为什么表中的数据没有更新 [英] Why the data are not updating in table
本文介绍了为什么表中的数据没有更新的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
为什么表中的数据没有更新.
我的CS编码如下所示:
Why the data are not updating in table.
My cs coading is given below
void submit(Object s, EventArgs e)
{
con.Open();
com = con.CreateCommand();
if (con != null)
{
com.CommandText = "UPDATE joining SET aname = '" + txtName.Text.Trim() + "',fathname='" + txtFather.Text.Trim() + "' where refno='" + txtRefNo.Text.Trim() + "'";
try
{
com.ExecuteNonQuery();
System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label();
lbl1.ForeColor = System.Drawing.Color.Yellow;
lbl1.BackColor = System.Drawing.Color.Blue;
lbl1.Text = "Your record UPDATED sucessfully";
ph1.Controls.Add(lbl1);
}
catch (Exception ex)
{
Response.Write(ex.Message);
}
}
con.Close();
}
[edit]已添加代码块,代码已格式化,将我的内容视为纯文本..."选项已禁用-OriginalGriff [/edit]
[edit]Code block added, code formatted, "Treat my content as plain text..." option disabled - OriginalGriff[/edit]
推荐答案
可能是直到文本框的内容.不要连接字符串以构建SQL命令.它使您对意外或蓄意的SQL注入攻击敞开大门,这可能会破坏整个数据库.改用参数化查询:
Probably, it is down to the contents of your text boxes. Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead:
com.CommandText = "UPDATE joining SET aname = @NM,fathname=@FN where refno=@RN";
com.Parameters.AddWithValue("@NM", txtName.Text.Trim());
com.Parameters.AddWithValue("@FN", txtFather.Text.Trim());
com.Parameters.AddWithValue("@RN", txtRefNo.Text.Trim());
不仅可以更好地保护代码,而且问题也可以消除.
Not only will your code be better protected, but your problem may well go away as well.
这篇关于为什么表中的数据没有更新的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文