每当我尝试了c那么它给我一个错误来运行该$ C $。 [Asp.net SQL] [英] Whenever i try to run this code it gives me an error. [Asp.net SQL]
问题描述
我试图运行此登记表格,每当我尝试运行它,我得到一个错误,说我使用 INSERT INTO
命令时,有一个错误。
I'm trying to run this register form and whenever I try to run it I get an error saying that I have a mistake when using the INSERT INTO
command.
下面是错误日志: http://i.imgur.com/dQYP0U7.png
这是完整的code:
protected void Page_Load(object sender, EventArgs e)
{
string username = Request.Form["username"];
string password = Request.Form["password"];
string email = Request.Form["email"];
OleDbConnection dbCon = new OleDbConnection();
OleDbCommand dbCmd = new OleDbCommand();
String Path = Server.MapPath(@"../App_Data/XXX.mdb;");
dbCon.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data source=" + Path;
dbCmd.Connection = dbCon;
OleDbDataAdapter dataA = new OleDbDataAdapter(dbCmd);
dbCmd.CommandText = String.Format("SELECT * FROM Members where username = '{0}';", username);
DataTable dataT = new DataTable();
dataA.Fill(dataT);
if (dataT.Rows.Count == 0)
{
//dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('{0}','{1}','{2}');", username, password, email);
dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('" + username + "','" + password + "','" + email + "')");
dbCon.Open();
dbCmd.ExecuteNonQuery();
dbCon.Close();
}
else
{
Response.Write("That username is alredy taken");
Response.Redirect("register.aspx");
}
}
我希望它正确地执行命令,并把它添加到数据库中。
正如你所看到的,我尝试使用输入数据的2种方法进入数据库
I want it to execute the command properly and add it to the database. As you can see, I tried using 2 methods of entering data into the database
dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('{0}','{1}','{2}');", username, password, email);
和
dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('" + username + "','" + password + "','" + email + "')");
他们没有工作。
None of them worked.
谁能帮我解决这个问题?
Can anyone help me solve this problem?
感谢您:)
推荐答案
的问题是,电子邮件地址包含 @
符号,它是跨preTED为SQL参数。
The problem is that Email addresses contain the @
symbol, which is interpreted as a sql parameter.
的解决方案是正确地使用的参数
The solution is to use parameters properly
这篇关于每当我尝试了c那么它给我一个错误来运行该$ C $。 [Asp.net SQL]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!