更新客户数据。限制每个客户的帐号必须是唯一的。 Plz帮我这个。 [英] updating a customer data. limit account number of each customer must be unique. Plz help me with this.

问题描述

query = "Select Limit_Account_No from Customer where Limit_Account_No='" + txtlimac1.Text + "-" + txtlimac2.Text + "'";
                     da = new SqlDataAdapter(query, cn);
                     dt = new DataTable();
                     da.Fill(dt);

                     if (dt.Rows.Count > 0)
                     {
                         MessageBox.Show(" Limit Account No '" + txtlimac1.Text + "-" + txtlimac2.Text + "' already Exist!!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
                         txtlimac1.SelectAll();
                         txtlimac1.Focus();
                     }

推荐答案

请不要这样做！不要连接字符串以构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。请改用参数化查询。

Please don''t do things like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

query = "Select Limit_Account_No from Customer where Limit_Account_No=@LAN";
da = new SqlDataAdapter(query, cn);
da.SelectCommand.Parameters.AddWithValue("@LAN", txtlimac1.Text + "-" + txtlimac2.Text);
dt = new DataTable();
da.Fill(dt);

除此之外，还有什么问题？

Other than that, what is the problem?

这篇关于更新客户数据。限制每个客户的帐号必须是唯一的。 Plz帮我这个。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！