'IP'是whiteList和BlackList表中的文本字段(两个不同的表).'ip'是存储当前client的ip地址的字符串。我想首先检查客户端的ip地址是否在黑名单中然后在白名单中(如果不在黑名单中)。因为它是字符串匹配所以'='运算符不会产生正确的结果。也不想使用'喜欢',因为我不是在搜索模式而是完全匹配。
string[] ipPort = txtCIP.Text.Split(new char[] { ':' }, 2);
string ip = ipPort[0];
con.Open();
//MessageBox.Show("Connection Open ! ");
string query = "SELECT count(*) from BlackList WHERE IP=ip";
SqlCommand cmd = new SqlCommand(query, con);
int rowCount =1;
rowCount = (int)cmd.ExecuteScalar();
string wlq = "SELECT count(*) from WhiteList WHERE IP=ip";
SqlCommand cmd_wl = new SqlCommand(wlq, con);
int rowcount_wl;
rowcount_wl = (int)cmd_wl.ExecuteScalar();
if (rowCount > 1)
{
MessageBox.Show("This IP is black Listed.Please retry after a few seconds.");
}
else if (rowcount_wl > 0)
{
MessageBox.Show("This ip is present in white list.");
}
else
{ MessageBox.Show("IP is not present in whitelist"); }
con.Close();
答案 0 :(得分:2)
我认为问题在你的选择中,变量[ip]应该在双引号之外,
string query = "SELECT count(*) from BlackList WHERE IP=ip";
应该是这样的,
string query = "SELECT count(*) from BlackList WHERE IP=" + ip;
和
string wlq = "SELECT count(*) from WhiteList WHERE IP=ip";
应该是这样的,
string wlq = "SELECT count(*) from WhiteList WHERE IP=" + ip;
答案 1 :(得分:0)
string query = "SELECT count(*) from BlackList WHERE IP=" + ip;
string wlq = "SELECT count(*) from WhiteList WHERE IP=" + ip;
您的IP存储在变量中,因此将其用作变量。当你做WHERE IP = ip时,它正在搜索string = ip。因此,当您比较IP 192.168.1.1时,您将与单词ip eg。
进行比较if ("192.168.1.1" == "ip")
这显然会返回错误。
答案 2 :(得分:-1)
需要进行字符串连接以使用加号运算符
传递变量的值string query = "SELECT count(*) from BlackList WHERE IP="+ip;
WHERE子句正在搜索单词ip而不是变量ip中包含的值
执行查询
string query = "SELECT count(*) from BlackList WHERE IP=ip";
会抛出错误 无效的列名ip
将返回所有行,即ip
要在WHERE子句中作为字符串文字进行搜索, ip 需要用单个qoutes括起来,但是当然你不需要这个。