Menu
I am facing some problem with making a SQL insert statement dynamically from a dataTable object in c#. I want to know the best practices to make it.Here is my code snippet , I have tried so far.
String sqlCommandInsert = "INSERT INTO dbo.RAW_DATA(";
String sqlCommandValue = "";
foreach (DataColumn dataColumn in dataTable.Columns)
{
sqlCommandInsert += dataColumn + ",";
}
sqlCommandInsert += sqlCommandInsert.TrimEnd(',');
sqlCommandInsert += ") VALUE(";
for (int i = 0; i < dataTable.Rows.Count; i++)
{
sqlCommandValue += "'" + dataTable.Rows[i].ItemArray[i] + "',";
}
var insertCommand = sqlCommandInsert;
sqlCommandValue = sqlCommandValue.TrimEnd(',');
var command = insertCommand + sqlCommandValue + ")";
dataContext.Database.ExecuteSqlCommand(command);
Any suggestion would be appreciated :) Regards.
597
String sqlCommandInsert = "INSERT INTO dbo. RAW_DATA("; String sqlCommandValue = ""; foreach (DataColumn dataColumn in dataTable. Columns) { sqlCommandInsert += dataColumn + ","; } sqlCommandInsert += sqlCommandInsert. TrimEnd(','); sqlCommandInsert += ") VALUE("; for (int i = 0; i < dataTable.
Use the INSERT command to enter data into a table.
Insert is a widely-used command in the Structured Query Language (SQL) data manipulation language (DML) used by SQL Server and Oracle relational databases. The insert command is used for inserting one or more rows into a database table with specified table column values.
Data insertion is the process of inserting rows into a table. The data insertion methods and an example of specifying SQL statements are shown as follows. Data insertion methods. The INSERT statement is used to insert rows.
Use VALUES instead of VALUE. Apart from that you should always use sql-parameters:
string columns = string.Join(","
, dataTable.Columns.Cast<DataColumn>().Select(c => c.ColumnName));
string values = string.Join(","
, dataTable.Columns.Cast<DataColumn>().Select(c => string.Format("@{0}", c.ColumnName)));
String sqlCommandInsert = string.Format("INSERT INTO dbo.RAW_DATA({0}) VALUES ({1})" , columns, values);
using(var con = new SqlConnection("ConnectionString"))
using (var cmd = new SqlCommand(sqlCommandInsert, con))
{
con.Open();
foreach (DataRow row in dataTable.Rows)
{
cmd.Parameters.Clear();
foreach (DataColumn col in dataTable.Columns)
cmd.Parameters.AddWithValue("@" + col.ColumnName, row[col]);
int inserted = cmd.ExecuteNonQuery();
}
}
## Dynamic Update Query from Datatable with Npgsql##
public string UpdateExecute(DataTable dataTable, string TableName)
{
NpgsqlCommand cmd = null;
string Result = String.Empty;
try
{
if (dataTable.Columns.Contains("skinData")) dataTable.Columns.Remove("skinData");
string columns = string.Join(",", dataTable.Columns.Cast<DataColumn>().Select(c => c.ColumnName));
string values = string.Join(",", dataTable.Columns.Cast<DataColumn>().Select(c => string.Format("@{0}", c.ColumnName)));
StringBuilder sqlCommandInsert = new StringBuilder();
sqlCommandInsert.Append("Update " + TableName + " Set ");
string[] TabCol = columns.Split(',');
string[] TabVal = values.Split(',');
for (int i = 0; i < TabCol.Length; i++)
{
for (int j = 0; j < TabVal.Length; j++)
{
sqlCommandInsert.Append(TabCol[i] +" = "+ TabVal[i] + ",");
break;
}
}
string NpgsqlCommandUpdate= sqlCommandInsert.ToString().TrimEnd(',');
NpgsqlCommandUpdate += (" where " + TabCol[0] + "=" + TabVal[0]);
using (var con = new NpgsqlConnection("Server=localhost;Port=5432;uid=uapp;pwd=Password;database=Test;"))
{
con.Open();
foreach (DataRow row in dataTable.Rows)
{
cmd = new NpgsqlCommand(NpgsqlCommandUpdate.ToString(), con);
cmd.Parameters.Clear();
foreach (DataColumn col in dataTable.Columns)
cmd.Parameters.AddWithValue("@" + col.ColumnName, row[col]);
Result = cmd.ExecuteNonQuery().ToString();
}
}
}
catch (Exception)
{
Result = "-1";
}
return Result;
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
