Function selectlogon(ByVal User As Entity.logonEntity) As Entity.logonEntity Dim cmd_logon As New sqlCommand '实例化一个命令对象 Dim sqlconnection_logon = New sqlConnection(DbUtil.sqlConcectStr) '实例化带条件的一个数据库连接对象 cmd_logon.Connection = sqlconnection_logon '创建连接命令 sqlconnection_logon.Open() '执行连接,将数据库打开 '建立查询语句 cmd_logon.CommandText = "SELECT * FROM T_logon WHERE CardID = '" & User.CardID & "' " Dim reader As sqlClient.sqlDataReader '建立读数据对象 reader = cmd_logon.ExecuteReader '对象逐条读 Dim users As New Entity.logonEntity While (reader.Read()) '循环读数据 If users Is Nothing Then users = New Entity.logonEntity End If users.ID = reader.GetValue(reader.GetOrdinal("UserID")) '读取数据,赋给新实体 users.CardID = reader.GetValue(reader.GetOrdinal("CardID")) users.UserName = reader.GetValue(reader.GetOrdinal("UserName")) users.Sex = reader.GetValue(reader.GetOrdinal("Sex")) users.Department = reader.GetValue(reader.GetOrdinal("Department")) users.Grade = reader.GetValue(reader.GetOrdinal("Grade")) users.InCash = reader.GetValue(reader.GetOrdinal("InCash")) End While sqlconnection_logon.Close() Return users End Function
@H_301_0@(2)插入数据 @H_301_0@(采用:参数法)
Function InsertUp_Doing(ByVal User As Entity.MainEntity) As Boolean Dim cmd_insert_updoing As New sqlCommand Dim sqlconnection_updoing As New sqlConnection(DbUtil.sqlConcectStr) cmd_insert_updoing.Connection = sqlconnection_updoing '插入语句 cmd_insert_updoing.CommandText = "INSERT INTO T_Updoing (CardID) Values(@CardID)" '参数法 cmd_insert_updoing.Parameters.Add(New sqlParameter("@CardID",User.CardID)) sqlconnection_updoing.Open() cmd_insert_updoing.ExecuteNonQuery() sqlconnection_updoing.Close() Return True End Function
(3)更新数据 @H_301_0@(采用:拼接字符串 法)
Function update_updown(ByVal User As Entity.MainEntity) As Boolean Dim OK_NO_updown As Boolean Dim cmd_update_updown As New sqlCommand Dim sqlconnection_updown As New sqlConnection(DbUtil.sqlConcectStr) '根据“学号”、“状态”条件更新 cmd_update_updown.Connection = sqlconnection_updown cmd_update_updown.CommandText = "UPDATE T_UpDown " & _ "SET Downdatetime = @Downdatetime,Downtime = @Downtime,Consumetime = @Consumetime" & _ ",ConsumeCash = @ConsumeCash,Remaincash = @Remaincash " & _ "WHERE CardID = '" & User.CardID & "'" cmd_update_updown.CommandType = CommandType.Text sqlconnection_updown.Open() '打开连接 '添加参数 cmd_update_updown.Parameters.Add(New sqlParameter("@Downdatetime",User.Downdatetime)) cmd_update_updown.Parameters.Add(New sqlParameter("@Downtime",User.Downtime)) cmd_update_updown.Parameters.Add(New sqlParameter("@Consumetime",User.Timeconsume)) cmd_update_updown.Parameters.Add(New sqlParameter("@ConsumeCash",User.Cashconsume)) cmd_update_updown.Parameters.Add(New sqlParameter("@Remaincash",User.Cashremain)) cmd_update_updown.ExecuteNonQuery() sqlconnection_updown.Close() Return OK_NO_updown = True End Function@H_301_0@(4)删除数据 @H_301_0@(采用:拼接字符串法[CardID =' " & User.CardID & " ' ])
Function deleteUp_doing(ByVal User As Entity.MainEntity) As Boolean Dim OK_NO_down As Boolean Dim cmd_delete_updoing As New sqlCommand Dim sqlconnection_delectupdoing As New sqlConnection(DbUtil.sqlConcectStr) sqlconnection_delectupdoing.Open() cmd_delete_updoing.Connection = sqlconnection_delectupdoing cmd_delete_updoing.CommandText = "DELETE FROM T_Updoing WHERE CardID ='" & User.CardID & "'" cmd_delete_updoing.ExecuteNonQuery() sqlconnection_delectupdoing.Close() Return OK_NO_down = True End Function
@H_301_0@ 在VB.NET中,与我之前使用一年前使用VB相比,多了用参数法。查了一些资料,告知,用参数法能减少错误的产生,增强安全性。 @H_301_0@ 上面的代码中,传参采用的是传实体的方式。在VB.NET中,与实体代码更具自动性,与C#中实体相比,这也体现了一定的优越性。