如何在后面的代码中使用"Eval"运算符? [英] How to use 'Eval'operator in code behind?

问题描述

我正在开发一个程序，该程序应根据登录的用户重定向到特定页面.我的程序由4种类型的用户组成.如果用户为用户"类型，则该程序应将其重定向到他的视图.仅查看其详细信息.由于程序中有多个用户，因此每个用户都由其唯一的用户ID标识.

以下是我写的使用"Eval"重定向到用户页面的代码.

"str"是一个字符串，其中包含函数返回的值.(我编写了一个函数来确定用户的类型).我正在检查用户的类型是否为"user"，然后获取相应的userid唯一，从数据库重定向到视图page.在这里，因为我使用了eval.its在最后一行给我错误，例如诸如Eval()，XPath()和Bind()之类的数据绑定方法只能在上下文中使用数据绑定控件."

Hi,
I am working on a program which should redirect to specific page according to the user logged in.my program consisting of 4 types of users.if the user is of type "user" the program should redirect him to his viewpage.that is he can view only his details.since there are multiple users in the program,each user is identified by his userid which is unique.

following is the code i wrote to redirecting to the user''s page using ''Eval''.

''str'' is a string which holds the value returned by the function.(i wrote one function to determine the type of user).i am checking if the user is of type "user",then getting the corresponding userid which is unique,from the database and redirecting to view page.here since i used eval.its giving me error in the last line like "Databinding methods such as Eval(), XPath(), and Bind() can only be used in the context of a databound control."

if (str == "user")
{
  SqlConnection con = new SqlConnection();
  SqlCommand cmd = new SqlCommand();
  con = new SqlConnection(@"Data Source=CSZ-PCS43132\SQLEXPRESS;Initial Catalog=test;Integrated Security=True");
  con.Open();
  var query = "SELECT userid FROM logins2 WHERE loginid = @loginid AND password1 = @password AND usertype = " + str ;
  cmd = new SqlCommand(query, con);
  cmd.Parameters.AddWithValue("@loginid", txtusername .Text );
  cmd.Parameters.AddWithValue("@password",txtpassword .Text );
  cmd.ExecuteNonQuery();  
                
  Response.Redirect("LocalHRviewdetails.aspx?ID="+ Eval(query));
}

任何人都可以帮助我吗?

Can anyone pls help me?

推荐答案

我不知道您使用的是哪种Eval方法，但是您没有在查询字符串上使用它-您应该使用数据库的响应.
由于您有一个返回单个值的SELECT查询，因此可以使用ExecuteScalar或ExecuteReader函数来检索用户ID，但是ExecuteNonQuery将返回受影响的行数-您的代码将始终忽略该行数.如果只需要ID，请更改:

I don''t know which Eval method you are using, but you don''t use it on a query string - you should be using the response from the database.
Since you have a SELECT query, which returns a single value, you could use the ExecuteScalar or ExecuteReader function to retrieve the user id, but ExecuteNonQuery will return the number of rows affected - which your code ignores anyway. If you only want the ID, then change:

cmd.ExecuteNonQuery();
Response.Redirect("LocalHRviewdetails.aspx?ID="+ Eval(query));

收件人:

To:

int userId = cmd.ExecuteScalar();
Response.Redirect("LocalHRviewdetails.aspx?ID="+ userId.ToString());

顺便说一句:切勿以明文形式存储密码-这是主要的安全风险.这里有一些有关如何执行此操作的信息:密码存储:如何进行 [ ^ ]

BTW: Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]

这篇关于如何在后面的代码中使用"Eval"运算符?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！