C#에서 데이터베이스에서 데이터를 검색하는 방법은 무엇입니까?

Question

데이터베이스에 기증자를 등록하고 이름을 검색하여 데이터베이스에서 데이터를 검색 할 수있는 콘솔 기본 응용 프로그램을 작성했습니다. 데이터를 올바르게 추가 할 수 있지만 데이터를 검색하려고하면 아무 문제가 발생하지 않습니다. 여기 내 코드는 다음과 같습니다

class bbManager 
{ 
    public string ConnectionString = @"server=localhost;Database=introsw;Uid=root;Pwd=123456"; 

    public void Registration(BloodBank donor) 
    { 
     string query = "Insert Into bloodbank(id, name) Values('"+ donor.id +"','"+ donor.name +"')"; 

     MySqlConnection conn = new MySqlConnection(); 
     conn.ConnectionString = ConnectionString; 
     conn.Open(); 

     MySqlCommand cmd = new MySqlCommand(); 
     cmd.CommandText = query; 
     cmd.Connection = conn; 

     int result = cmd.ExecuteNonQuery(); 
     if (result == '1') 
     { 
      Console.WriteLine("Registration Successful..."); 
     } 
    } 
    public void SearchByname(string name) 
    { 
     string query = "select * from bloodbank Where name = '"+ name +"'"; 
     try 
     { 
      MySqlConnection conn = new MySqlConnection(); 
      conn.ConnectionString = ConnectionString; 
      conn.Open(); 

      MySqlDataReader rdr = null; 

      MySqlCommand cmd = new MySqlCommand(); 
      cmd.CommandText = query; 
      cmd.Connection = conn; 

      rdr = cmd.ExecuteReader(); 

      while(rdr.Read()) 
      { 
       Console.WriteLine("ID: ", rdr["id"].ToString()); 
       Console.WriteLine("Name: ", rdr["name"].ToString()); 
      } 
      conn.Close(); 
     } 
     catch (Exception ex) 
     { 
      Console.WriteLine(ex.Message); 
     } 
    } 
} 

Answer 1

는 초기 문제는

Console.WriteLine("ID: ", rdr["id"].ToString()); 

될 수 있었다 :

Console.WriteLine("ID: {0}", rdr["id"].ToString()); // http://msdn.microsoft.com/pt-br/library/fc0cx9a5(v=vs.110).aspx 

또는

Console.WriteLine("ID: " + rdr["id"].ToString()); 

TODO가 : SQL 매개 변수를 확인합니다. C# SQL parameters

public void Registration(BloodBank donor) 
{ 
    string query = "INSERT INTO bloodbank(id, name) VALUES ('" + donor.id.Replace("'","''") + "','" + donor.name.Replace("'","''") + "');"; 

    using (MySqlConnection conn = new MySqlConnection()) 
    { 
     conn.ConnectionString = ConnectionString; 
     conn.Open(); 

     try 
     { 
      RunSQL(query, conn); 
      Console.WriteLine("Registration Successful..."); 
     } 
     catch 
     { 
      Console.WriteLine("Registration Failed..."); 
     } 
    } 
} 

public void SearchByname(string name) 
{ 
    string query = "SELECT * FROM bloodbank WHERE name = '" + name + "'"; 
    try 
    { 
     DataTable DT_Results; 
     using (MySqlConnection conn = new MySqlConnection()) 
     { 
      conn.ConnectionString = ConnectionString; 
      conn.Open(); 
      DT_Results = RunSQL(query, conn); 
     } 

     foreach (DataRow dr in DT_Results.Rows) 
     { 
      Console.WriteLine("ID: " + dr.Field<string>("id")); 
      Console.WriteLine("Name: " + dr.Field<string>("name")); 
     } 

    } 
    catch (Exception ex) 
    { 
     Console.WriteLine(ex.Message); 
    } 
} 

static public DataTable RunSQL(string sSQL, MySqlConnection MyConnection) 
{ 
    DataTable DT = new DataTable(); 

    using (MySqlDataAdapter MyDataAdapter = new MySqlDataAdapter(sSQL, MyConnection)) 
    { 
     try 
     { 
      #region Executa/Preenche o DT 
      DT.TableName = "TABELA"; 
      MyDataAdapter.Fill(DT); 
      #endregion 
     } 
     catch (Exception ex) 
     { 
      // by Tony - 26-set-2006 
      // Retorna o SQL e o erro, para facilitar o debug do sistema. 
      var newexeption = new Exception(sSQL + " " + ex.Message); 
      throw newexeption; 
     } 
    } 

    return DT; 
}