Scribd
Upload
81 views

SQL Server With CSharp WinForms

The document provides information about connecting a C# Windows Forms application to an SQL Server database. It discusses SQL Server, ADO.NET, using C# to save and retrieve data from SQL Server. It includes examples of inserting and selecting data using ADO.NET and shows improvements like using app.config, SQL parameters, and stored procedures to improve security and performance when interacting with the database.

Uploaded by

Elly Sunandy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
81 views

SQL Server With CSharp WinForms

The document provides information about connecting a C# Windows Forms application to an SQL Server database. It discusses SQL Server, ADO.NET, using C# to save and retrieve data from SQL Server. It includes examples of inserting and selecting data using ADO.NET and shows improvements like using app.config, SQL parameters, and stored procedures to improve security and performance when interacting with the database.

Uploaded by

Elly Sunandy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 60

https://www.halvorsen.

blog

SQL Server with C#


Windows Forms App
Hans-Petter Halvorsen
Windows Forms App
We will create a basic Windows Forms App
that saves data to an SQL Server Database.
The App will also retrieve Data from the SQL
Server Database.
Contents
• SQL Server
• ADO.NET
• C# WinForms Examples
• Structured Query Language (SQL)
• Saving Data to SQL Server
• Retrieving Data from SQL Server
Audience
• This Tutorial is made for rookies making
their first basic C# Windows Forms
Database Application
• You don’t need any experience in either
Visual Studio or C#
• No skills in Automation or Control System
is necessary
C# Examples
Note!
• The examples provided can be
considered as a “proof of concept”
• The sample code is very simplified for
clarity and doesn't necessarily
represent best practices.
https://www.halvorsen.blog

SQL Server

Hans-Petter Halvorsen
What is a Database?
• A Database is a structured way to store lots of information.
• The information inside the database is stored in different
tables.
• - “Everything” today is stored in databases!

Examples:
• Bank/Account systems
• Information in Web pages such as Facebook, Wikipedia,
YouTube, etc.
• … lots of other examples!
Database Systems
We communicate with the Database using a Database Management
System (DBMS). We use the Structured Query Language (SQL) in
order to communicate with the Database, i.e., Insert Data, Retrieve
Data, Update Data and Delete Data from the Database.

Database
Management
System SQL Database
(DBMS)

SQL – Structured Query Language


Database Systems
• Oracle
• MySQL
• MariaDB
• Sybase
• Microsoft Access
• Microsoft SQL Server
• ... (we have hundreds different DBMS)
SQL Server
• SQL Server Express
– Free version of SQL Server that has all we need for the
exercises in this Tutorial
• SQL Server Express consist of 2 parts (separate
installation packages):
– SQL Server Express
– SQL Server Management Studio (SSMS) – This software can
be used to create Databases, create Tables, Insert/Retrieve
or Modify Data, etc.
• SQL Server Express Installation:
https://youtu.be/hhhggAlUYo8
SQL Server Management Studio
3

Your SQL Server


1 4
Your Database Write your Query here
2

Your
Tables

5 The result from your Query


Structured Query Language
• Structured Query Language (SQL) is used to
write, read and update data from the
Database System
• You can use SQL inside the “SQL Server
Management Studio” or inside your C# App.
• SQL Example: select * from SCHOOL
SQL Examples
Query Examples:
• insert into STUDENT (Name , Number, SchoolId)
values ('John Smith', '100005', 1)

• select SchoolId, Name from SCHOOL

• select * from SCHOOL where SchoolId > 100

• update STUDENT set Name='John Wayne' where StudentId=2

• delete from STUDENT where SchoolId=3


We have 4 different Query Types: INSERT, SELECT, UPDATE and DELETE
CRUD: C – Create or Insert Data, R – Retrieve (Select) Data, U – Update Data, D – Delete Data
https://www.halvorsen.blog

ADO.NET

Hans-Petter Halvorsen
ADO.NET
• ADO.NET is the core data access
technology for .NET languages.
• System.Data.SqlClient (or the newer
Microsoft.Data.SqlClient) is the
provider or namespace you typically
use to connect to an SQL Server
Installation in Visual Studio
• Typically, we need to add the necessary
NuGet package for that
• NuGet is the package manager for .NET
• The NuGet client tools provide the
ability to produce and consume
packages
https://www.halvorsen.blog

Windows Forms App

Hans-Petter Halvorsen
Windows Forms App
https://www.halvorsen.blog

Basic Example

Hans-Petter Halvorsen
Basic Example
Basic Example
• Sensor Type
–Temperature, Pressure, ..
• Sensor Name
Database

