从客户端检测到潜在危险的Request.Form值(txtAnsDesc =“"”)。 [英] A potentially dangerous Request.Form value was detected from the client (txtAnsDesc="").
本文介绍了从客户端检测到潜在危险的Request.Form值(txtAnsDesc =“"”)。的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
描述:请求验证检测到潜在危险的客户端输入值,并且请求的处理已中止。此值可能表示尝试破坏应用程序的安全性,例如跨站点脚本攻击。要允许页面覆盖应用程序请求验证设置,请将httpRuntime配置部分中的requestValidationMode属性设置为requestValidationMode =2.0。示例:< httpRuntime requestValidationMode =2.0/>。设置此值后,您可以通过在Page指令或< pages>中设置validateRequest =false来禁用请求验证。配置部分。但是,强烈建议您的应用程序在这种情况下明确检查所有输入。有关详细信息,请参阅http://go.microsoft.com/fwlink/?LinkId=153133。
我的代码如下:
<%@ 页 语言 = C# AutoEventWireup = true ValidateRequest = false 调试 = true < span class =code-attribute> %>
< !DOCTYPE html PUBLIC - // W3C // DTD XHTML 1.0 Transitional // EN http://www.w3.org/ TR / xhtml1 / DTD / xhtml1-transitional.dtd >
<%@ 导入 命名空间 = System.Data %>
<%@ 导入 命名空间 = System.Data.Sql %>
<% @ 导入 命名空间 < span class =code-keyword> = System.Data.SqlClient %>
< script runat = server 语言 = c# > ;
受保护 void Button2_Click( object sender,EventArgs e)
{
}
protected void Button1_Click( object sender,EventArgs e)
{
SqlDataAdapter da ;
DataSet ds;
SqlConnection CON = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings [ < span class =code-string> ApplicationServices]。ConnectionString);
SqlTransaction tr = null ;
CON.Open();
ds = new DataSet();
string sql = select * from answer ;
da = new SqlDataAdapter(sql,CON);
da.Fill(ds, answer);
int r = 0 ;
DataRow [] rs;
rs = ds.Tables [ answer]。选择( ansid =' + txtAnsID.Text.Trim()+ ');
r = rs.Length;
if (r > 0 )
{
System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label();
lbl1.ForeColor = System.Drawing.Color.Yellow;
lbl1.BackColor = System.Drawing.Color.Blue;
lbl1.Text = 此答案ID + txtAnsID.Text.Trim()+ 已存在;
ph1.Controls.Add(lbl1);
}
else
{
tr = CON.BeginTransaction();
尝试
{
SqlCommand cmd = new SqlCommand( 插入答案(sid,aid,cid,qid,ansid,ansdesc,class)值(@ sid,@ aid,@ CID,@ QID,@ ansid,@ ansdesc,@类));
cmd.Transaction = tr;
cmd.Parameters.AddWithValue( @ sid,ddSid.SelectedItem.Text.Trim ());
cmd.Parameters.AddWithValue( @ aid,ddAid.SelectedItem.Text.Trim ());
cmd.Parameters.AddWithValue( @ cid,ddCid.SelectedItem.Text.Trim ());
cmd.Parameters.AddWithValue( @ qid,ddQid.SelectedItem.Text.Trim ());
cmd.Parameters.AddWithValue( @ ansid,txtAnsID.Text.Trim() );
cmd.Parameters.AddWithValue( @ qname,txtAnsDesc.Text.Trim() );
cmd.Parameters.AddWithValue( @ class,ddClass.SelectedItem.Text.Trim ());
cmd.Connection = CON;
cmd.ExecuteNonQuery();
tr.Commit();
try
{
System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label();
lbl1.ForeColor = System.Drawing.Color.Yellow;
lbl1.BackColor = System.Drawing.Color.Blue;
lbl1.Text = 答案是成功的;
ph1.Controls.Add(lbl1);
}
catch (例外情况)
{
// Response.Write(ex.Message);
}
}
catch (Exception ex)
{
// 响应。写(+ ex);
// tr.Rollback();
}
finally
{
CON.Close();
}
}
}
受保护 void Page_Load( object sender,EventArgs e)
{
}
< / script >
< span class =code-keyword>< html xmlns = http://www.w3.org/1999/xhtml >
< head id = < span class =code-keyword> Head1 runat = server >
< title < span class =code-keyword>> < / title >
< style type = text / css >
。 style1
{
width : 100%;
border : 50px solid#008000;
}
。 style2
{
width : 100%;
border : 25px solid#FF00FF ;
}
# ta1
{
width : 947px;
height : 386px;
}
。 style3
{
}
。 style4
{
<跨班=code-attribute> height : 23px;
}
。 style5
{
height : 23px;
}
< / < span class =code-leadattribute> style >
< / head >
< 正文 >
< script src = nicEdit.js 类型 = text / javascript > < / script >
< script type = text / javascript >
bkLib.onDomLoaded( function (){
// new nicEditor()。panelInstance('area1');
// new nicEditor({fullPanel:true})。panelInstance('area2');
< span class =code-comment> // new nicEditor({iconsPath:'.. / nicEditorIcons.gif'})。panelInstance('area3');
