我如何解决错误再充电,请帮助Meeee [英] How Di I Solve The Error To Recharge,, Pls Help Meeee
问题描述
html:
html:
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="recharge.aspx.vb" Inherits="recharge" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>Untitled Page</title>
</head>
<body background="pic/bg1.jpg">
<form id="form1" runat="server">
<div>
<asp:TextBox ID="txt_mob" runat="server" Style="z-index: 100; left: 174px; position: absolute;
top: 149px" MaxLength="10"></asp:TextBox>
<asp:TextBox ID="txt_credit" runat="server" Style="z-index: 101; left: 165px; position: absolute;
top: 320px" MaxLength="20"></asp:TextBox>
<asp:TextBox ID="txt_pwd" runat="server" Style="z-index: 102; left: 170px; position: absolute;
top: 390px" MaxLength="16"></asp:TextBox>
<asp:Label ID="Label1" runat="server" Style="z-index: 103; left: 174px; position: absolute;
top: 125px" Text="Mobile Number"></asp:Label>
<asp:Label ID="lbl_msg" runat="server" Style="z-index: 104; left: 191px; position: absolute;
top: 429px" Font-Bold="True"></asp:Label>
<asp:Label ID="Label12" runat="server" Style="z-index: 105; left: 160px; position: absolute;
top: 210px; height: 24px;" Text="Bank"></asp:Label>
<asp:Label ID="Label13" runat="server" Style="z-index: 105; left: 160px; position: absolute;
top: 210px; height: 24px;" Text="Bank"></asp:Label>
<asp:Label ID="Label2" runat="server" Style="z-index: 105; left: 165px; position: absolute;
top: 185px; height: 24px; right: 1034px;" Text="Via"></asp:Label>
<asp:Label ID="Label3" runat="server" Style="z-index: 106; left: 170px; position: absolute;
top: 270px; height: 44px;" Text="Card No"></asp:Label>
<asp:DropDownList ID="ddl_bank" runat="server" Style="z-index: 108; left: 165px;
position: absolute; top: 245px" Width="149px">
</asp:DropDownList>
<asp:Button ID="Button1" runat="server" Height="50px" Style="z-index: 109; left: 505px;
position: absolute; top: 450px" Text="Recharge" Width="189px" />
<asp:Image ID="Image1" runat="server" ImageUrl="~/pic/r2.jpg" Style="z-index: 110;
left: 8px; position: absolute; top: 113px" Height="67px" Width="146px" />
<asp:Label ID="Label7" runat="server" Font-Bold="True" Style="z-index: 111; left: 370px;
position: absolute; top: 215px" Text="Rechare Card"></asp:Label>
<asp:TextBox ID="txtprice" runat="server" Style="z-index: 112; left: 580px; position: absolute;
top: 243px" Width="109px"></asp:TextBox>
<asp:TextBox ID="txttalk" runat="server" Style="z-index: 113; left: 580px; position: absolute;
top: 289px" Width="109px"></asp:TextBox>
<asp:TextBox ID="txtval" runat="server" Style="z-index: 114; left: 580px; position: absolute;
top: 330px" Width="109px"></asp:TextBox>
<asp:Label ID="Label8" runat="server" Font-Bold="True" Style="z-index: 115; left: 416px;
position: absolute; top: 151px" Text="Vendor"></asp:Label>
<asp:Label ID="Label9" runat="server" Font-Bold="True" Style="z-index: 116; left: 497px;
position: absolute; top: 330px" Text="Validity"></asp:Label>
<asp:Label ID="Label10" runat="server" Font-Bold="True" Style="z-index: 117; left: 496px;
position: absolute; top: 287px" Text="Talktime"></asp:Label>
<asp:ListBox ID="lst_rc" runat="server" AutoPostBack="True" Height="114px" Style="z-index: 118;
left: 370px; position: absolute; top: 260px" Width="104px"></asp:ListBox>