CREATE TABLE SENSOR


(
SensorId int NOT NULL IDENTITY (1,1),
SensorName varchar(50) NOT NULL,
SensorType varchar(50) NOT NULL
)
GO
Visual Studio
using System;

Code
using Microsoft.Data.SqlClient;
using System.Windows.Forms;

namespace SensorSystem
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}

private void btnSave_Click(object sender, EventArgs e)


{
string connectionString = "Data Source=xxx;Initial Catalog=xxx;Integrated Security=True";

string sqlQuery = "INSERT INTO SENSOR (SensorName, SensorType)


VALUES (" + "'" + txtSensorName.Text + "'" + "," + "'" + txtSensorType.Text + "'" + ")";

SqlConnection con = new SqlConnection(connectionString);

con.Open();
SqlCommand sc = new SqlCommand(sqlQuery, con);
sc.ExecuteNonQuery();
con.Close();
}
}
}
Running the Application

INSERT INTO SENSOR (SensorName, SensorType)


VALUES ('Temperature1', 'Temperature')
Select * from SENSOR

We see that the data has been


stored in the Database
Improvements
• Use App.config
• Use SQL Parameters
• Use Stored Procedure
• Use Try … Catch
• Create separate Classes and Methods
• Improve Database structure
• …
https://www.halvorsen.blog

App.config

Hans-Petter Halvorsen
Use App.config

<?xml version="1.0" encoding="utf-8" ?>


<configuration>

<connectionStrings>
<add name="DatabaseConnectionString" connectionString="Data Source=x;Initial Catalog=x;Trusted_Connection=True"
providerName="System.Data.SqlClient" />
</connectionStrings>

</configuration>
Code
using System;
using Microsoft.Data.SqlClient;
using System.Configuration;
using System.Windows.Forms;

namespace SensorSystem
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}

private void btnSave_Click(object sender, EventArgs e)


{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;

string sqlQuery = "INSERT INTO SENSOR (SensorName, SensorType)


VALUES (" + "'" + txtSensorName.Text + "'" + "," + "'" + txtSensorType.Text + "'" + ")";

SqlConnection con = new SqlConnection(connectionString);

con.Open();
SqlCommand sc = new SqlCommand(sqlQuery, con);
sc.ExecuteNonQuery();
con.Close();
}
}
}
https://www.halvorsen.blog

SQL Parameters

Hans-Petter Halvorsen
Use SQL Parameters
• Using SQL Parameters are safer than putting the
values into the string because the parameters are
passed to the database separately, protecting
against SQL injection attacks.
• It is also be more efficient if you execute the
same SQL repeatedly with different parameters.
• The Example is showing Windows Forms using C#
• Other Languages like PHP, Python, etc. offer the
same functionality
using System;

Code
using Microsoft.Data.SqlClient;
using System.Configuration;
using System.Windows.Forms;

namespace SensorSystem
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}

private void btnSave_Click(object sender, EventArgs e)


{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;
string sqlQuery = "INSERT INTO SENSOR (SensorName, SensorType) VALUES (@sensorname, @sensortype)";

SqlConnection con = new SqlConnection(connectionString);


con.Open();

SqlCommand cmd = new SqlCommand(sqlQuery, con);

var sensorNameParameter = new SqlParameter("sensorname", System.Data.SqlDbType.VarChar);


sensorNameParameter.Value = txtSensorName.Text;
cmd.Parameters.Add(sensorNameParameter);

var sensorTypeParameter = new SqlParameter("sensortype", System.Data.SqlDbType.VarChar);


sensorTypeParameter.Value = txtSensorType.Text;
cmd.Parameters.Add(sensorTypeParameter);

cmd.ExecuteNonQuery();
con.Close();
}
}
}
https://www.halvorsen.blog

Stored Procedure

Hans-Petter Halvorsen
Use Stored Procedure
• A Stored Procedure is a premade SQL
Script which you can use inside your
C# Code
• Here you also use SQL Parameters
• Using Stored Procedure and SQL
Parameters prevent SQL Injection
Stored Procedure
IF EXISTS (SELECT name
FROM sysobjects
WHERE name = 'SaveSensor'
AND type = 'P')
DROP PROCEDURE SaveSensor
GO

CREATE PROCEDURE SaveSensor


@SensorName varchar(50),
@SensorType varchar(50)
AS

INSERT INTO SENSOR (SensorName, SensorType) VALUES (@SensorName, @SensorType)

