如何将图像路径保存到访问数据库中? [英] How do I save image paths into an access database?
问题描述
我尝试过:
Imports System.Data
Imports System.Data.OleDb
Imports System.IO
Partial 类 ADRequest
继承 System.Web.UI.Page
< span class =code-keyword> Public con As String = Provider = Microsoft.ACE.OLEDB.12.0; Data Source = C:\ Users \Welcome \Documents\Database1.accdb
Dim dbcon 作为 新 OleDbConnection(con)
公开 ds1 作为 新 DataSet
Dim sql 作为 字符串
Dim Command1 As 新 OleDbCommand
< span class =code-keyword>受保护的 Sub Button3_Click(发件人作为 对象,e As EventArgs)句柄 Button3.Click
如果 FileUpload1.FileName = Nothing 那么
MsgBox( 请上传文件)
退出 Sub
结束 如果
Dim FilePath As String = Server.MapPath( ADs)& /& Path.GetFileName(FileUpload1.FileName)
Label1.Text = FilePath
Dim IMG As 字符串 = ADs& ; /& Path.GetFileName(FileUpload1.FileName)
如果 IO.File.Exists(FilePath)那么
MsgBox( 文件已存在,请选择其他名称。)
< span class =code-keyword> Else
FileUpload1.SaveAs(FilePath)
Label2.Text = Path.GetFileName(FileUpload1.FileName)+ 已上传。
结束 如果
dbcon.Open()
sql = INSERT INTO广告(时间,设计,付费)值('& TextBox1.Text& ' ,'& IMG& ','& Rad ioButtonList1.SelectedValue& ')
Dim command1 作为 新 OleDbCommand(sql,dbcon)
command1.ExecuteNonQuery()
dbcon.Close()
结束 Sub
结束 类
一个问题是你不使用参数。这会引入转换问题,让您对SQL注入开放。请参阅 SQL注入 - 维基百科 [ ^ ]。根据文件名(和其他输入),您最终可能会出现格式错误的SQL。
另一件事是您不测试文件名是否为空串。尝试使用string.IsNullOrEmpty进行测试。类似
如果 string .IsNullOrEmpty (FileUpload1.FileName)然后
此外,您应该正确处理对象并添加错误处理。有关具体示例,请查看正确执行数据库操作 [someone help me with my following codes. they don't show any errors, yet the image path does not show in my database
What I have tried:
Imports System.Data Imports System.Data.OleDb Imports System.IO Partial Class ADRequest Inherits System.Web.UI.Page Public con As String = "Provider=Microsoft.ACE.OLEDB.12.0; Data Source=C:\Users\Welcome\Documents\Database1.accdb" Dim dbcon As New OleDbConnection(con) Public ds1 As New DataSet Dim sql As String Dim Command1 As New OleDbCommand Protected Sub Button3_Click(sender As Object, e As EventArgs) Handles Button3.Click If FileUpload1.FileName = Nothing Then MsgBox("Please Upload a File") Exit Sub End If Dim FilePath As String = Server.MapPath("ADs") & "/" & Path.GetFileName(FileUpload1.FileName) Label1.Text = FilePath Dim IMG As String = "ADs" & "/" & Path.GetFileName(FileUpload1.FileName) If IO.File.Exists(FilePath) Then MsgBox("File already exists, Choose another name.") Else FileUpload1.SaveAs(FilePath) Label2.Text = Path.GetFileName(FileUpload1.FileName) + "Has been Uploaded." End If dbcon.Open() sql = "INSERT INTO advertisements(time, designnn, paym) values('" & TextBox1.Text & "','" & IMG & "', '" & RadioButtonList1.SelectedValue & "')" Dim command1 As New OleDbCommand(sql, dbcon) command1.ExecuteNonQuery() dbcon.Close() End Sub End Class解决方案One problem is that you don't use parameters. This introduces conversion problems and leaves you open to SQL injection. See SQL injection - Wikipedia[^]. Depending on the file name (and other input) you may end up in a malformed SQL.
Another thing is that you don't test if the filename is an empty string. Try using string.IsNullOrEmpty for the test. Something like
If string.IsNullOrEmpty(FileUpload1.FileName) Then
Also you should dispose the objects properly and add error handling. For concrete examples, have a look at Properly executing database operations[^]
这篇关于如何将图像路径保存到访问数据库中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!