从3层项目中的DAL方法返回后显示MessageBox [英] Show MessageBox after returning from DAL Method in 3-Tier Project
本文介绍了从3层项目中的DAL方法返回后显示MessageBox的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
这是我的3层项目
我在DLL中有错误 - > empBL。
This is my 3-Tier project
I am having error in DLL ->empBL.
Public Function insertbyid(ByVal id As String) As Boolean
Dim con As New SqlConnection()
Dim cmd As New SqlCommand()
Try
Try
con.ConnectionString = DBConnectionString
con.Open()
cmd.CommandText = "insert into yuvapriya where ID = '" & id & "'"
cmd.CommandType = CommandType.Text
cmd.Connection = con
cmd.ExecuteNonQuery()
Dim bool As Boolean
Dim dt As DataTable
Dim db As database
If Not String.IsNullOrEmpty(id) Then
bool = db.executequery("UPDATE yuvapriya SET name = '" & emp.name & "',education = '" & emp.education & "',age = '" & emp.age & "',address = '" & emp.address & "',phonenum = '" & emp.phonenum & "',postcode = '" & emp.postcode & "' ,Email = '" & emp.email & "' WHERE id = '" & id & "'")
dt = db.getdt("select * from EmergencyContactDetails where yuvaid = '" & emp.emid & "'")
If dt.Rows.Count > 0 Then
bool = db.executequery("UPDATE EmergencyContactDetails SET Name = '" & emp.emname & "',Relationship = '" & emp.emrelationship & "',Address = '" & emp.emaddress & "',PostCode = " & emp.empostcode & ",HomeTelephone = " & emp.emhometelephone & ",WorkTelephone = " & emp.emworktelephone & ",PersonalMobile = " & emp.empersonalmobile & ",WorkMobile = " & emp.emworkmobile & " WHERE yuvaid = " & emp.emid)
Else
bool = db.executequery("INSERT INTO EmergencyContactDetails ([yuvaid],[Name],[Relationship],[Address],[PostCode],[HomeTelephone],[WorkTelephone],[PersonalMobile],[WorkMobile]) VALUES('" & emp.emyuvaid & "', '" & emp.emname & "', '" & emp.emrelationship & "', '" & emp.emaddress & "', '" & emp.empostcode & "', '" & emp.emhometelephone & "', '" & emp.emworktelephone & "', '" & emp.empersonalmobile & "', '" & emp.emworkmobile & "')")
End If
dt = db.getdt("select * from WorkHistory where yuvaid = '" & emp.whid & "'")
If dt.Rows.Count > 0 Then
bool = db.executequery("UPDATE WorkHistory SET Organization = '" & emp.whorganization & "',Designation = '" & emp.whdesignation & "',FromDate = '" & emp.whfromdate & "',ToDate = '" & emp.whtodate & "',Comments = '" & emp.whcomments & "' WHERE yuvaid = " & emp.whid)
Else
bool = db.executequery("INSERT INTO WorkHistory ([yuvaid],,[Organization],[Designation],[FromDate],[ToDate],[Comments]) VALUES('" & emp.whyuvaid & "', '" & emp.whorganization & "', '" & emp.whdesignation & "', '" & emp.whfromdate & "', '" & emp.whtodate & "', '" & emp.whcomments & "')")
End If
Else
bool = db.executequery("INSERT INTO yuvapriya (name,education,age,address,phonenum,postcode,Email) VALUES('" & emp.name & "', '" & emp.education & "', '" & emp.age & "', '" & emp.address & "', '" & emp.phonenum & "', '" & emp.postcode & "', '" & emp.email & "')")
dt = db.getdt("select * from EmergencyContactDetails where yuvaid = '" & emp.emid & "'")
If dt.Rows.Count > 0 Then
bool = db.executequery("UPDATE EmergencyContactDetails SET Name = '" & emp.emname & "',Relationship = '" & emp.emrelationship & "',Address = '" & emp.emaddress & "',PostCode = " & emp.empostcode & ",HomeTelephone = " & emp.emhometelephone & ",WorkTelephone = " & emp.emworktelephone & ",PersonalMobile = " & emp.empersonalmobile & ",WorkMobile = " & emp.emworkmobile & " WHERE yuvaid = " & emp.emyuvaid)
Else
bool = db.executequery("INSERT INTO EmergencyContactDetails ([yuvaid],[Name],[Relationship],[Address],[PostCode],[HomeTelephone],[WorkTelephone],[PersonalMobile],[WorkMobile]) VALUES('" & emp.emyuvaid & "', '" & emp.emname & "', '" & emp.emrelationship & "', '" & emp.emaddress & "', '" & emp.empostcode & "', '" & emp.emhometelephone & "', '" & emp.emworktelephone & "', '" & emp.empersonalmobile & "', '" & emp.emworkmobile & "')")
End If
dt = db.getdt("select * from WorkHistory where yuvaid = '" & emp.whid & "'")
If dt.Rows.Count > 0 Then
If Not emp.whfromdate = String.Empty Then
End If
bool = db.executequery("UPDATE WorkHistory SET Organization = '" & emp.whorganization & "',Designation = '" & emp.whorganization & "',FromDate = '" & emp.whfromdate & "',ToDate = '" & emp.whtodate & "',Comments = '" & emp.whcomments & "' WHERE yuvaid = " & emp.whid)
Else
bool = db.executequery("INSERT INTO WorkHistory ([yuvaid],[Organization],[Designation],[FromDate],[ToDate],[Comments]) VALUES('" & id & "', '" & emp.whorganization & "', '" & emp.whdesignation & "', '" & emp.whfromdate & "', '" & emp.whtodate & "', '" & emp.whcomments & "')")
End If
End If
If bool Then
MessageBox.Show("success")
End If
MessageBox.Show("please enter the name")
Catch ex As Exception
Finally
If cmd IsNot Nothing Then
cmd.Dispose()
cmd = Nothing
End If
If con IsNot Nothing Then
con.Dispose()
con = Nothing
End If
End Try
Return True
Catch ex1 As Exception
Return False
End Try
End Function
推荐答案
问题
MessageBox
来自System.Windows.Forms
命名空间。
所以,你只能在Form(.cs)页面后面的代码中使用它。
但是在这里你试图在一个类中访问它。这是不可能的。
解决方案
理想情况下,您应该从此函数返回Boolean
值,并且在调用函数上,您必须显示MessageBox
根据返回值。
Problem
MessageBox
comes underSystem.Windows.Forms
Namespace.
So, you can use this in Form's code behind (.cs) page only.
But here you are trying to access it inside one class. It is not possible.
Solution
Ideally, you should returnBoolean
value from this function and on the calling function, you have to show theMessageBox
according to the return value.
您没有指定错误是什么,但我可以指出您的代码存在巨大问题。
您用于构建SQL INSERT查询的所有字符串连接都是安全风险的怪物,如果用户在这些字段中键入字符,将导致各种问题。
谷歌针对vb.net SQL注入攻击找出你为什么这么做以及如何应对它。
You didn't specify what the error was, but I can point out a HUGE problem with your code.
All that string concatenation you're using to build the SQL INSERT queries is a MONSTER of a security risk and will cause you all kinds of problems if a user ever types a ' character into those fields.
Google for "vb.net SQL Injection attack" to find out why what you're doing is so bad and what to do about it.
这篇关于从3层项目中的DAL方法返回后显示MessageBox的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文