当我没有为用户中的logg定义Usertype时,我的Gridview工作正常。现在我的BindGrid()功能无法正常工作,并将错误视为
System.InvalidOperationException:ExecuteReader:CommandText属性尚未初始化错误即将来临
这是我的BindGrid代码: -
protected void BindGrid()
{
string username = string.Empty;
string usertype = string.Empty;
try
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["DefaultCSRConnection"].ConnectionString);
SqlCommand cmd = new SqlCommand("SELECT usertype,username FROM tbl_User WHERE username='" + Session["User"].ToString() + "'", conn);
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
username = dr["username"].ToString();
usertype = dr["usertype"].ToString();
}
}
conn.Close();
string query = string.Empty;
if (usertype == "0") // superadmin
{
query = "select Id,username,email,usertype,active,(CASE WHEN usertype='1' THEN 'Admin' WHEN usertype='0' THEN 'Super Admin' WHEN usertype='2' THEN 'User' END) AS UserRoleName from tbl_User ORDER By Id DESC";
}
if (usertype == "1") // admin
{
query = "select Id,username,email,usertype,active,(CASE WHEN usertype='1' THEN 'Admin' WHEN usertype='0' THEN 'Super Admin' WHEN usertype='2' THEN 'User' END) AS UserRoleName from tbl_User WHERE usertype != '0' ORDER By Id DESC";
}
if (usertype == "2") // user
{
query = "select Id,username,email,usertype,active,(CASE WHEN usertype='1' THEN 'Admin' WHEN usertype='0' THEN 'Super Admin' WHEN usertype='2' THEN 'User' END) AS UserRoleName from tbl_User WHERE username='" + username + "' ORDER By Id DESC";
}
cmd = new SqlCommand(query, conn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds);
grdUser.DataSource = ds.Tables[0];
grdUser.DataBind();
}
catch (Exception)
{
throw;
}
}
请在此提出建议。
答案 0 :(得分:2)
我建议如下:
using statement username和usertype)switch statement and ensure proper handling of the default case 答案 1 :(得分:1)
我已添加参数及其安全使用。
protected void BindGrid()
{
string username = string.Empty;
string usertype = string.Empty;
try
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["DefaultCSRConnection"].ConnectionString);
SqlCommand cmd = new SqlCommand("SELECT usertype,username FROM tbl_User WHERE username=@username", conn);
cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = Session["User"].ToString();
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
if (dr.Read())
{
username = dr["username"].ToString();
usertype = dr["usertype"].ToString();
}
}
conn.Close();
string query = string.Empty;
if (!string.IsNullOrEmpty(usertype))
{
if (usertype == "0") // superadmin
{
query = "select Id,username,email,usertype,active,(CASE WHEN usertype='1' THEN 'Admin' WHEN usertype='0' THEN 'Super Admin' WHEN usertype='2' THEN 'User' END) AS UserRoleName from tbl_User ORDER By Id DESC";
}
if (usertype == "1") // admin
{
query = "select Id,username,email,usertype,active,(CASE WHEN usertype='1' THEN 'Admin' WHEN usertype='0' THEN 'Super Admin' WHEN usertype='2' THEN 'User' END) AS UserRoleName from tbl_User WHERE usertype != '0' ORDER By Id DESC";
}
if (usertype == "2") // user
{
query = "select Id,username,email,usertype,active,(CASE WHEN usertype='1' THEN 'Admin' WHEN usertype='0' THEN 'Super Admin' WHEN usertype='2' THEN 'User' END) AS UserRoleName from tbl_User WHERE username='" + username + "' ORDER By Id DESC";
}
cmd = new SqlCommand(query, conn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds);
grdUser.DataSource = ds.Tables[0];
grdUser.DataBind();
}
}
catch (Exception)
{
throw;
}
}