GO
using System;
using System.Data;
using Microsoft.Data.SqlClient;
using System.Configuration;
using System.Windows.Forms;

namespace SensorSystem
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}

private void btnSave_Click(object sender, EventArgs e)


{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;

SqlConnection con = new SqlConnection(connectionString);


con.Open();

SqlCommand cmd = new SqlCommand("SaveSensor", con);


cmd.CommandType = CommandType.StoredProcedure;

string sensorName = txtSensorName.Text;


string sensorType = txtSensorType.Text;

cmd.Parameters.Add(new SqlParameter("@SensorName", sensorName));


cmd.Parameters.Add(new SqlParameter("@SensorType", sensorType));

cmd.ExecuteNonQuery();
con.Close();
}
}
}
https://www.halvorsen.blog

Try .. Catch ..

Hans-Petter Halvorsen
Use Try … Catch
• When executing C# code, different
errors may occur
• When an error occurs, C# will normally
stop and generate an error message.
• Typically, we just want to show an Error
Message to the user without stopping
the application
• Then we can use Try … Catch
Try … Catch
try
{
// Put your ordinary Code here
}
catch (Exception ex)
{
// Code for Handling Errors
}
Code
private void btnSave_Click(object sender, EventArgs e)
{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;

try
{
SqlConnection con = new SqlConnection(connectionString);
con.Open();

SqlCommand cmd = new SqlCommand("SaveSensor", con);


cmd.CommandType = CommandType.StoredProcedure;

string sensorName = txtSensorName.Text;


string sensorType = txtSensorType.Text;

cmd.Parameters.Add(new SqlParameter("@SensorName", sensorName));


cmd.Parameters.Add(new SqlParameter("@SensorType", sensorType));

cmd.ExecuteNonQuery();
con.Close();
}
catch
{
MessageBox.Show("Error Writing Data to Database");
}
}
https://www.halvorsen.blog

Classes and Methods

Hans-Petter Halvorsen
Create Classes and Methods
• So far, we have used the Button Click
Event Method
btnSave_Click()and then we
created all code inside that Method
• Better to create separate Classes and
Methods
Create a Separate Method
private void btnSave_Click(object sender, EventArgs e)
{
SaveData();
}

private void SaveData()


{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;

try
{
SqlConnection con = new SqlConnection(connectionString);
con.Open();

SqlCommand cmd = new SqlCommand("SaveSensor", con);


cmd.CommandType = CommandType.StoredProcedure;

string sensorName = txtSensorName.Text;


string sensorType = txtSensorType.Text;

cmd.Parameters.Add(new SqlParameter("@SensorName", sensorName));


cmd.Parameters.Add(new SqlParameter("@SensorType", sensorType));

cmd.ExecuteNonQuery();
con.Close();
}
catch
{
MessageBox.Show("Error Writing Data to Database");
}
}
Create a Class and Method
using
Create a Class and Method
System.Data;
using System.Windows.Forms;
using Microsoft.Data.SqlClient;
using System.Configuration;

namespace SensorSystem.Classes
{
class Sensor
{
public void SaveSensorData(string sensorName, string sensorType)
{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;

try
{
SqlConnection con = new SqlConnection(connectionString);
con.Open();

SqlCommand cmd = new SqlCommand("SaveSensor", con);


cmd.CommandType = CommandType.StoredProcedure;

cmd.Parameters.Add(new SqlParameter("@SensorName", sensorName));


cmd.Parameters.Add(new SqlParameter("@SensorType", sensorType));

cmd.ExecuteNonQuery();
con.Close();
}
catch
{
MessageBox.Show("Error Writing Data to Database");
}
}
}
}
Using the Class and Method
using System;
using System.Windows.Forms;
using SensorSystem.Classes;

namespace SensorSystem
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}

private void btnSave_Click(object sender, EventArgs e)


{
SaveData();
}

private void SaveData()


{
string sensorName = txtSensorName.Text;
string sensorType = txtSensorType.Text;

Sensor sensor = new Sensor();

sensor.SaveSensorData(sensorName, sensorType);
}
}
}
https://www.halvorsen.blog

Improve Database

Hans-Petter Halvorsen
Updated Database
CREATE TABLE SENSOR_TYPE
(
SensorTypeId int PRIMARY KEY IDENTITY (1,1),
SensorType varchar(50) NOT NULL UNIQUE
)
GO

