如何验证学生ID是否存在于数据库中或也不存在 [英] How to validate whether the student id is exists in database or nor

问题描述

请注意，它是网络应用程序。





验证学生ID是否存在于数据库中或不存在该代码，如下所示; < br $>

Note it is web application.


Validating the student id is exists in database or not for that code as follows;

SCon.Con.Open();
  string str = "Select  count(*)  from Studdet where studid = " + txt_Studid.Text.ToString() + "";
  SqlCommand cmd = new SqlCommand(str, SCon.Con);
  cmd.Parameters.AddWithValue("studid", txt_Studid.Text);
   int count = cmd.ExecuteScalar();
         if (count > 0)
        {
            Label4.Text = "Correct Student id";
            return;
        }
        else
        {
            Label4.Text = "InCorrect student id is there";
            return;
        }
           SCon.Con.Close();

in the运行模式我在txt_Studid（文本框）中输入学生ID，然后单击显示按钮错误，如下所示;



无法将类型''对象'隐式转换为'' INT ''。存在显式转换（你是否错过演员表？





我的代码中有什么问题。请帮助我。



问候，

Narasiman P.

in the run mode i enter the student id in the txt_Studid(textbox) and click the show button error as follows;

Cannot implicitly convert type ''object'' to ''int''. An explicit conversion exists (are you missing a cast?


what is the problem in my code. please help me.

Regards,
Narasiman P.

推荐答案

假设您的实际SQL语句是尝试运行是正确的我会改变你的代码如下：

Assuming the actual SQL statement you are trying to run is correct I would change your code as follows:

SCon.Con.Open();
  string str = "Select  count(*)  from Studdet where studid = @studid";
  SqlCommand cmd = new SqlCommand(str, SCon.Con);
  cmd.Parameters.AddWithValue("@studid", Convert.ToInt(txt_Studid.Text.Trim()));

这是：

a）使用参数来减少SQL注入的变化，

b）允许SQL查询实际使用给定的para米。

c）将输入的文本转换为整数值



我还会对输入到txt_Studid文本框中的信息添加额外的检查使用验证事件确保只输入正整数值，但这是加法。



我也会按照他的解决方案中的nitin bhoyate的建议执行以下操作。 br $>

This is:
a) uses parameters to reduce changes of SQL injection,
b) allows the SQL query to actually work with the given parameter.
c) Converts the text entered to an integer value

I would also add additional checking on the information entered into the txt_Studid text box using the validating event to ensure only positive integer values have been entered but that is addition.

I would also do the following as suggested by nitin bhoyate in his solution.

int count =0;
object obj = cmd.ExecuteScalar();
if(obj!=null)
{
count =convert.toint(obj.tostring());

}

你没有正确设置你的参数阅读这个

http：// stackoverflow.com/questions/2701506/sql-inline-query-with-parameters-parameter-is-not-read-when-the-query-is-execut [ ^ ]。



答案1会为你提供一个如何做到这一点的好例子。

You haven''t set up your parameters correctly have a read of this
http://stackoverflow.com/questions/2701506/sql-inline-query-with-parameters-parameter-is-not-read-when-the-query-is-execut[^].

Answer 1 will give you a good example on how to do this.

你好，

你只需添加以下代码即可解决问题。

Hello,
You Just Add this code as below you problem is solve.

string str = "Select count(*) from Studdet where studid = " + txt_Studid.Text.ToString() + "";
            SqlCommand cmd = new SqlCommand(str, cn);
            cn.Open();
            int count = 0;
            object obj = cmd.ExecuteScalar();
            count = Convert.ToInt32(obj);
            if (count > 0)
            {
                Label4.Text = "Correct Student id";
                return;
            }
            else
            {
                Label4.Text = "InCorrect student id is there";
                return;
            }
            cn.Close();

这篇关于如何验证学生ID是否存在于数据库中或也不存在的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！