C# and SQLite – Selecting Data

When performing an operation on an SQLite database, such as selecting, inserting, updating and deleting data, the first thing that needs to be done is to connect to the database, as previously described.

In order to retrieve data, as well as insert, update and delete data, from an SQLite database, SQL, or Structured Query Language needs to be used, more details of which can be found here. Retrieving data is done via the ‘Select’ statement.

The following table of data, called ‘person’, will be used in the example below for selecting data.

id firstname lastname title dob
1 Bob Smith Mr 1980-01-20
2 George Jones Mr 1997-12-15
3 Fred Bloggs Mr 1975-05-07
4 Alan White Mr 1989-03-20

Note that, in an SQLite database there is no specific datatype for storing dates. One option, although not the only option, is to store them as text in the format YYYY-MM-DD (four digit year, two digit month and two digit day), which allows them to be sorted if necessary. Once the date has been extracted from the database, it can be manipulated programmatically in to the desired format.

The example below selects four items of data from the ‘person’ table, in last name, first name and date of birth order. The resulting data is stored in a ‘reader’ object, which is then used in a ‘while‘ loop to output details of each record to the console in the format: “id: lastname, firstname (dob)”. Note that the second ‘try-catch’ block has a ‘finally’ section that closes the database connection, regardless of whether the data retrieval is successful or not.

// Database.
string database = @"C:\Demo\DemoDB.db";
string password = @"DemoPW";
SqliteConnection connect;

// Check if the database exists.
if (!File.Exists(database))
{

    // Message confirming incorrect database location.
    Console.WriteLine("Error locating database.");

    // Stop program execution.
    System.Environment.Exit(1);

}

// Database connection.
connect = new SqliteConnection("Data Source=" + database + ";" +
                                "Password=" + password);

try
{

    // Connect to database.
    connect.Open();

}
catch (Exception e)
{

    // Message confirming unsuccessful database connection.
    Console.WriteLine("Database connection unsuccessful.");

    // Stop program execution.
    System.Environment.Exit(1);

}

try
{    

    // Query text incorporated into SQL command.
    var sqlSelect = connect.CreateCommand();
    sqlSelect.CommandText = @"
        SELECT id, firstname, lastname, dob 
        FROM person 
        ORDER BY lastname, firstname, dob
    ";

    // Execute SQL and place data in a reader object.
    var reader = sqlSelect.ExecuteReader();

    // Display person information in the console.
    while (reader.Read())
    {

        Console.WriteLine("{0}: {1}, {2} ({3})",
                            reader[0], reader[2], reader[1],
                            reader.GetDateTime(3).ToShortDateString());

    }

}
catch (Exception e)
{

    // Confirm error retrieving person information and exit.
    Console.WriteLine("Error retrieving person information.");
    System.Environment.Exit(1);

}
finally
{

    // Close the database connection.
    connect.Close();

}

The resulting output to the console is as follows.

3: Bloggs, Fred (07/05/1975)
2: Jones, George (15/12/1997)
1: Smith, Bob (20/01/1980)
4: White, Alan (20/03/1989)

Often it isn’t necessary to return all records from a database table. Where this is the case, parameters need to be introduced into the query. In the following example, the records returned are limited to those with a date of birth between 1 January 1980 and 31 December 1989. Within the SQL, text preceded by ‘$’ symbols are used to signify that parameters need to be incorporated. The parameter values are then bound into the SQL statement before it is executed. Binding the parameters in this way helps prevent SQL injection, where hackers try to insert malicious code to either do damage to the database or access more data than should be allowed.

// Database.
string database = @C:\Demo\DemoDB.db";
string password = @"DemoPW";
SqliteConnection connect;

// Check if the database exists.
if (!File.Exists(database))
{

    // Message confirming incorrect database location.
    Console.WriteLine("Error locating database.");

    // Stop program execution.
    System.Environment.Exit(1);

}

// Database connection.
connect = new SqliteConnection("Data Source=" + database + ";" +
                                "Password=" + password);

try
{

    // Connect to database.
    connect.Open();

}
catch (Exception e)
{

    // Message confirming unsuccessful database connection.
    Console.WriteLine("Database connection unsuccessful.");

    // Stop program execution.
    System.Environment.Exit(1);

}

try
{

    // Query parameters.
    DateTime dobLower = new DateTime(1980, 1, 1);
    DateTime dobUpper = new DateTime(1989, 12, 31);

    // Query text incorporated into SQL command.
    var sqlSelect = connect.CreateCommand();
    sqlSelect.CommandText = @"
        SELECT id, firstname, lastname, dob 
        FROM person 
        WHERE dob BETWEEN $dobLower AND $dobUpper
        ORDER BY lastname, firstname, dob
    ";

    // Bind the parameters to the query.
    sqlSelect.Parameters.AddWithValue("$dobLower", dobLower);
    sqlSelect.Parameters.AddWithValue("$dobUpper", dobUpper);

    // Execute SQL and place data in a reader object.
    var reader = sqlSelect.ExecuteReader();

    // Display person information in the console.
    while (reader.Read())
    {

        Console.WriteLine("{0}: {1}, {2} ({3})",
                            reader[0], reader[2], reader[1],
                            reader.GetDateTime(3).ToShortDateString());

    }

}
catch (Exception e)
{

    // Confirm error retrieving person information and exit.
    Console.WriteLine("Error retrieving person information.");
    System.Environment.Exit(1);

}
finally
{

    // Close the database connection.
    connect.Close();

}

The resulting output to the console is as follows.

1: Smith, Bob (20/01/1980)
4: White, Alan (20/03/1989)

Further Resources