程序产生错误 [英] Error is generated with program

问题描述

我想在数据库中添加查询字符串值，但是我遇到服务器错误，有人可以解决这个问题吗?

i want to add querystring value in database but i m getting server error can anybody plz solve this problem?

protected void Button1_Click(object sender, EventArgs e)
    {
        
        double Price = double.Parse(((Label)DataList1.Controls[0].FindControl("PriceLabel")).Text);
        string ProductName = ((Label)DataList1.Controls[0].FindControl("NameLabel")).Text;
        string ProductImageUrl = ((Label)DataList1.Controls[0].FindControl("ImageUrlLabel")).Text;
        int ProductID = int.Parse(Request.QueryString["ProductID"]);

            Session["cart"] = yourname.txt;
        
          string strSQL = "";
        strSQL = "INSERT INTO cart (ProductID,CustomerName ProductName, " +
                "ProductImage, ProductPrice) VALUES ('" + ProductID + "','" + yourname + "','" + ProductName + "','" +
                ProductImageUrl + "','" + Price + "')";

        SqlDataSource1.InsertCommand = strSQL;
        SqlDataSource1.Insert();
        ClientScript.RegisterStartupScript(GetType(), "Message", "<SCRIPT LANGUAGE='javascript'>alert('Product added successfully');</script>");
        Session["cart"].ToString = "cart";
        Server.Transfer("product.aspx");

推荐答案

我确定您不会从此代码中收到服务器错误.您将得到编译错误.

由于您的代码中有以下几行.

I am sure that you will not get server error from this code. You will get compilation error.

because of the following lines in your code.

      Session["cart"] = yourname.txt;
// What is yourname.txt ?

和

and

    Session["cart"].ToString = "cart";
// ToString should be ToString(), but here its not required remove it

首先解决此错误，然后尝试运行代码，如果引起错误，请在此处发布错误消息.

代码有很多问题，几乎每一行都有问题.

即

First solve this errors, and then try to run the code and if it cause error, post the error message here.

There are lots of problem with the code, almost every line has something wrong.

i.e.

int ProductID = int.Parse(Request.QueryString["ProductID"]);

您不能只读取这样的查询字符串，如果未提供查询字符串，您应该始终在使用会话/查询字符串变量之前进行检查.

所以应该是

you cannot just read the query string like that, what if query string is not supplied, you should always check before you use the session / query string variable.

so it should be

int ProductID;
if(Request.QueryString["ProductID"] != null)
    ProductID = int.Parse(Request.QueryString["ProductID"].ToString());

我认为这不是任何人在现实世界中都会使用的代码.这太可怕了.但是，正如别人所说，您还有很多问题.

切勿使用double.Parse，它会炸毁.分解诸如以下内容:

I assume this is not code anyone will use in the real world. It''s far too terrible for that. However, you have a LOT of issues, as someone else said.

NEVER use double.Parse, it will blow up. Break down things like :

double Price = double.Parse(((Label)DataList1.Controls[0].FindControl("PriceLabel")).Text);

分成多行，以便您可以添加错误检查等.然后使用double.TryParse来计算字符串是否真的是双精度.

into multiple lines so that you can add error checking, etc. Then use double.TryParse to work out if the string is really a double.

gzb.abhishek写道:

gzb.abhishek wrote:

Session ["cart"] = yourname.txt;

Session["cart"] = yourname.txt;

使用会话变量时，请将购物车"之类的值放入类中，以便您被强类型输入并且可以避免难以调试的错别字.

When you use session variables, put values like "cart" into a class, so you are strongly typed and safe from typos that are hard to debug.

gzb.abhishek写道:

gzb.abhishek wrote:

strSQL ="INSERT INTO cart(ProductID，CustomerName ProductName，" +
"ProductImage，ProductPrice)值(""+ ProductID +"，""+您的名字+"，""+ ProductName +"''，" +
ProductImageUrl +''，""+价格+"'');

strSQL = "INSERT INTO cart (ProductID,CustomerName ProductName, " +
"ProductImage, ProductPrice) VALUES (''" + ProductID + "'',''" + yourname + "'',''" + ProductName + "'',''" +
ProductImageUrl + "'',''" + Price + "'')";

至少有两个原因会导致我解雇为我编写此代码的任何人.我想提请您注意的是SQL注入攻击.当然，另一种方法是将SQL放入这样的网页中是一种很糟糕的形式.违法行为.

