如何获取登录的一个用户ID及其分数 [英] How to get one user id that is logged in and its score
问题描述
public partial class ScorePage : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (Session["UserID"]==null)
{
Response.Redirect("LoginPage.aspx");
}
Score_Page();
}
private void Score_Page()
{
string id = Convert.ToString(Session["UserID"]);
string query = "SELECT UserId, SUM(AnswerResult)Score FROM t_AnswerSheet group by UserId";
string connection = "server=sv01;database=testdb;uid=sa;password=****";
SqlConnection a = new SqlConnection(connection);
a.Open();
SqlCommand b = new SqlCommand(query, a);
DataTable c = new DataTable();
SqlDataAdapter sda = new SqlDataAdapter(b);
sda.Fill(c);
a.Close();
GridView1.DataSource = c;
GridView1.DataBind();
}
string id = Convert.ToString(Session["UserID"]);
string query = "SELECT UserId, SUM(AnswerResult)Score FROM t_AnswerSheet group by UserId";
string connection = "server=*****;database=testdb;uid=***;password=****";
,因为在这部分代码中,我使用session从UserLoging Table获取UserId,但是无法将用户ID输入select命令,因为每当用户登录时,它都会将相应的id发送到分数页面那个id的得分......但是这里得到了所有Id和他们的结果得分。所以我需要Id才能登录并获得相应的分数。
我尝试了什么:
as in this part of code i am using session to get UserId from UserLoging Table but wasn't able to get User id into select command as Whenever user login it send respective id to score page along with score of that id ...but here em getting all Id and their result score. So i need just Id that get login and respective score to that Id
What I have tried:
<pre>public partial class ScorePage : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (Session["UserID"]==null)
{
Response.Redirect("LoginPage.aspx");
}
Score_Page();
}
private void Score_Page()
{
string id = Convert.ToString(Session["UserID"]);
string query = "SELECT UserId, SUM(AnswerResult)Score FROM t_AnswerSheet group by UserId";
string connection = "server=***;database=testdb;uid=**;password=*****";
SqlConnection a = new SqlConnection(connection);
a.Open();
SqlCommand b = new SqlCommand(query, a);
DataTable c = new DataTable();
SqlDataAdapter sda = new SqlDataAdapter(b);
sda.Fill(c);
a.Close();
GridView1.DataSource = c;
GridView1.DataBind();
}
推荐答案
您需要在SQL中添加WHERE子句:
You need to add a WHERE clause to your SQL:
string id = Convert.ToString(Session["UserID"]);
string query = "SELECT UserId, SUM(AnswerResult)Score FROM t_AnswerSheet WHERE UserId=@ID GROUP BY UserId";
string connection = "server=sv01;database=testdb;uid=sa;password=[REDACTED]";
using (SqlConnection con = new SqlConnection(connection))
{
con.Open();
using (SqlCommand cmd = new SqlCommand(query, con))
{
cmd.Parameters.AddWithValue("@ID", id);
...
其他一些让你的生活更美好的事情:
1 )不要硬编码连接字符串 - 总是使用配置文件或类似文件。
2)永远不要在线发布数据库ID和密码组合...
3)不要使用SA用户 - 创建具有足够权限来完成工作的用户 - 它可以降低数据库其余部分的风险,因为SA可以做任何事情!
4 )不要使用单个字符变量名称 - 它会使您的代码更难阅读,这意味着将来可维护性更低(并且您将花费大量时间查看您或其他人编写的代码,并且正在工作它是如何工作的 - 或者不是)
5)总是处理数据库连接,命令,适配器等:它们是稀缺资源而不这样做会使你的应用程序崩溃不可预测。
A couple of other things to make your life better:
1) Don't hardcode connection strings - always use a configuration file or similar.
2) Never post database ID and password combinations online...
3) Don't use the SA user - create users which have "just enough" permissions to do the job - it reduces the risks to the rest of your database(s), since SA can do anything at all!
4) Don't use single character variable names - it makes your code harder to read, and that means less maintainable in future (and you will spend a lot of time looking at code you or someone else has written a while a go, and working out how it works - or doesn't)
5) Always Dispose database connections, commands, adapters, etc: they are scarce resources and not doing so can make your app crash unpredictably.
这篇关于如何获取登录的一个用户ID及其分数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
