并非所有路径都返回值 [英] Not all path return a value

问题描述

请任何人可以帮助我解决这个问题?我有这样的方法:

Please anyone can help me in this issue? I have a method like this:

public DataTable login(string Username, string Password)
        {
            try
            {
                string sqlstr;
                sqlstr = "SELECT * FROM Login WHERE Username = '" + Username + "' AND Password = '" + Password + "' ";
                con = new SqlConnection(clsConnection.strconnection);
                con.Open();

                da = new SqlDataAdapter();
                da.SelectCommand = new SqlCommand();
                da.SelectCommand.CommandText = sqlstr;
                da.SelectCommand.Connection = con;
                da.SelectCommand.CommandType = System.Data.CommandType.Text;
                da.SelectCommand.ExecuteNonQuery();

                DataTable dt = new DataTable();
                da.Fill(dt);
                return dt;
                
            }
            catch (Exception ee)
            {
                MessageBox.Show(ee.Message);
            }

一旦运行此方法，就会出现错误消息，因为并非所有路径都返回值.
我的SQL数据库表是Login，就像这样:

用户名varchar(25)
密码varchar(25)

就这样.

请任何人都可以告诉我为什么会出现此错误消息.

在此先感谢.

Once I run this method an error message appears as not all paths return a value.
My SQL database table is Login and like this:

Username varchar(25)
Password varchar(25)

That''s it.

Please any one can tell me why this error message occurs.

Thanks in Advance.

推荐答案

在您的捕获中添加:

in your catch add:

return null;

虽然数码吉他除缺少l外完全正确，但我觉得您需要对此稍作解释.

while digimanus is completely correct except for a missing l, I feel you need a little explanation why.

try
{
    // The try-block
}
catch(Exception e)
{
    // The catch-block
}

当代码在try块中执行然后抛出异常时，try块中的其余代码将被跳过(包括return语句)，然后执行catch块中的代码，因此如果不这样做在catch块中或之后有一个return语句，编译器不知道应该返回什么.

我会尝试举一个例子，请阅读代码中的评论:

When code are executed in your try-block and then throws an exception then the rest of the code in the try-block are skipped (including a return statement) and then the code in the catch-block is executed, so if you do not have a return statement in or after the catch-block the compiler doesn''t know what should be returned.

I''ll try to give you an example, read my comments in the code:

public DataTable login(string Username, string Password)
{
    try
    {
        string sqlstr; 
        sqlstr = "SELECT * FROM Login WHERE Username = '" + Username + "' AND Password = '" + Password + "' ";
        con = new SqlConnection(clsConnection.strconnection);
        con.Open();
 
        da = new SqlDataAdapter();
        da.SelectCommand = new SqlCommand();
        da.SelectCommand.CommandText = sqlstr;
        da.SelectCommand.Connection = con;
        da.SelectCommand.CommandType = System.Data.CommandType.Text;
        da.SelectCommand.ExecuteNonQuery(); // This throws an exception
 
        // Then these 3 lines are not executed
        DataTable dt = new DataTable();
        da.Fill(dt);
        return dt;
    }
    catch (Exception ee)
    {
        // This is executed
        MessageBox.Show(ee.Message);
        // So if you do not have a return statement here..
    }
    // ..or a return statement here, then the you can't compile, because 
    // the compiler doesn't know what value should be returned in the case that 
    // somthing in your try-block throws an exception.
}

好像您将密码以纯文本格式存储在数据库中一样.如果确实如此，请不要这样做.

而是使用哈希作为密码，将哈希存储到数据库，并将用户输入与哈希值进行比较.

有关更多信息，请查找例如: http://msdn.microsoft.com/zh-cn/library/system.security.cryptography.rsacryptoserviceprovider.aspx [

Looks like you''re storing the password as plain text in the database. If that''s really the case, don''t do so.

Instead use hashing for the password, store the hash to the database and compare the user input to the hash value.

For more info, look for example: http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.aspx[^].

这篇关于并非所有路径都返回值的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！