CREATE TABLE SENSOR


(
SensorId int PRIMARY KEY IDENTITY (1,1),
SensorName varchar(50) UNIQUE NOT NULL,
SensorTypeId int NOT NULL FOREIGN KEY REFERENCES SENSOR_TYPE(SensorTypeId)
)
GO
Test Data

insert into SENSOR_TYPE (SensorType) values ('Temperature')


insert into SENSOR_TYPE (SensorType) values ('Pressure')
insert into SENSOR_TYPE (SensorType) values ('Level')
insert into SENSOR_TYPE (SensorType) values ('Proximity ')
Update Stored Procedure
IF EXISTS (SELECT name
FROM sysobjects
WHERE name = 'SaveSensor'
AND type = 'P')
DROP PROCEDURE SaveSensor
GO

CREATE PROCEDURE SaveSensor


@SensorName varchar(50),
@SensorType varchar(50)
AS

DECLARE
@SensorTypeId int

SELECT @SensorTypeId=SensorTypeId FROM SENSOR_TYPE WHERE SensorType=@SensorType

INSERT INTO SENSOR (SensorName, SensorTypeId) VALUES (@SensorName, @SensorTypeId)

GO
Updated GUI
Sensor Types are now a Drop-down List. This
prevent you from spelling mistakes, and getting
Sensor Types like “Temperature”, “Tmperature”, ..

The different Sensor Types will no be


retrieved from the SQL Server Database
using System;
using System.Collections.Generic;
using Microsoft.Data.SqlClient;
using System.Configuration; SensorType.cs
namespace SensorSystem.Classes
{
class SensorType
{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;
public int SensorTypeId { get; set; }
public string SensorTypeName { get; set; }

public List<SensorType> GetSensorTypes()


{
List<SensorType> sensorTypeList = new List<SensorType>();

SqlConnection con = new SqlConnection(connectionString);


con.Open();

string sqlQuery = "select SensorTypeId, SensorType from SENSOR_TYPE order by SensorType";


SqlCommand cmd = new SqlCommand(sqlQuery, con);

SqlDataReader dr = cmd.ExecuteReader();

if (dr != null)
{
while (dr.Read())
{
SensorType sensorType = new SensorType();

sensorType.SensorTypeId = Convert.ToInt32(dr["SensorTypeId"]);
sensorType.SensorTypeName = dr["SensorType"].ToString();

sensorTypeList.Add(sensorType);
}
}
con.Close();
return sensorTypeList;
}
}
}
using System.Data;
using System.Windows.Forms;
using
using
Microsoft.Data.SqlClient;
System.Configuration;
Sensor.cs
namespace SensorSystem.Classes
{
class Sensor
{
string connectionString = ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString;

public void SaveSensorData(string sensorName, string sensorType)


{
try
{
SqlConnection con = new SqlConnection(connectionString);
con.Open();

SqlCommand cmd = new SqlCommand("SaveSensor", con);


cmd.CommandType = CommandType.StoredProcedure;

cmd.Parameters.Add(new SqlParameter("@SensorName", sensorName));


cmd.Parameters.Add(new SqlParameter("@SensorType", sensorType));

cmd.ExecuteNonQuery();
con.Close();
}
catch
{
MessageBox.Show("Error Writing Data to Database");
}
}
}
}
using System;
using System.Collections.Generic;
using System.Windows.Forms;
using SensorSystem.Classes; Form1.cs
namespace SensorSystem
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
FillSensorTypeComboBox();
}

private void btnSave_Click(object sender, EventArgs e)


{
SaveData();
}
private void FillSensorTypeComboBox()
{
SensorType sensorType = new SensorType();

List<SensorType> sensorTypeList = new List<SensorType>();

sensorTypeList = sensorType.GetSensorTypes();

foreach (SensorType sensorTypeItem in sensorTypeList)


{
comboSensorType.Items.Add(sensorTypeItem.SensorTypeName);
}
}
private void SaveData()
{
string sensorName = txtSensorName.Text;
string sensorType = comboSensorType.SelectedItem.ToString();

Sensor sensor = new Sensor();


sensor.SaveSensorData(sensorName, sensorType);
}
}
}
Discussions
• We have made a simple Windows Forms
App for saving Data to a SQL Server
Database
• First, I made it work, then I improved
the code step by step
• Still, lots of improvements to make, but I
leave that for you
Hans-Petter Halvorsen
University of South-Eastern Norway
www.usn.no

E-mail: [email protected]
Web: https://www.halvorsen.blog

You might also like