不支持关键字:'提供商'

时间:2013-01-06 14:12:03

标签: asp.net ado.net connection-string provider

我有这个错误:

不支持关键字:'provider'。

描述:执行当前Web请求期间发生了未处理的异常。请查看堆栈跟踪以获取有关错误及其源自代码的位置的更多信息。

异常详细信息:System.ArgumentException:不支持关键字:'provider'。

来源错误:

Line 24:     {
Line 25:         Session["id"] = e.CommandArgument.ToString();
Line 26:         SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
Line 27:            con.Open();
Line 28:             SqlCommand cmd1 = new SqlCommand("INSERT INTO tb2 (id, name) SELECT id, name FROM tb1 where id='"+Session["id"].ToString()+"'", con);

Source File: c:\inetpub\wwwroot\logon\page.aspx    Line: 26 

这是我的完整代码:

<%@ Page Language="C#" Debug="true" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace = "System.Data.SqlClient" %>

<script runat="server" type="css">

protected void Page_Load(object sender, EventArgs e)
{
    if (!IsPostBack)
    {
        bind();
    }
}
protected void bind()
{
    PendingRecordsGridview.DataSourceID = "";
    PendingRecordsGridview.DataSource = sd1;
    PendingRecordsGridview.DataBind();
 }
protected void PendingRecordsGridview_RowCommand(object sender, GridViewCommandEventArgs e)
{
    if (e.CommandName == "accept")
    {
        Session["id"] = e.CommandArgument.ToString();
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
            con.Open();
            SqlCommand cmd1 = new SqlCommand("INSERT INTO tb2 (id, name) SELECT id, name FROM tb1 where id='"+Session["id"].ToString()+"'", con);
            SqlCommand cmd2 = new SqlCommand("delete from tb1 where id='"+Session["id"].ToString()+"'", con);
            cmd1.ExecuteNonQuery();
            cmd2.ExecuteNonQuery();
            bind();
    }
}
</script>
<form id="form1" runat="server">
<asp:GridView ID="PendingRecordsGridview" runat="server" AutoGenerateColumns="False" DataKeyNames="id" onrowcommand="PendingRecordsGridview_RowCommand" DataSourceID="sd1">
        <Columns>
            <asp:templatefield HeaderText="Accept">
                <ItemTemplate>
                    <asp:Button CommandArgument='<%# Bind("id") %>' ID="Button1" runat="server" CausesValidation="false" CommandName="accept" Text="Accept" />
                </ItemTemplate>
            </asp:templatefield>
            <asp:templatefield HeaderText="name" SortExpression="name">
                <EditItemTemplate>
                    <asp:TextBox ID="TextBox1" runat="server" Text='<%# Bind("name") %>'>
                    </asp:TextBox>
                </EditItemTemplate>
                <ItemTemplate>
                    <asp:Label ID="Label1" runat="server" Text='<%# Bind("name") %>'>
                    </asp:Label>
                </ItemTemplate>
            </asp:templatefield>
            <asp:templatefield HeaderText="id" SortExpression="id">
                <EditItemTemplate>
                    <asp:Label ID="Label1" runat="server" Text='<%# Eval("id") %>'>
                    </asp:Label>
                </EditItemTemplate>
                <ItemTemplate>
                    <asp:Label ID="Label2" runat="server" Text='<%# Bind("id") %>'>
                    </asp:Label>
                </ItemTemplate>
            </asp:templatefield>
        </Columns>
    </asp:GridView>
    <asp:SqlDataSource ID="sd1" runat="server" 
        ConnectionString="<%$ ConnectionStrings:ConnectionString %>" 
        ProviderName="<%$ ConnectionStrings:ConnectionString.ProviderName %>"
        SelectCommand="SELECT * FROM [tb1]" DeleteCommand="DELETE FROM [tb1] WHERE [id] = ?" InsertCommand="INSERT INTO [tb1] ([name]) VALUES (?)"  UpdateCommand="UPDATE [tb1] SET [name] = ? WHERE [id] = ?">
        <DeleteParameters>
            <asp:parameter Name="id" Type="Int32" />
        </DeleteParameters>
        <UpdateParameters>
            <asp:parameter Name="name" Type="String" />
            <asp:parameter Name="id" Type="Int32" />
        </UpdateParameters>
        <InsertParameters>
            <asp:parameter Name="name" Type="String" />
        </InsertParameters>
</asp:SqlDataSource>
</form>       

的Web.config

<configuration>
    <connectionStrings>

        <add name="ConnectionString" connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\inetpub\wwwroot\logon\_private\db1.mdb"
            providerName="System.Data.OleDb" />
    </connectionStrings>
</configuration>

请帮忙!谢谢!

1 个答案:

答案 0 :(得分:2)

您似乎正在尝试使用SQL Server连接对象访问Access数据库。 (连接配置引用Jet数据库引擎)

您应该使用OleDbConnection(以及相关的OleDbCommand等)。

有关连接字符串的详细信息,请参阅:http://connectionstrings.com/access

而且,正如评论中提到的,您的代码可以成功进行SQL注入攻击。您可能想要阅读how to protect yourself from SQL Injection Attacks(该文章适用于SQL Server,但许多概念也适用于Access)