想要在另一个窗口中生成结果表单数据库 [英] want to produce resultant form database in another window
本文介绍了想要在另一个窗口中生成结果表单数据库的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在捕获用户名和密码,并将其提交给数据库进行处理.表单数据库我根据提交的值从数据库中检索用户名和usid.
我想在新窗口中显示结果.如何进行.这是我的代码,请提出修改建议.
Hi,
I am capturing username and password and submit it to database for process. form database I retrieve username and usid from database depending submitted values.
I want to display the result in new window. How to proceed.here is my code please suggest modifications .
public partial class _Default : System.Web.UI.Page
{
string str = ConfigurationManager.ConnectionStrings["prsqlConnectionString"].ConnectionString;
SqlConnection conn;
SqlCommand cmd;
SqlDataReader dr = null;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnsubmit_Click(object sender, EventArgs e)
{
try
{
SqlConnection conn = new SqlConnection(str);
SqlCommand cmd = new SqlCommand("select us_id,username from loginv3 where username='"+txtusername.Text+"'and pwd='"+txtpwd.Text+"'",conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
Response.Write("<table border="2"><tr><th>userid</th><th>username</th></tr>");
while (dr.Read())
{
Response.Write("<tr><td>" + dr.GetInt32(0) + "</td><td>" + dr.GetString(1) + "</td></tr></table>");
Response.Write("<br />" + "operation over");
}
}
catch (Exception ex)
{
Response.Write(ex.Message);
Response.Write(ex.Source);
}
finally
{
while (dr != null)
dr.Close();
while (conn != null)
conn.Close();
}
}
}
推荐答案
请不要那样做数据库访问.
不要连接字符串以构建SQL命令.它使您对意外或蓄意的SQL注入攻击敞开大门,这可能会破坏整个数据库.改用参数化查询:
Please, don''t do database accesses like that.
Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead:
SqlCommand cmd = new SqlCommand("select us_id,username from loginv3 where username=@UN and pwd=@PW",conn);
cmd.Parameters.AddWithValue("@UN", txtusername.Text);
cmd.Parameters.AddWithValue("@PW", txtpwd.Text);
这篇关于想要在另一个窗口中生成结果表单数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文