<asp:Label ID="Label11" runat="server" Font-Bold="True" Height="18px" Style="z-index: 119;
left: 498px; position: absolute; top: 252px" Text="Price"></asp:Label>
<asp:DropDownList ID="dvendor" runat="server" AutoPostBack="True" Style="z-index: 121;
left: 473px; position: absolute; top: 146px; height: 22px;" Width="97px" >
</asp:DropDownList>
<asp:Button ID="Button2" runat="server" Height="28px" Style="z-index: 123; left: 338px;
position: absolute; top: 148px" Text="Fetch" Width="48px" />
</div>
<asp:Label ID="Label4" runat="server" Style="z-index: 107; left: 170px; position: absolute;
top: 350px; height: 24px; width: 61px;" Text="Password"></asp:Label>
<p>
</p>
<p>
</p>
<p>
</p>
<p>
</p>
<p>
<asp:DropDownList ID="ddl_bank0" runat="server" Style="z-index: 108; left: 250px;
position: absolute; top: 185px" Width="149px">
</asp:DropDownList>
</p>
</form>
</body>
</html>
coding:
coding:
Imports System.Web.UI
Imports System.Data.SqlClient
Imports System.Data
Imports System.Configuration
Partial Class recharge
Inherits System.Web.UI.Page
Dim con As New SqlConnection
Dim cmd As New SqlCommand
Dim dr As SqlDataReader
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
con.ConnectionString = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\mobile.mdf;Integrated Security=True;User Instance=True"
con.Open()
If IsPostBack = False Then
ddl_bank.Items.Add("SBI")
ddl_bank.Items.Add("ICICI")
ddl_bank.Items.Add("AXIS")
'fetch vendor name from vendor table
cmd = New SqlCommand("select distinct(ADM_Servicename) from TBL_Service", con)
dr = cmd.ExecuteReader
dvendor.Items.Add("none")
dvendor.Items.Clear()
Do While dr.Read
dvendor.Items.Add(dr(0).ToString)
Loop
dr.Close()
End If
If IsPostBack = False Then
ddl_bank0.Items.Add("Netbank")
ddl_bank0.Items.Add("Card")
End If
End Sub
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
If txt_mob.Text = "" Or txtprice.Text = "" Or txt_credit.Text = "" Or txt_pwd.Text = "" Then
lbl_msg.Text = "Empty Field"
Exit Sub
End If
Dim msg As String = ""
Dim r As New Random
Dim ref_no As String = ""
Dim USE_uname As String = "USE_user"
ref_no = (r.Next Mod 10000).ToString
'Try
cmd = New SqlCommand("select * from TBL_Banking where USE_creditcard='" + txt_credit.Text + "' and USE_pin='" + txt_pwd.Text + "' and USE_uname='" + Session("USE_user") + "' and USE_Bank='" + ddl_bank.SelectedItem.Text + "'", con)
dr = cmd.ExecuteReader
If dr.Read Then
If Val(dr("USE_Amount").ToString) >= Val(txtprice.Text) Then
dr.Close()
msg = "Ref No : " + ref_no + ". Your mobile no : " + txt_mob.Text + " Talk time : " + txttalk.Text + " Validity : " + txtval.Text
cmd = New SqlCommand("update TBL_Banking set USE_Amount=USE_Amount-" + txtprice.Text + " where USE_creditcard='" + txt_credit.Text + "' and USE_pin='" + txt_pwd.Text + "' and USE_uname='" + Session("USE_user") + "' and USE_Bank='" + ddl_bank.SelectedItem.Text + "'", con)
cmd.ExecuteNonQuery()
cmd = New SqlCommand("insert into TBL_Recharge values('" + Now.ToString + "','" + txt_mob.Text + "','" + dvendor.SelectedItem.Text + "','" + txt_credit.Text + "','" + ddl_bank.SelectedItem.Text + "'," + txtprice.Text + ",'" + Session("USE_user") + "','" + msg + "')", con)
cmd.ExecuteNonQuery()
lbl_msg.Text = "Recharge sucessfully"
txt_mob.Text = ""
txt_credit.Text = ""
txt_pwd.Text = ""
txt_pwd.Text = ""
Else
