步驟 3︰使用 ADO.NET 連線到 SQL 的概念證明

下載 ADO.NET

• 上一篇文章：步驟 2：針對 ADO.NET 開發建立 SQL 資料庫
• 下一篇文章：步驟 4︰使用 ADO.NET 彈性地連接到 SQL

這個 C# 程式碼範例只應被視為一個概念證明。 為了清楚起見，已將範例程式碼簡化，而其不一定代表 Microsoft 建議的最佳做法。

1：連線

SqlConnection.Open 方法可用來連線到您的 SQL 資料庫。

using System;
using QC = Microsoft.Data.SqlClient;
  
namespace ProofOfConcept_SQL_CSharp  
{  
	public class Program  
	{  
		static public void Main()  
		{  
			using (var connection = new QC.SqlConnection(  
				"Server=tcp:YOUR_SERVER_NAME_HERE.database.windows.net,1433;" +
				"Database=AdventureWorksLT;User ID=YOUR_LOGIN_NAME_HERE;" +
				"Password=YOUR_PASSWORD_HERE;Encrypt=True;" +
				"TrustServerCertificate=False;Connection Timeout=30;"  
				))  
			{  
				connection.Open();  
				Console.WriteLine("Connected successfully.");  

				Console.WriteLine("Press any key to finish...");  
				Console.ReadKey(true);  
			}  
		}  
	}  
}  
/**** Actual output:  
Connected successfully.  
Press any key to finish...  
****/  

2：執行查詢

SqlCommand. ExecuteReader 方法：

• 向 SQL 系統發出 SQL SELECT 陳述式。
• 傳回 SqlDataReader 的執行個體，以提供對結果資料列的存取。

using System;
using DT = System.Data;
using QC = Microsoft.Data.SqlClient;
  
namespace ProofOfConcept_SQL_CSharp  
{  
	public class Program  
	{  
		static public void Main()  
		{  
			using (var connection = new QC.SqlConnection(  
				"Server=tcp:YOUR_SERVER_NAME_HERE.database.windows.net,1433;" +
				"Database=AdventureWorksLT;User ID=YOUR_LOGIN_NAME_HERE;" +
				"Password=YOUR_PASSWORD_HERE;Encrypt=True;" +
				"TrustServerCertificate=False;Connection Timeout=30;"  
				))  
			{  
				connection.Open();  
				Console.WriteLine("Connected successfully.");  
  
				Program.SelectRows(connection);  
  
				Console.WriteLine("Press any key to finish...");  
				Console.ReadKey(true);  
			}  
		}  
  
		static public void SelectRows(QC.SqlConnection connection)  
		{  
			using (var command = new QC.SqlCommand())  
			{  
				command.Connection = connection;  
				command.CommandType = DT.CommandType.Text;  
				command.CommandText = @"  
SELECT  
	TOP 5  
		COUNT(soh.SalesOrderID) AS [OrderCount],  
		c.CustomerID,  
		c.CompanyName  
	FROM  
						SalesLT.Customer         AS c  
		LEFT OUTER JOIN SalesLT.SalesOrderHeader AS soh  
			ON c.CustomerID = soh.CustomerID  
	GROUP BY  
		c.CustomerID,  
		c.CompanyName  
	ORDER BY  
		[OrderCount] DESC,  
		c.CompanyName; ";  
  
				QC.SqlDataReader reader = command.ExecuteReader();  
  
				while (reader.Read())  
				{  
					Console.WriteLine("{0}\t{1}\t{2}",  
						reader.GetInt32(0),  
						reader.GetInt32(1),  
						reader.GetString(2));  
				}  
			}  
		}  
	}  
}  
/**** Actual output:  
Connected successfully.  
1       29736   Action Bicycle Specialists  
1       29638   Aerobic Exercise Company  
1       29546   Bulk Discount Store  
1       29741   Central Bicycle Specialists  
1       29612   Channel Outlet  
Press any key to finish...  
****/  

3：插入資料列

此範例示範如何：

• 藉由傳遞參數來安全地執行 SQL INSERT 陳述式。
  • 使用參數可防止 SQL 插入式攻擊。
• 擷取自動產生的值。

using System;
using DT = System.Data;
using QC = Microsoft.Data.SqlClient;
  
namespace ProofOfConcept_SQL_CSharp  
{  
	public class Program  
	{  
		static public void Main()  
		{  
			using (var connection = new QC.SqlConnection(  
				"Server=tcp:YOUR_SERVER_NAME_HERE.database.windows.net,1433;" +
				"Database=AdventureWorksLT;User ID=YOUR_LOGIN_NAME_HERE;" +
				"Password=YOUR_PASSWORD_HERE;Encrypt=True;" +
				"TrustServerCertificate=False;Connection Timeout=30;"  
				))  
			{  
				connection.Open();  
				Console.WriteLine("Connected successfully.");  
  
				Program.InsertRows(connection);  
  
				Console.WriteLine("Press any key to finish...");  
				Console.ReadKey(true);  
			}  
		}  
  
		static public void InsertRows(QC.SqlConnection connection)  
		{  
			QC.SqlParameter parameter;  
  
			using (var command = new QC.SqlCommand())  
			{  
				command.Connection = connection;  
				command.CommandType = DT.CommandType.Text;  
				command.CommandText = @"  
INSERT INTO SalesLT.Product  
		(Name,  
		ProductNumber,  
		StandardCost,  
		ListPrice,  
		SellStartDate  
		)  
	OUTPUT  
		INSERTED.ProductID  
	VALUES  
		(@Name,  
		@ProductNumber,  
		@StandardCost,  
		@ListPrice,  
		CURRENT_TIMESTAMP  
		); ";  
  
				parameter = new QC.SqlParameter("@Name", DT.SqlDbType.NVarChar, 50);  
				parameter.Value = "SQL Server Express 2014";  
				command.Parameters.Add(parameter);  
  
				parameter = new QC.SqlParameter("@ProductNumber", DT.SqlDbType.NVarChar, 25);  
				parameter.Value = "SQLEXPRESS2014";  
				command.Parameters.Add(parameter);  
  
				parameter = new QC.SqlParameter("@StandardCost", DT.SqlDbType.Int);  
				parameter.Value = 11;  
				command.Parameters.Add(parameter);  
  
				parameter = new QC.SqlParameter("@ListPrice", DT.SqlDbType.Int);  
				parameter.Value = 12;  
				command.Parameters.Add(parameter);  
  
				int productId = (int)command.ExecuteScalar();  
				Console.WriteLine("The generated ProductID = {0}.", productId);  
			}  
		}  
	}  
}  
/**** Actual output:  
Connected successfully.  
The generated ProductID = 1000.  
Press any key to finish...  
****/