我在一个SQL语句中连接4个表,它将数据读入对象并填充gridview。C#:内部连接4个表SQL Server
我的问题:这是一个很好的做法吗?从数据库读取时是否有任何副作用,如性能?如果是这样,请给我提供一些改进它的提示。
protected void OrdersGridView_SelectedIndexChanged(object sender, EventArgs e)
{
string OID = OrdersGridView.SelectedRow.Cells[0].Text;
OrderIDlbl.Text = "Order# " + OID;
using (SqlConnection con = new SqlConnection(cData.CS))
{
con.Open();
{
string sql = "select o.*, c.*, oi.*, p.* from Orders as o INNER JOIN Customers as c ON o.CustID = c.CustomerID INNER JOIN OrderItems as oi ON o.OrderID = oi.InvoiceID INNER JOIN Products as p ON p.PartNumber = oi.PartNumb where OrderID ='" + OID + "'";
SqlCommand myCommand = new SqlCommand(sql, con);
myCommand.CommandTimeout = 15;
myCommand.CommandType = CommandType.Text;
using (SqlDataReader myReader = myCommand.ExecuteReader())
{
while (myReader.Read())
{
passid.Text = (myReader["CustID"].ToString());
TermsDropdown.Value = (myReader["PaymentTerms"].ToString());
PaymentDate.Value = ((DateTime)myReader["PaymentDate"]).ToString("MMMM dd, yyyy");
OrderDate.Value = ((DateTime)myReader["OrderDate"]).ToString("MMMM dd, yyyy");
SalesRep.Value = (myReader["SalesRep"].ToString());
comenttxtbox.Value = (myReader["Comments"].ToString());
Discountlbl.Text = "Discount: " + (myReader["Discount"].ToString() + " AED");
Totallbl.Text = "Total: " + (myReader["Total"].ToString() + " AED");
Statuslbl.Text = (myReader["OrderStatus"].ToString());
SelectCustomertxtbox.Value = (myReader["Company"].ToString());
Name.Text = "Name: " + (myReader["FName"].ToString()) + " " + (myReader["LName"].ToString());
Phone.Text = "Phone: " + (myReader["Phone"].ToString());
Mail.Text = "Mail: " + (myReader["Personal_Email"].ToString());
}
}
DataTable dt = new DataTable();
using (SqlDataAdapter da = new SqlDataAdapter(myCommand))
{
da.Fill(dt);
OrderItemsGridview.DataSource = dt;
OrderItemsGridview.EmptyDataText = "No Items";
OrderItemsGridview.DataBind();
}
}
}
}
快速回答。不,你正在拉这么多不需要的数据。唯一重复的数据是项目。所以你有几个查询只返回一条记录。 – gbianchi
只要你有适当的索引,连接本身并不是一件坏事。虽然星列并不是一个好的做法,因为它们会返回比您需要的更多的数据,并且随着时间的推移可能会导致其他问题,因为对数据库模式进行了更改。 – wdosanjos
[SQL注入警报](http://msdn.microsoft.com/en-us/library/ms161953%28v=sql.105%29.aspx) - 您应该**不**将您的SQL语句连接在一起 - 使用**参数化查询**,而不是为了避免SQL注入 –