如何验证学生ID是否存在于数据库中或也不存在 [英] How to validate whether the student id is exists in database or nor
问题描述
请注意,它是网络应用程序。
验证学生ID是否存在于数据库中或不存在该代码,如下所示; < br $>
Note it is web application.
Validating the student id is exists in database or not for that code as follows;
SCon.Con.Open();
string str = "Select count(*) from Studdet where studid = " + txt_Studid.Text.ToString() + "";
SqlCommand cmd = new SqlCommand(str, SCon.Con);
cmd.Parameters.AddWithValue("studid", txt_Studid.Text);
int count = cmd.ExecuteScalar();
if (count > 0)
{
Label4.Text = "Correct Student id";
return;
}
else
{
Label4.Text = "InCorrect student id is there";
return;
}
SCon.Con.Close();
in the运行模式我在txt_Studid(文本框)中输入学生ID,然后单击显示按钮错误,如下所示;
无法将类型''对象'隐式转换为'' INT ''。存在显式转换(你是否错过演员表?
我的代码中有什么问题。请帮助我。
问候,
Narasiman P.
in the run mode i enter the student id in the txt_Studid(textbox) and click the show button error as follows;
Cannot implicitly convert type ''object'' to ''int''. An explicit conversion exists (are you missing a cast?
what is the problem in my code. please help me.
Regards,
Narasiman P.
推荐答案
假设您的实际SQL语句是尝试运行是正确的我会改变你的代码如下:
Assuming the actual SQL statement you are trying to run is correct I would change your code as follows:
SCon.Con.Open();
string str = "Select count(*) from Studdet where studid = @studid";
SqlCommand cmd = new SqlCommand(str, SCon.Con);
cmd.Parameters.AddWithValue("@studid", Convert.ToInt(txt_Studid.Text.Trim()));
这是:
a)使用参数来减少SQL注入的变化,
b)允许SQL查询实际使用给定的para米。
c)将输入的文本转换为整数值
我还会对输入到txt_Studid文本框中的信息添加额外的检查使用验证事件确保只输入正整数值,但这是加法。
我也会按照他的解决方案中的nitin bhoyate的建议执行以下操作。 br $>
This is:
a) uses parameters to reduce changes of SQL injection,
b) allows the SQL query to actually work with the given parameter.
c) Converts the text entered to an integer value
I would also add additional checking on the information entered into the txt_Studid text box using the validating event to ensure only positive integer values have been entered but that is addition.
I would also do the following as suggested by nitin bhoyate in his solution.
int count =0;
object obj = cmd.ExecuteScalar();
if(obj!=null)
{
count =convert.toint(obj.tostring());
}
你没有正确设置你的参数阅读这个
http:// stackoverflow.com/questions/2701506/sql-inline-query-with-parameters-parameter-is-not-read-when-the-query-is-execut [ ^ ]。
答案1会为你提供一个如何做到这一点的好例子。
You haven''t set up your parameters correctly have a read of this
http://stackoverflow.com/questions/2701506/sql-inline-query-with-parameters-parameter-is-not-read-when-the-query-is-execut[^].
Answer 1 will give you a good example on how to do this.
你好,
你只需添加以下代码即可解决问题。
Hello,
You Just Add this code as below you problem is solve.
string str = "Select count(*) from Studdet where studid = " + txt_Studid.Text.ToString() + "";
SqlCommand cmd = new SqlCommand(str, cn);
cn.Open();
int count = 0;
object obj = cmd.ExecuteScalar();
count = Convert.ToInt32(obj);
if (count > 0)
{
Label4.Text = "Correct Student id";
return;
}
else
{
Label4.Text = "InCorrect student id is there";
return;
}
cn.Close();
这篇关于如何验证学生ID是否存在于数据库中或也不存在的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!