在数据库中两次插入查询创建条目。 [英] Insert query creating entry twice in database.

问题描述

文件背后的代码

Code behind File

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;

namespace knockdetails
{
    public partial class DetailsUI : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                loadgrid();
            }
        }

        protected void state_SelectedIndexChanged(object sender, EventArgs e)
        {
            SqlConnection con = new SqlConnection(@"Data Source = PC\SQLEXPRESS; Initial Catalog = invoice; Integrated Security = True");
            con.Open();
            int a = Convert.ToInt16(state.SelectedItem.Value);
            string ab = state.SelectedItem.Text;
            SqlCommand objcmd = new SqlCommand("Select district.name from district inner join state on district.state_id = state.id where state.id = '" + a + "' ", con);
            DataTable objdt = new DataTable();
            SqlDataAdapter objda = new SqlDataAdapter(objcmd);
            objda.Fill(objdt);
            objcmd.ExecuteReader();
            district.DataSource = objdt;
            district.DataTextField = objdt.Columns["name"].ToString();
            district.DataBind();
            con.Close();

        }

        protected void Calendar1_SelectionChanged(object sender, EventArgs e)
        {
            joiningdate.Text = Calendar1.SelectedDate.Date.ToString("MM/dd/yyyy");
            Calendar1.Visible = false;
        }

        protected void CalenderButton_Click(object sender, EventArgs e)
        {
            Calendar1.Visible = true;
        }

        protected void Insert_Click(object sender, EventArgs e)
        {
            


            try {
                SqlConnection con = new SqlConnection(@"Data Source = PC\SQLEXPRESS; Initial Catalog = invoice; Integrated Security = True");
                con.Open();
                int a = Convert.ToInt16(state.SelectedItem.Value);
                string ab = state.SelectedItem.Text;
                Response.Write(ab);
                Response.Write(a);
                SqlCommand objcmd = new SqlCommand("INSERT INTO [dbo].[details]([state],[district],[name],[mobile],[email],[doj],[designation]) VALUES ('" + ab + "', '" + district.SelectedItem.Value + "', '" + name.Text + "', '" + mobilenumber.Text + "', '" + email.Text + "',  '" + joiningdate.Text + "', '" + designation.SelectedItem.Value + "')", con);
                DataSet objds = new DataSet();
                SqlDataAdapter objda = new SqlDataAdapter(objcmd);
                objda.Fill(objds);
                objcmd.ExecuteNonQuery();
                con.Close();
                loadgrid();
            }
            catch
            {
                
            }
        }

        public void loadgrid()
        {
            SqlConnection con = new SqlConnection(@"Data Source = PC\SQLEXPRESS; Initial Catalog = invoice; Integrated Security = True");
            con.Open();
            SqlCommand objcmd = new SqlCommand("Select * from details ", con);
            DataSet objds = new DataSet();
            SqlDataAdapter objda = new SqlDataAdapter(objcmd);
            objda.Fill(objds);
            objcmd.ExecuteReader();
            DataDetails.DataSource = objds;
            DataDetails.DataBind();
            con.Close();

            name.Text = "";
            mobilenumber.Text = "";
            state.SelectedItem.Value = "";
            district.SelectedItem.Value = "";
            email.Text = "";
            joiningdate.Text = "";
        }
    }
}

我尝试了什么：



状态是更新面板下的autopost下拉列表 - 来自SQL Source的数据绑定

分区是下拉列表 - 取决于所选的状态下拉列表值

名称是文本

手机是文本

电子邮件是带有常规exp验证的文本

加入日期有一个文本框从事件日历接收值与事件Calendar1_SelectionChanged



i还添加了一个日历按钮，以便在更改日期时再次显示日历



和一个提交页面的按钮

What I have tried:

state is dropdownlist with autopost under update panel - Databound from SQL Source
district is dropdownlist - fetched depending on selected value of state dropdown
name is text
mobile is text
email is text with regular exp validation
date of joining has a textbox with receive value from calendar with event Calendar1_SelectionChanged

i have also added a calendar button to show calendar again in case of changing date

and a button to submmit the page

推荐答案

一些事情：

首先，不要这样做：不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。请改用参数化查询。

其次，当您使用DataAdapter并在同一命令上调用ExecuteNonQuery时：

A couple of things:
Firstly, don't do it like that: Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Secondly, When you use a DataAdapter and call ExecuteNonQuery on teh same command:

SqlDataAdapter objda = new SqlDataAdapter(objcmd);
objda.Fill(objds);
objcmd.ExecuteNonQuery();

两次插入同一行...



三，从不吞下例外：记录它们，告诉用户，无论如何 - 用它们做点什么。当您使用空的 catch 块时，您隐藏了代码可能出现问题的任何证据，即使是您自己。而且你经常需要它来修复它......

It is going to insert the same row twice...

Thirdy, never "swallow" exceptions: log them, tell the user, whatever - do something with them. When you use an empty catch block you hide any evidence of what your code's problems might be, even from yourself. And you often need that to fix it...

这篇关于在数据库中两次插入查询创建条目。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！