代码plz中的错误检查此代码错误是字符串还是二进制将被截断 [英] error in code plz check this code error is string or binary would be truncated

问题描述

当我尝试登录时出现错误:
字符串或二进制数据将被截断.该声明已终止.

我的数据库表是User

When I try to login error comes:
String or binary data would be truncated. The statement has been terminated.

My database Table is User

ID int
Email Primary key varchar(50)
Password varchar(50)
Name varchar(50)
Country varchar(50)
RegisterDate varchar(50)
LastLogin varchar(50)
Description varchar(50)
ImageName varchar(50)

登录名:

login:

DataBaseClass dbClass = new DataBaseClass();
    public DataTable dt;
    protected void Page_Load(object sender, EventArgs e)
    {
    }
    protected void OnAuthenticate(object sender, AuthenticateEventArgs e)
    {
        bool Authenticated = false;
        CheckBox chBox = (CheckBox)ctlLogin.FindControl("RememberMe");
        Authenticated = UserAuthenticate(ctlLogin.UserName, ctlLogin.Password);
        e.Authenticated = Authenticated;
        if (Authenticated == true)
        {
            if (chBox.Checked == true)
            {
                Response.Cookies["RFriend_Email"].Value = ctlLogin.UserName;
                Response.Cookies["RFriend_PWD"].Value = ctlLogin.Password;
                Response.Cookies["RFriend_UID"].Value = Session["UserId"].ToString();
                Response.Cookies["RFriend_Email"].Expires = DateTime.Now.AddMonths(3);
                Response.Cookies["RFriend_PWD"].Expires = DateTime.Now.AddMonths(3);
                Response.Cookies["RFriend_UID"].Expires = DateTime.Now.AddMonths(3);
            }
            Response.Redirect("UserDetails.aspx?Id=" + Session["UserId"].ToString());
        }
    }
    private bool UserAuthenticate(string UserName, string Password)
    {
        bool boolReturnValue = false;
        //--------------------------------
        //Check UserID From Config File
        if (UserName == "Rahul" && Password == "Saxena")
        {
            boolReturnValue = true;
            return boolReturnValue;
        }
        else
        {
            //--------------------------------
            dt = new DataTable();
            string chkUser = "Select * FROM [User] where Email='" + UserName + "' AND Password='" + Password + "'";
            dt = dbClass.ConnectDataBaseReturnDT(chkUser);
            if (dt.Rows.Count > 0)
            {
                boolReturnValue = true;
                Session["UserId"] = dt.Rows[0]["Id"].ToString();
                string updateLastLogin = "Update [User] SET LastLogin='" + System.DateTime.Now.ToString() + "' where Id='" + Session["UserId"].ToString() + "'";
                dbClass.ConnectDataBaseToInsert(updateLastLogin);
            }
            return boolReturnValue;
        }
    }
    protected void lnkRegister_Click(object sender, EventArgs e)
    {
        Response.Redirect("Register.aspx");
    }

and Databaseclass code is

SqlDataAdapter da;
    SqlConnection con;
    SqlCommand cmd = new SqlCommand();
    DataSet ds = new DataSet();
    DataTable dt = new DataTable();
    public DataBaseClass()
	{
		//
		// TODO: Add constructor logic here
		//
	}
    public void ConnectDataBaseToInsert(string Query)
    {
        con = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\omar\Documents\Visual Studio 2005\WebSites\WebSite8\App_Data\Database.mdf;Integrated Security=True;User Instance=True");
        cmd.CommandText = Query;
        cmd.Connection = con;
        da = new SqlDataAdapter(cmd);
        con.Open();
        cmd.ExecuteNonQuery();
        con.Close();
    }
    public DataSet ConnectDataBaseReturnDS(string Query)
    {
        ds = new DataSet();
        con = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\omar\Documents\Visual Studio 2005\WebSites\WebSite8\App_Data\Database.mdf;Integrated Security=True;User Instance=True");
        cmd.CommandText = Query;
        cmd.Connection = con;
        da = new SqlDataAdapter(cmd);
        da.Fill(ds);
        con.Open();
        cmd.ExecuteNonQuery();
        con.Close();
        return ds;
    }
    public DataTable ConnectDataBaseReturnDT(string Query)
    {
        dt = new DataTable();
        con = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\omar\Documents\Visual Studio 2005\WebSites\WebSite8\App_Data\Database.mdf;Integrated Security=True;User Instance=True");
        cmd.CommandText = Query;
        cmd.Connection = con;
        da = new SqlDataAdapter(cmd);
        da.Fill(dt);
        con.Open();
        cmd.ExecuteNonQuery();//error is here 
        con.Close();
        return dt;
    }

推荐答案

好吧，当您尝试插入的字符数超出列容纳的字符数时，会出现此错误消息.

详细查看这里:
完整的错误详细信息 [类似的讨论 [

Well, this error message appears when you try to insert a string with more characters than the column can accommodate.

Have a look here with full detail:
Full error details[^]
Similar discussion[^]

So, it looks like you are trying to insert too much of data then it has been set in database.

Check for what is the value of this string updateLastLogin using VS DEBUGGER before the update is executed.

要添加到Sandeep所说的内容，您确实意识到电子邮件地址最多可以包含256个字符? 50甚至不能覆盖本地部分，可以是64！请参见此处 [

To add to what Sandeep says, you do realise that an Email address can be up to 256 characters? 50 will not even cover the local part, which can be 64! See here[^]

In addition, you really shouldn''t get into the habit of storing passwords in clear: hash them using MD5 or (preferably) SHA and store / compare that instead. If anyone accesses your database, they can just read out all your users passwords - major security leak! When combined with your habit of concatenating strings to produce your SQL command string rather than using Parametrized queries, your system is really looking pretty high risk!

这篇关于代码plz中的错误检查此代码错误是字符串还是二进制将被截断的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！