[confirm]) VALUES ('" + bid + "','" + sp_id + "',GETDATE()," + total + ",0)";
SqlCommand sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
for (int i = 0; i < product.Rows.Count; i++)
{
SqlCom = "INSERT INTO [BTMart].[dbo].[Buylist](buy_id,pd_id,amount,total) VALUES ('" + bid + "','" + product.Rows[i]["pd_id"].ToString() + "'," + product.Rows[i]["amount"].ToString() + "," + product.Rows[i]["total"].ToString() + ")";
sql = new SqlCommand(SqlCom, conn);
sql.ExecuteNonQuery();
}
/////////////////////////////TEMPORARY
confirmBuy(bid);
return true;
}
catch
{
return false;
}
}
public static bool confirmBuy(string bid)
{
try
{
SqlCommand sqlcom = new SqlCommand("SELECT confirm FROM Buy", conn);
if (sqlcom.ExecuteScalar().ToString() == "0")
{
DataTable dt = new DataTable();
SqlDataAdapter sda = new SqlDataAdapter("SELECT pd_id,amount FROM Buylist WHERE buy_id = '" + bid + "'", conn);
sda.Fill(dt);
for (int i = 0; i < dt.Rows.Count; i++)
{
sqlcom = new SqlCommand("UPDATE Product SET pd_amount += " + int.Parse(dt.Rows[i][1].ToString()) + ", pd_indate = GETDATE() WHERE pd_id = '" + dt.Rows[i][0].ToString() + "'", conn);
sqlcom.ExecuteNonQuery();
}
sqlcom = new SqlCommand("UPDATE Buy SET [confirm] = 1 WHERE buy_id = '"+bid+"'", conn);
sqlcom.ExecuteNonQuery();
}
}
catch { return false; }
return true;
}
}
}
Tag : .NET, Ms SQL Server 2008, Win (Windows App), C#, VS 2008 (.NET 3.x)
|
|
|
 |
 |
 |
 |
| Date :
2010-12-11 02:56:36 |
By :
Umbrella |
View :
1094 |
Reply :
1 |
|
 |
 |
 |
 |
|
|
|
|
 |
 |
|
 |
 |
| |
|
|
|
| |
|
ตรง Connection ส่วนของ User/Password หายไปไหนครับ
Code (C#)
<%@ Import Namespace="System.Data"%>
<%@ Import Namespace="System.Data.SqlClient"%>
<%@ Page Language="C#" Debug="true" %>
<script runat="server">
SqlConnection objConn;
SqlCommand objCmd;
void Page_Load(object sender,EventArgs e)
{
String strConnString;
strConnString = "Server=localhost;Uid=sa;PASSWORD=;database=mydatabase;Max Pool Size=400;Connect Timeout=600;";
objConn = new SqlConnection(strConnString);
objConn.Open();
if(objConn.State == ConnectionState.Open)
{
this.lblText.Text = "SQL Server Connected";
}
else
{
this.lblText.Text = "SQL Server Connect Failed";
}
}
void Page_UnLoad()
{
objConn.Close();
objConn = null;
}
</script>
<html>
<head>
<title>ThaiCreate.Com ASP.NET - SQL Server</title>
</head>
<body>
<form id="form1" runat="server">
<asp:Label id="lblText" runat="server"></asp:Label>
</form>
</body>
</html>
ASP.NET Microsoft SQL Server (System.Data.SqlClient)
|
| |
|
|
| |
| Date :
2010-12-11 06:58:35 |
By :
webmaster |
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
 Load balance : Server 04
|