// new nicEditor({buttonList:['fontSize','bold','italic ','强调','strikeThrough','下标','上标','html','image']})。panelInstance('area4');
new nicEditor({maxHeight: 400 })。panelInstance(' < span class =code-string> txtAnsDesc');
});
< / script >
< 表格 id = form1 runat = server >
< div align = center >
< table class = style1 >
< tr >
< td >
< / td >
< / tr >
< tr >
< td >
< / td >
< / tr >
< tr >
< < span class =code-leadattribute> td >
< / td >
< / tr >
< tr >
< td >
< table class = < span class =code-keyword> style2 >
< tr >
< td >
< / td >
< td >
< / td >
< td class = style3 >
< / td >
< td >
< / td >
< td < span class =code-keyword>>
< / td >
< td >
< / td >
< td >
< / td >
< / tr >
< tr >
< td >
< / td >
< td >
主题ID < / td > ;
< td class = style3 >
作者ID < / td >
< td >
章节ID < / td >
< td >
问题ID < / td >
< td >
类< / td >
< td >
< / td >
< / tr >
< tr >
< td >
< / td >
< td >
< asp:DropDownList ID < span class =code-keyword> = ddSid runat = server AutoPostBack = True
< span class =code-attribute> DataSourceID = SqlDataSource1 DataTextField = sid DataValueField = sid >
< / asp:DropDownList >
< asp:SqlDataSource ID = SqlDataSource1 < span class =code-attribute> runat = server
ConnectionString = <% $ ConnectionStrings:ApplicationServices %>
SelectCommand = < span class =code-keyword> SELECT * FROM [subject] > < / asp:SqlDataSource >
< / td >
< td class = style3 >
< asp:DropDownList ID = ddAid runat = server AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource2\" DataTextField=\"aid\" DataValueField=\"aid\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource2\" runat=\"server\"
ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\"
SelectCommand=\"SELECT * FROM [author] WHERE ([sid] = @sid)\">
<SelectParameters>
<asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\"
PropertyName=\"SelectedValue\" Type=\"String\" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID=\"ddCid\" runat=\"server\" AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource3\" DataTextField=\"cid\" Da taValueField=\"cid\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource3\" runat=\"server\"
< span class =code-attribute> ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\"
SelectCommand=\"SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))\">
<SelectParameters>
<asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\"
PropertyName=\"SelectedValue\" Type=\"String\" />
<asp:ControlParameter ControlID=\"ddAid\" DefaultValue=\"-99\" Name=\"aid\"
< span class =code-attribute> PropertyName=\"SelectedValue\" Type=\"String\" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID=\"ddQid\" runat=\"server\" AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource4\" DataTextField=\"qid\" DataValueField=\"qid\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource4\" runat=\"server\"
< span class =code-attribute> ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\"
SelectCommand=\"SELECT * FROM [question] WHERE (([sid] = @sid) AND ([aid] = @aid) AND ([cid] = @cid))\">
<SelectParameters>
<asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\"
< span class =code-attribute> PropertyName=\"SelectedValue\" Type=\"String\" />
<asp:ControlParameter ControlID=\"ddAid\" DefaultValue=\"-99\" Name=\"aid\"
< span class =code-attribute> PropertyName=\"SelectedValue\" Type=\"String\" />
<asp:ControlParameter ControlID=\"ddCid\" DefaultValue=\"-99\" Name=\"cid\"
< span class =code-attribute> PropertyName=\"SelectedValue\" Type=\"String\" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID=\"ddClass\" runat=\"server\" AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource5\" DataTextField=\"class_name\"
DataValueField=\"class_name\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource5\" runat=\"server\"
