如果正确的囚犯,输入字符串不是 [英] Input String Is Not if Correct Formate
问题描述
Imports System.Data
Imports System。 Data.SqlClient
Partial Class _Default
继承 System.Web.UI.Page
Dim strcon As 字符串 = ConfigurationManager.ConnectionStrings( dbconnection )。ConnectionString
Dim con As 新 SqlConnection(strcon)
Dim com As 整数 = 0
Dim suname As 字符串
//我得到错误表示输入字符串 不 如果 Correct Formate
受保护的 Sub Page_Load( ByVal sender 作为 对象, ByVal e As System.EventArgs)句柄 MyBase .Load
Dim cmd As 新 SqlCommand( 从tbl_abc中选择*,其中uname =' +会话( mail)+ ',con)
Dim da As 新 SqlDataAdapter(cmd )
Dim dt As 新 DataTable()
da.Fill(dt)
suname = dt.Rows( 0 )( 3 )。ToString()
Dim amount As 整数
对于金额= 1 8
如果 suname = 字符串 .IsNullOrEmpty(suname)然后
com + = 20
否则
com = < span class =code-digit> 0
结束 如果
下一页金额
MsgBox(com)
结束 < span class =code-keyword> Sub
这是一些混乱的代码。
单独看这个部分:
Dim com 正如 整数 = 0
Dim suname As String
...
如果 suname = 字符串 .IsNullO rEmpty(suname)然后由于
suname
是一个字符串,并且IsNullOrEmpty
返回一个布尔值,编译器隐式地将布尔值转换为字符串,所以除非从数据库返回的名称为True或False,否则您的代码不会出现永远添加20到com
...
您还需要查看Session变量的内容为了解决直接问题 - 没有你不知道你传递给SQL的字符串是哪个字符串,这是你注意到的错误的关键。
添加一些日志记录,使用调试器或类似的东西在用于构建SQL字符串之前向您报告值 - 这是您正确解决出错的唯一方法。
当你把它整理出来时,就这样停止吧!
不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。请改用参数化查询。
这样做..
如果suname =字符串 .IsNullOrEmpty(suname)然后
如果 字符串 .IsNullOrEmpty(suname)然后
Imports System.Data
Imports System.Data.SqlClient
Partial Class _Default
Inherits System.Web.UI.Page
Dim strcon As String = ConfigurationManager.ConnectionStrings("dbconnection").ConnectionString
Dim con As New SqlConnection(strcon)
Dim com As Integer = 0
Dim suname As String
//I got the Error that Input String Is Not if Correct Formate
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim cmd As New SqlCommand("Select * from tbl_abc where uname='" + Session("mail") + "'", con)
Dim da As New SqlDataAdapter(cmd)
Dim dt As New DataTable()
da.Fill(dt)
suname = dt.Rows(0)(3).ToString()
Dim amount As Integer
For amount = 1 To 8
If suname = String.IsNullOrEmpty(suname) Then
com += 20
Else
com = 0
End If
Next amount
MsgBox(com)
End Sub
That is some confused code.
Look at this part alone:
Dim com As Integer = 0 Dim suname As String ... If suname = String.IsNullOrEmpty(suname) ThenSince
suname
is a String, andIsNullOrEmpty
returns a Boolean value, the compiler with implicitly cast the Boolean to a string, so unless the name you get back from the database is "True" or "False" your code isn't going to ever add 20 tocom
...
You also need to look at the content of your Session variable in order to sort out the direct problem - without that you have no idea what string you are passing to SQL which is the crux of the error you have noticed.
Add some logging, use the debugger, or similar to report the value to you before it is used to build the SQL string - it's the only way you are going work out exactly what is going wrong.
And when you have sorted that out, stop doing it like that!
Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
do like this..
Ifsuname =String.IsNullOrEmpty(suname) Then
If String.IsNullOrEmpty(suname) Then
这篇关于如果正确的囚犯,输入字符串不是的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!