我收到错误，这是位置0没有行 [英] I am getting error this is no row at position 0

问题描述

大家正在研究ac＃项目，在这个项目中，我想选择一些数据并在Datagridview中显示，但我的数据库中有数据，我有一个select的查询但是当我点击按钮这样我得到这个错误的类型这个位置0没有行请帮助我们我只需要尽快交付这个项目，

谢谢。

这里有截图 https：/ /imgur.com/PKvcgY9

https://imgur.com/aeq0weF

https://imgur.com/8AG3LZ4



我尝试过：

Hi Guys am working on a c# project and in this project, I want to select some data and show in Datagridview but I have data in my DB and I have a query of select but when I click the button so I get this type of error this no row at position 0 please help me guys I just need to deliver this project ASAP,
Thanks.
here are the screenshots https://imgur.com/PKvcgY9
https://imgur.com/aeq0weF
https://imgur.com/8AG3LZ4

What I have tried:

dataGridView4.Columns.Add("", "Leave Consumed");
                dataGridView4.Columns.Add("", "Leave Allaowed");
                dataGridView4.Columns.Add("", "Balance");
                for (int i = 0; i < dataGridView4.Rows.Count; i++)
                {
                    DataSet ds1211122 = new DataSet();
                    DataTable dt1211122 = new DataTable();
                    ds1211122.Tables.Add(dt1211122);
                    OleDbDataAdapter da1211122 = new OleDbDataAdapter();
                    da1211122 = new OleDbDataAdapter("SELECT Sum(USERID) FROM [CHECKINOUT] where [CHECKTYPE]= '" + "I" + "'AND [USERID] = " + dataGridView4.Rows[0].Cells[1].Value.ToString() + "AND [CHECKTIME] Between #" + dateTimePicker2.Value.ToString() + "# AND #" + dateTimePicker1.Value.ToString() + "# Group By [USERID];", VCON);
                    da1211122.Fill(dt1211122);
                    int num = 0;
                    num = Convert.ToInt32(dt1211122.Rows[0][0].ToString());
                    VCON.Close();
                }

推荐答案

Quote：

错误：位置0没有行

第0行是选择答案的第一条记录，当答案为空时会发生什么？

Row 0 os the first record of answer of select, what happen when answer is empty?

da1211122 = new OleDbDataAdapter("SELECT Sum(USERID) FROM [CHECKINOUT] where [CHECKTYPE]= '" + "I" + "'AND [USERID] = " + dataGridView4.Rows[0].Cells[1].Value.ToString() + "AND [CHECKTIME] Between #" + dateTimePicker2.Value.ToString() + "# AND #" + dateTimePicker1.Value.ToString() + "# Group By [USERID];", VCON);

永远不要通过连接字符串来构建SQL查询。迟早，您将使用用户输入来执行此操作，这会打开一个名为SQL注入的漏洞，这对您的数据库很容易并且容易出错。

名称中的单引号你的程序崩溃。如果用户输入像Brian O'Conner这样的名称可能会使您的应用程序崩溃，那么这是一个SQL注入漏洞，崩溃是最少的问题，恶意用户输入，并且它被提升为具有所有凭据的SQL命令。

SQL注入 - 维基百科 [ ^ ]

SQL注入 [ ^ ]

按示例进行SQL注入攻击 [ ^ ]

PHP：SQL注入 - 手册 [ ^ ]

SQL注入预防备忘单 - OWASP [ ^ ]

我该怎么办？解释没有技术术语的SQL注入？ - 信息安全堆栈交换 [ ^ ]

Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]

这篇关于我收到错误，这是位置0没有行的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！