dr.Close()
lbl_msg.Text = "Unable to Recharge..Invalid Balance"
End If
Else
dr.Close()
lbl_msg.Text = "invalid"
End If
'Catch ex As Exception
' Label8.Text = ex.Message
'End Try
End Sub
Protected Sub dvendor_SelectedIndexChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles dvendor.SelectedIndexChanged
End Sub
Private Sub vi()
cmd = New SqlCommand("select distinct(ADM_rechargecard) from TBL_Offers where ADM_vendername='" + dvendor.SelectedItem.Text + "'", con)
dr = cmd.ExecuteReader
lst_rc.Items.Clear()
Do While dr.Read
lst_rc.Items.Add(dr(0).ToString)
Loop
dr.Close()
End Sub
Protected Sub lst_rc_SelectedIndexChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles lst_rc.SelectedIndexChanged
cmd = New SqlCommand("select * from TBL_Offers where ADM_vendername='" + dvendor.SelectedItem.Text + "' and ADM_rechargecard='" + lst_rc.Text + "'", con)
dr = cmd.ExecuteReader
If dr.Read Then
txtprice.Text = dr(4).ToString
txttalk.Text = dr(5).ToString
txtval.Text = dr(6).ToString
End If
dr.Close()
End Sub
Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click
Try
If txt_mob.Text.Length <> 10 Then
lbl_msg.Text = "Invalid Mobile number"
Else
If Mid(txt_mob.Text, 1, 3) = "999" Or Mid(txt_mob.Text, 1, 3) = "944" Then
dvendor.SelectedItem.Text = "BSNL"
ElseIf Mid(txt_mob.Text, 1, 3) = "989" Then
dvendor.SelectedItem.Text = "AIRCEL"
ElseIf Mid(txt_mob.Text, 1, 3) = "898" Then
dvendor.SelectedItem.Text = "Vodafone"
Else
dvendor.SelectedItem.Text = "Airtel"
End If
End If
Call vi()
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Sub
End Class
Database:
mobile.mdf
Tables:
TBL_Banking
Fields:USE_Name,USE_Bank,USE_acno,USE_address,USE_uname,USE_pin,USE_Amount,
USE_creditcard.
TBL_Offers
Fields:ADM_refno,ADM_vendername,ADM_Servicelocn,ADM_rechargecard,ADM_Price,
ADM_talktime,ADM_Validity,ADM_Category,ADM_Desc
TBL_Recharge
Fields:USE_Tdate,USE_mobnum,USE _Vender,USE_creditcard,USE_Bank,USE_Amount,
USE_Rcuser,USE_Mdesc
Database:
mobile.mdf
Tables:
TBL_Banking
Fields:USE_Name,USE_Bank,USE_acno,USE_address,USE_uname,USE_pin,USE_Amount,
USE_creditcard.
TBL_Offers
Fields:ADM_refno,ADM_vendername,ADM_Servicelocn,ADM_rechargecard,ADM_Price,
ADM_talktime,ADM_Validity,ADM_Category,ADM_Desc
TBL_Recharge
Fields:USE_Tdate,USE_mobnum,USE_Vender,USE_creditcard,USE_Bank,USE_Amount,
USE_Rcuser,USE_Mdesc
推荐答案
Oh dear...
Start off by not doing it like that.不要连接字符串以构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。 Use Parametrized queries instead.
The chances are that that will cure your problem as well, given the only code that talks about \"recharge\" is your Button1 handler, and that’s stuffed with dangerous SQL code - but if it doesn’t, then tell us what happens that you don’t expect (or does that you don’t), what message you get, and what line it happens on.
Oh dear...
Start off by not doing it like that. Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
The chances are that that will cure your problem as well, given the only code that talks about "recharge" is your Button1 handler, and that's stuffed with dangerous SQL code - but if it doesn't, then tell us what happens that you don't expect (or does that you don't), what message you get, and what line it happens on.
这篇关于我如何解决错误再充电,请帮助Meeee的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!