为什么标识符出现预期错误 [英] why Identifier expected error comes

问题描述

ob.fetch（从Reciption_info选择Email_id，其中Email_Id ='+ txtemail.Text +'）;

if（ob.ds.Tables [0] .Rows.Count> ; 0）

{

lblmsg.Text =已经退出;

txtemail.Text。=;

txtemail.Focus（）;



}

ob.fetch("select Email_id from Reciption_info where Email_Id='" + txtemail.Text + "'");
if (ob.ds.Tables[0].Rows.Count > 0)
{
lblmsg.Text = "already exits";
txtemail.Text.= "";
txtemail.Focus();

}

推荐答案

'='之前的点不能解释为语法允许的任何内容。在此点（'。'）之后，需要一些标识符。删除这个点，你会看到。



但即便是第一行也是一个大错误。这是一个名为 SQL注入的已知漏洞的邀请： http://xkcd.com/327 [< a href =http://xkcd.com/327target =_ blanktitle =New Window> ^ ]。



For更多详细信息，请参阅我过去的答案：

在com.ExecuteNonQuery中更新错误（）; [ ^ ]，

你好名字不是显示名称？ [ ^ ]。



这里解释正确的方法：

http://msdn.microsoft.com/en-us/library/ff648339.aspx [ ^ ]，

http://en.wikipedia.org/wiki/SQL_injection [ ^ ]。

-SA

Dot before '=' cannot be interpreted as anything allowed by the syntax. After this dot ('.'), some identifier is expected. Remove this dot, and you will see.

But even the first line is a big mistake. This is the invitation for a known exploit called SQL injection: http://xkcd.com/327[^].

For further detail, please see my past answers:
EROR IN UPATE in com.ExecuteNonQuery();[^],
hi name is not displaying in name?[^].

Correct approach is explained here:
http://msdn.microsoft.com/en-us/library/ff648339.aspx[^],
http://en.wikipedia.org/wiki/SQL_injection[^].

—SA

看到第5行的小小点你的代码片段？

See that tiny little dot on line 5 of your code snippet?

txtemail.Text. = "";

应该是这个：

Should be this:

txtemail.Text = "";

我假设你是初学者。一旦你获得了一些经验，你就能够闭上眼睛看到这些语法错误。 ;-)



BTW，谢尔盖在他的回答中提到你的脚本是对SQL注入开放的。你可能想好好看看......

I'm assuming you're a beginner. Once you gain some experience you'll be able to spot these sort of syntax errors with your eyes shut. ;-)

BTW, Sergey mentioned in his answer that your script is open to SQL injection. You might want to take a good look at that...

这篇关于为什么标识符出现预期错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！