There''s at least two reasons I''d fire anyone who wrote this code for me. The one I want to draw to your attention, is SQL injection attacks. The other, of course, is that it''s terrible form to put SQL inside a webpage like this. Sackable offences.

gzb.abhishek写道:

gzb.abhishek wrote:

ClientScript.RegisterStartupScript(GetType()，"Message"，"alert("产品已成功添加);" );
Session ["cart"].ToString ="cart";
Server.Transfer("product.aspx");

ClientScript.RegisterStartupScript(GetType(), "Message", "alert(''Product added successfully'');");
Session["cart"].ToString = "cart";
Server.Transfer("product.aspx");

完全愚蠢的几个原因.
1-为什么您要像这样在会议中添加购物车"一词?
2-server.transfer意味着您的registerstartupscript将不执行任何操作.

显然，您已经找到了一种获取一些知识的方法，足以创建此可怕的代码，但是您实际上不知道自己在做什么.我衷心希望没有人为此代码付钱，但我知道许多第三世界运营商的确会卖出如此糟糕的代码.无论哪种方式，您都应该停止该项目，购买一本书，并学习如何成为一名真正的程序员.您无处不在准备编写任何此类代码.您需要学习一些基础知识.

A couple of reasons this is utterly stupid.

1 - why would you put the word ''cart'' into the session like this ?
2 - server.transfer means your registerstartupscript will do nothing.

It''s clear you''ve found a way to get some bits of knowledge, enough to create this terrible code, but that you really have no idea what you''re doing. I sincerely hope that no-one is paying for this code, but I know a lot of third world operators do sell code as bad as this. Either way, you should stop this project, buy a book and learn how to be a real programmer. You are no where near ready to write any of this. You need to learn some basics.

当我按照u尝试找出问题时，我发现了一些问题，但是现在我遇到了一个错误.

使用未分配的局部变量"ProductID""

现在的代码是这个

When i go according to u and try to find out problems i found some but now i m getting facing an error.

"Use of unassigned local variable ''ProductID''"

Now the code is this

public partial class ProductDetails : System.Web.UI.Page
{
    //string yourname = TextBox1.Text.ToString();
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["cart"] != null && Session["cart"] != "")
        {

            yourname.Visible = false;
        }
        else
        {
            yourname.Visible = true;
        }
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        
        double Price = double.Parse(((Label)DataList1.Controls[0].FindControl("PriceLabel")).Text);
        string ProductName = ((Label)DataList1.Controls[0].FindControl("NameLabel")).Text;
        string ProductImageUrl = ((Label)DataList1.Controls[0].FindControl("ImageUrlLabel")).Text;
        int ProductID;
        if (Request.QueryString["ProductID"] != null) 
            ProductID = int.Parse(Request.QueryString["ProductID"].ToString());

        //if (Profile.SCart == null)
        //{
        //    Profile.SCart = new ShoppingCartExample.Cart();
        //    //Session["cart"] = SCart;
        //}
        //if (Session["cart"] != null)
        //{
        //    ClientScript.RegisterStartupScript(GetType(), "Message", "<SCRIPT LANGUAGE='javascript'>alert('CArt is available');</script>");
        //}
        //Profile.SCart.Insert(ProductID, Price, 1, ProductName, ProductImageUrl);
        string strSQL = "";
        strSQL = "INSERT INTO cart (ProductID,CustomerName, ProductName, " +
                "ProductImage, ProductPrice) VALUES ('" + ProductID + "','" + yourname.Text.ToString() + "','" + ProductName + "','" +
                ProductImageUrl + "','" + Price + "')";

        SqlDataSource1.InsertCommand = strSQL;
        SqlDataSource1.Insert();
        //ClientScript.RegisterStartupScript(GetType(), "Message", "<SCRIPT LANGUAGE='javascript'>alert('Product added successfully');</script>");
        Session["cart"] = yourname.Text.ToString();
        Server.Transfer("product.aspx");
    }
}

这篇关于程序产生错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！