< span class =code-attribute> ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\"
SelectCommand=\"SE LECT * FROM [class]\"></asp:SqlDataSource>
</td>
<td>
</td>
</tr>
<tr>
<td class=\"style4\">
</td>
<td class=\"style4\">
</td>
<td class=\"style5\">
</td>
<td class=\"style4\">
</td>
<td clas s=\"style4\">
</td>
<td class=\"style4\">
</td>
<td class=\"s tyle4\">
</td>
</tr>
<tr>
<td class=\"style4\">
</td>
<td class=\"style4\">
</td>
<td class=\"style5\" colspan=\"3\">
<asp:PlaceHolder ID=\"ph1\" runat=\"server\"></asp:PlaceHolder>
</td>
<td class=\"style4\">
</td>
<td class=\"style4\">
</td>
</tr>
<tr>
<td class=\"style4\">
</td>
<td class=\"style4\">
</td>
<td class =\"style4\">
</td>
<td class=\"style4\">
</td>
<td class=\"style4 \">
</td>
<td class=\"style4\">
</td>
<td class=\"style4\">
</td>
</tr>
<tr>
<td>
</td>
<td>
Answer ID</td>
<td class=\"style3\">
<asp:TextBox ID=\"txtAnsID\" runat=\"server\" Width=\"151px\"></asp:TextBox>
</td>
<td>
</td>
<td>
</td>
< td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td align=\"left\" colspan=\"6\">
<asp:TextBox ID=\"txtAnsDesc\" runat=\"server\" Height=\"120px\" TextMode=\"MultiLine\"
Width=\"937px\"></asp:TextBox>
</td>
</tr>
<tr>
<td>
</td>
<td>
</td>
<td class=\"style3\">
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td class=\"style3\" colspan=\"3\">
<asp:Button ID=\"Button1\" runat=\"server\" Text=\"Submit\"
< span class=\"code-attribute\"> Width =\"156px\" onclick=\"Button1_Click\" />
<asp:Button ID=\"Button2\" runat=\"server\" Text=\"Search\" Width=\"156px\"
onclick=\"Button2_Click\" />
<asp:Button ID=\"Button3\" runat=\"server\" Text=\"Update\" Width=\"156px\" />
<asp:Button ID=\"Button4\" runat=\"server\" Text=\"Delete\" Width=\"156px\" />
<asp:Button ID=\"Button5\" runat=\"server\" Text=\"Clear\" Width=\"156px\" />
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td>
</td>
<td class=\"style3\">
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
</table>
</div>
</form>
</body>
</html> 解决方案
ConnectionStrings:ApplicationServices %>\"
SelectCommand=\"SELECT * FROM [subject]\"></asp:SqlDataSource>
</td>
<td class=\"style3\">
<asp:DropDownList ID=\"ddAid\" runat=\"server\" AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource2\" DataTextField=\"aid\" DataValueField=\"aid\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource2\" runat=\"server\"
ConnectionString=\"<%
ConnectionStrings:ApplicationServices %>\"
SelectCommand=\"SELECT * FROM [author] WHERE ([sid] = @sid)\">
<SelectParameters>
<asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\"
PropertyName=\"SelectedValue\" Type=\"String\" />
</SelectParameters>
</asp:SqlDataSource>
&l t;/td>
<td>
<asp:DropDownList ID=\"ddCid\" runat=\"server\" AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource3\" DataTextField=\"cid\" DataValueField=\"cid\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource3\" runat=\"server\"
ConnectionString=\"<%
ConnectionStrings:ApplicationServices %>\"
< span class=\"code-attribute\"> SelectCommand=\"SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))\">
<SelectParameters>
<asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\"
< span class =code-attribute> PropertyName=\"SelectedValue\" Type=\"String\" />
<asp:ControlParameter ControlID=\" ddAid\" DefaultValue=\"-99\" Name=\"aid\"
< span class =code-attribute> PropertyName=\"SelectedValue\" Type=\"String\" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID=\"ddQid\" runat=\"server\" AutoPostBack=\"True\"
DataSourceID=\"SqlDataSource4\" DataTextField=\"qid\" DataValueField=\"qid\">
</asp:DropDownList>
<asp:SqlDataSource ID=\"SqlDataSource4\" runat=\"server\"
ConnectionString=\"<%
A potentially dangerous Request.Form value was detected from the client (txtAnsDesc="<br>").
Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.
My Code is given below
<%@ Page Language="C#" AutoEventWireup="true" ValidateRequest="false" Debug="true" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<%@Import Namespace="System.Data"%>
<%@Import Namespace="System.Data.Sql"%>
<%@Import Namespace="System.Data.SqlClient"%>
<script runat="server" language="c#">
protected void Button2_Click(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
SqlDataAdapter da;
DataSet ds;
SqlConnection CON = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString);
SqlTransaction tr = null;
CON.Open();
ds = new DataSet();
string sql = "select * from answer";
da = new SqlDataAdapter(sql, CON);
da.Fill(ds, "answer");
int r = 0;
DataRow[] rs;
rs = ds.Tables["answer"].Select("ansid='" + txtAnsID.Text.Trim() + "'");
r = rs.Length;
if (r > 0)
{
System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label();
lbl1.ForeColor = System.Drawing.Color.Yellow;
lbl1.BackColor = System.Drawing.Color.Blue;
lbl1.Text = "This Answer ID " + txtAnsID.Text.Trim() + " Already Exist";
ph1.Controls.Add(lbl1);
}
else
{
tr = CON.BeginTransaction();
try
{
SqlCommand cmd = new SqlCommand("insert into answer (sid,aid,cid,qid,ansid,ansdesc,class) values (@sid,@aid,@cid,@qid,@ansid,@ansdesc,@class)");
cmd.Transaction = tr;
cmd.Parameters.AddWithValue("@sid", ddSid.SelectedItem.Text.Trim());
cmd.Parameters.AddWithValue("@aid", ddAid.SelectedItem.Text.Trim());
cmd.Parameters.AddWithValue("@cid", ddCid.SelectedItem.Text.Trim());
cmd.Parameters.AddWithValue("@qid", ddQid.SelectedItem.Text.Trim());
cmd.Parameters.AddWithValue("@ansid", txtAnsID.Text.Trim());
cmd.Parameters.AddWithValue("@qname", txtAnsDesc.Text.Trim());
cmd.Parameters.AddWithValue("@class", ddClass.SelectedItem.Text.Trim());
cmd.Connection = CON;
cmd.ExecuteNonQuery();
tr.Commit();
try
{
System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label();
lbl1.ForeColor = System.Drawing.Color.Yellow;
lbl1.BackColor = System.Drawing.Color.Blue;
lbl1.Text = "The Answer is entred SUCCESSFULLY";
ph1.Controls.Add(lbl1);
}
catch (Exception ex)
{
//Response.Write(ex.Message);
}
}
catch (Exception ex)
{
//Response.Write("" + ex);
//tr.Rollback();
}
finally
{
CON.Close();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title></title>
<style type="text/css">
.style1
{
width: 100%;
border: 50px solid #008000;
}
.style2
{
width: 100%;
border: 25px solid #FF00FF;
}
#ta1
{
width: 947px;
height: 386px;
}
.style3
{
}
.style4
{
height: 23px;
}
.style5
{
height: 23px;
}
</style>
</head>
<body>
<script src="nicEdit.js" type="text/javascript"></script>
<script type="text/javascript">
bkLib.onDomLoaded(function () {
//new nicEditor().panelInstance('area1');
//new nicEditor({fullPanel : true}).panelInstance('area2');
//new nicEditor({iconsPath : '../nicEditorIcons.gif'}).panelInstance('area3');
//new nicEditor({buttonList : ['fontSize','bold','italic','underline','strikeThrough','subscript','superscript','html','image']}).panelInstance('area4');
new nicEditor({ maxHeight: 400 }).panelInstance('txtAnsDesc');
});
</script>
<form id="form1" runat="server">
<div align="center">
<table class="style1">
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
<table class="style2">
<tr>
<td>
</td>
<td>
</td>
<td class="style3">
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td>
Subject ID</td>
<td class="style3">
Author ID</td>
<td>
Chapter ID</td>
<td>
Question ID</td>
<td>
Class</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td>
<asp:DropDownList ID="ddSid" runat="server" AutoPostBack="True"
DataSourceID="SqlDataSource1" DataTextField="sid" DataValueField="sid">
</asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
ConnectionString="<%$ ConnectionStrings:ApplicationServices %>"
SelectCommand="SELECT * FROM [subject]"></asp:SqlDataSource>
</td>
<td class="style3">
<asp:DropDownList ID="ddAid" runat="server" AutoPostBack="True"
DataSourceID="SqlDataSource2" DataTextField="aid" DataValueField="aid">
</asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSource2" runat="server"
ConnectionString="<%$ ConnectionStrings:ApplicationServices %>"
SelectCommand="SELECT * FROM [author] WHERE ([sid] = @sid)">
<SelectParameters>
<asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid"
PropertyName="SelectedValue" Type="String" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID="ddCid" runat="server" AutoPostBack="True"
