每当我尝试了c那么它给我一个错误来运行该$ C $。 [Asp.net SQL] [英] Whenever i try to run this code it gives me an error. [Asp.net SQL]

查看:88
本文介绍了每当我尝试了c那么它给我一个错误来运行该$ C $。 [Asp.net SQL]的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图运行此登记表格,每当我尝试运行它,我得到一个错误,说我使用 INSERT INTO 命令时,有一个错误。

I'm trying to run this register form and whenever I try to run it I get an error saying that I have a mistake when using the INSERT INTO command.

下面是错误日志: http://i.imgur.com/dQYP0U7.png

这是完整的code:

protected void Page_Load(object sender, EventArgs e)
{
    string username = Request.Form["username"];
    string password = Request.Form["password"];
    string email = Request.Form["email"];

    OleDbConnection dbCon = new OleDbConnection();
    OleDbCommand dbCmd = new OleDbCommand();

    String Path = Server.MapPath(@"../App_Data/XXX.mdb;");
    dbCon.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data source=" + Path;
    dbCmd.Connection = dbCon;

    OleDbDataAdapter dataA = new OleDbDataAdapter(dbCmd);
    dbCmd.CommandText = String.Format("SELECT * FROM Members where username = '{0}';", username);
    DataTable dataT = new DataTable();
    dataA.Fill(dataT);

    if (dataT.Rows.Count == 0)
    {
        //dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('{0}','{1}','{2}');", username, password, email);
        dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('" + username + "','" + password + "','" + email + "')");
        dbCon.Open();
        dbCmd.ExecuteNonQuery();
        dbCon.Close();
    }
    else
    {
        Response.Write("That username is alredy taken");
        Response.Redirect("register.aspx");
    }
}

我希望它正确地执行命令,并把它添加到数据库中。
正如你所看到的,我尝试使用输入数据的2种方法进入数据库

I want it to execute the command properly and add it to the database. As you can see, I tried using 2 methods of entering data into the database

dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('{0}','{1}','{2}');", username, password, email);


dbCmd.CommandText = String.Format("INSERT INTO Members (username, password, email) VALUES ('" + username + "','" + password + "','" + email + "')");

他们没有工作。

None of them worked.

谁能帮我解决这个问题?

Can anyone help me solve this problem?

感谢您:)

推荐答案

的问题是,电子邮件地址包含 @ 符号,它是跨preTED为SQL参数。

The problem is that Email addresses contain the @ symbol, which is interpreted as a sql parameter.

的解决方案是正确地使用的参数

The solution is to use parameters properly

这篇关于每当我尝试了c那么它给我一个错误来运行该$ C $。 [Asp.net SQL]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