1、下載mysql.Data.dll,在解決方案->引用中引入,並在文件頭部引入
using MySql.Data.MySqlClient;
2、創建MySqlConnection對象(鏈接庫)
string connstr = "data source=localhost;database=cs_test;user id=root;password=123456;pooling=false;charset=utf8";//pooling代表是否使用連接池 MySqlConnection conn = new MySqlConnection(connstr);
3、創建對應操作的MySqlCommand對象(測試數據庫表名characters,屬性列:id,names,passwords)
string sql = "select * from characters"; MySqlCommand cmd = new MySqlCommand(sql,conn);
4、針對不同操作,MySqlCommand對象有三個常用方法
(1)查找多行 : ExecuteReader()方法
返回一個MysqlDataReader對象,包含多個行,可以用其Read方法逐行讀取。
對於每行元素,可以用getXXX()方法讀取屬性值,XXX爲該屬性類型,參數爲屬性名或者該屬性爲這張表的第幾列。
可以用IsDBNull()方法判斷是否爲空,參數只能是該屬性爲這張表的第幾列(即只能是數字)
conn.Open(); MySqlDataReader reader = cmd.ExecuteReader(); Console.WriteLine("id\t姓名\t密碼"); while (reader.Read()) { Console.Write(reader.GetInt32("id")+"\t"); if (reader.IsDBNull(1)) { Console.Write("空\t"); } else { Console.Write(reader.GetString("names")+"\t"); } if (reader.IsDBNull(2)) { Console.Write("空\n"); } else { Console.Write(reader.GetString("passwords")+"\n"); } } conn.Close();
(2)查找單個: ExecuteScalar()
返回值爲查找到的元祖第一個屬性,以object類型返回
string sql2 = "select names from characters where id=2"; MySqlCommand cmd2 = new MySqlCommand(sql2,conn); conn.Open(); string names = cmd2.ExecuteScalar().ToString(); Console.WriteLine(names); conn.Close();
(3)增、刪、改: ExecuteNonQuery()
返回值爲int,不成功是0,成功是1
string sql3 = "insert into characters (names,passwords) values ('XXX','1234456')"; MySqlCommand cmd3 = new MySqlCommand(sql3,conn); conn.Open(); int s = cmd3.ExecuteNonQuery(); if (s == 0) Console.WriteLine("false"); else Console.WriteLine("success"); conn.Close();
5、完整代碼
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using MySql.Data.MySqlClient; namespace mysql_test { class mysqlcz{ public mysqlcz() { string connstr = "data source=localhost;database=csceshi;user id=root;password=123456;pooling=false;charset=utf8"; using (MySqlConnection conn = new MySqlConnection(connstr)) { string sql = "select * from characters"; MySqlCommand cmd = new MySqlCommand(sql,conn); conn.Open(); MySqlDataReader reader = cmd.ExecuteReader(); Console.WriteLine("id\t姓名\t密碼"); while (reader.Read()) { Console.Write(reader.GetInt32("id")+"\t"); if (reader.IsDBNull(1)) { Console.Write("空\t"); } else { Console.Write(reader.GetString("names")+"\t"); } if (reader.IsDBNull(2)) { Console.Write("空\n"); } else { Console.Write(reader.GetString("passwords")+"\n"); } } conn.Close(); string sql2 = "select names from characters where id=2"; MySqlCommand cmd2 = new MySqlCommand(sql2,conn); conn.Open(); string names = cmd2.ExecuteScalar().ToString(); Console.WriteLine(names); conn.Close(); string sql3 = "insert into characters (names,passwords) values ('XXX','1234456')"; MySqlCommand cmd3 = new MySqlCommand(sql3,conn); conn.Open(); int s = cmd3.ExecuteNonQuery(); if (s == 0) Console.WriteLine("false"); else Console.WriteLine("success"); conn.Close(); } Console.ReadLine(); } } class Program { static void Main(string[] args) { mysqlcz mt = new mysqlcz(); } } }
6、sql語句參數化
爲防止sql注入,儘量不要使用字符串拼接的方法拼接sql字符串
string uname=Console.ReadLine(); string upwd=Console.ReadLine();//獲取用戶輸入 string sql="insert into characters (names,passwords) values (@name,@pwd)";//使用@符構造sql變量 MysqlCommand cmd = new MysqlCommand(sql,conn); //使用MysqlCommand對象的parameters屬性,該屬性爲像sql語句傳遞的參數集合,使用add方法向其中添加參數,參數以MysqlParameters對象形式傳遞 cmd.parameters.Add(new MysqlParametes("@name",uname)); cmd.parameters.Add(new MysqlParameters("@pwd",upwd)); conn.Open(); cmd.ExecuteNonQuery(); conn.Close();