DataSourceID="SqlDataSource3" DataTextField="cid" DataValueField="cid">
</asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSource3" runat="server"
ConnectionString="<%$ ConnectionStrings:ApplicationServices %>"
SelectCommand="SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))">
<SelectParameters>
<asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid"
PropertyName="SelectedValue" Type="String" />
<asp:ControlParameter ControlID="ddAid" DefaultValue="-99" Name="aid"
PropertyName="SelectedValue" Type="String" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID="ddQid" runat="server" AutoPostBack="True"
DataSourceID="SqlDataSource4" DataTextField="qid" DataValueField="qid">
</asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSource4" runat="server"
ConnectionString="<%$ ConnectionStrings:ApplicationServices %>"
SelectCommand="SELECT * FROM [question] WHERE (([sid] = @sid) AND ([aid] = @aid) AND ([cid] = @cid))">
<SelectParameters>
<asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid"
PropertyName="SelectedValue" Type="String" />
<asp:ControlParameter ControlID="ddAid" DefaultValue="-99" Name="aid"
PropertyName="SelectedValue" Type="String" />
<asp:ControlParameter ControlID="ddCid" DefaultValue="-99" Name="cid"
PropertyName="SelectedValue" Type="String" />
</SelectParameters>
</asp:SqlDataSource>
</td>
<td>
<asp:DropDownList ID="ddClass" runat="server" AutoPostBack="True"
DataSourceID="SqlDataSource5" DataTextField="class_name"
DataValueField="class_name">
</asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSource5" runat="server"
ConnectionString="<%$ ConnectionStrings:ApplicationServices %>"
SelectCommand="SELECT * FROM [class]"></asp:SqlDataSource>
</td>
<td>
</td>
</tr>
<tr>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style5">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
</tr>
<tr>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style5" colspan="3">
<asp:PlaceHolder ID="ph1" runat="server"></asp:PlaceHolder>
</td>
<td class="style4">
</td>
<td class="style4">
</td>
</tr>
<tr>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
<td class="style4">
</td>
</tr>
<tr>
<td>
</td>
<td>
Answer ID</td>
<td class="style3">
<asp:TextBox ID="txtAnsID" runat="server" Width="151px"></asp:TextBox>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td align="left" colspan="6">
<asp:TextBox ID="txtAnsDesc" runat="server" Height="120px" TextMode="MultiLine"
Width="937px"></asp:TextBox>
</td>
</tr>
<tr>
<td>
</td>
<td>
</td>
<td class="style3">
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td class="style3" colspan="3">
<asp:Button ID="Button1" runat="server" Text="Submit"
Width="156px" onclick="Button1_Click" />
<asp:Button ID="Button2" runat="server" Text="Search" Width="156px"
onclick="Button2_Click" />
<asp:Button ID="Button3" runat="server" Text="Update" Width="156px" />
<asp:Button ID="Button4" runat="server" Text="Delete" Width="156px" />
<asp:Button ID="Button5" runat="server" Text="Clear" Width="156px" />
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td>
</td>
<td>
</td>
<td class="style3">
</td>
<td>
</td>
<td>
</td>
<td>
</td>
<td>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
</table>
</div>
</form>
</body>
</html> 解决方案
ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [subject]"></asp:SqlDataSource> </td> <td class="style3"> <asp:DropDownList ID="ddAid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource2" DataTextField="aid" DataValueField="aid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource2" runat="server" ConnectionString="<%
ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [author] WHERE ([sid] = @sid)"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddCid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource3" DataTextField="cid" DataValueField="cid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource3" runat="server" ConnectionString="<%
ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> <asp:ControlParameter ControlID="ddAid" DefaultValue="-99" Name="aid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddQid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource4" DataTextField="qid" DataValueField="qid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource4" runat="server" ConnectionString="<%
这篇关于从客户端检测到潜在危险的Request.Form值(txtAnsDesc =“"”)。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
