如何修复错误ExecuteReader

时间:2015-07-31 11:45:56

标签: c#

错误类型' System.Data.SqlClient.SqlException'发生在System.Data.dll中但未在用户代码中处理。怎么解决? 图片:http://i.stack.imgur.com/7Sibc.png 

    private void Form1_Load(object sender, EventArgs e)
    {
        SqlConnection conn = new SqlConnection(@"Data Source=QEAG1YU4664IBKF\HUYNHBAO;Initial Catalog=TonghopDB;User ID=sa;Password=koolkool7");
        conn.Open();
        SqlCommand sc = new SqlCommand("select Title from TongHopDB", conn);
        SqlDataReader reader;

        reader = sc.ExecuteReader();
        DataTable dt = new DataTable();

        dt.Columns.Add("Title", typeof(string));
        dt.Load(reader);

        cboxDB.ValueMember = "Title";
        cboxDB.DisplayMember = "Title";
        cboxDB.DataSource = dt;

        conn.Close();
    }

    private void cboxDB_SelectedIndexChanged(object sender, EventArgs e)
    {
        string sql = "Select Title, Post from TongHopDB where Title = " + cboxDB.SelectedValue.ToString(); // câu query có thể khác với kiểu dữ liệu trong database của bạn
        SqlConnection conn = new SqlConnection(@"Data Source=QEAG1YU4664IBKF\HUYNHBAO;Initial Catalog=TonghopDB;User ID=sa;Password=koolkool7");
        conn.Open();
        SqlCommand cmd = new SqlCommand(sql, conn);
        SqlDataReader sdr = cmd.ExecuteReader();
        textBox1.Text = sdr.GetValue(0).ToString();
        textBox2.Text = sdr.GetValue(1).ToString();
        sdr.Close();
        sdr.Dispose();
        conn.Close();
        conn.Dispose();
    }

3 个答案:

答案 0 :(得分:1)

 string sql = "Select Title, Post from TongHopDB where Title = '" + cboxDB.SelectedValue.ToString()+"'";

但我强烈建议使用参数:

 string sql = "Select Title, Post from TongHopDB where Title = @Title";
cmd.Paramaters.Add( "@Title",cboxDB.SelectedValue.ToString());

答案 1 :(得分:1)

强烈怀疑您的Title是字符类型,这就是为什么它需要与单引号一起使用; 

where Title = '" + cboxDB.SelectedValue.ToString() + "'";

但不要这样使用。

您应始终使用parameterized queries。这种字符串连接对SQL Injection攻击开放。

还可以使用using statement自动处理您的SqlConnectionSqlCommandSqlDataReader个对象,而不是手动调用CloseDispose方法。< / p> 

using(var conn = new SqlConnection(@"Data Source=QEAG1YU4664IBKF\HUYNHBAO;Initial Catalog=TonghopDB;User ID=sa;Password=koolkool7"))
using(var cmd = conn.CreateCommand())
{
   cmd.CommandText = "Select Title, Post from TongHopDB where Title = @title";
   cmd.Parameters.Add("@title", SqlDbType.NVarChar).Value = cboxDB.SelectedValue.ToString();
   // I assumed your column type is nvarchar.
   conn.Open();
   using(SqlDataReader sdr = cmd.ExecuteReader())
   {
      if(dr.Read())
      {
         textBox1.Text = sdr.GetValue(0).ToString();
         textBox2.Text = sdr.GetValue(1).ToString();
      }
   }
}

答案 2 :(得分:0)

cboxDB.SelectedValue是Apple根据屏幕截图中显示的错误。您的SQL语句用简单的英语说:

从TongHopDB(表格)中选择标题(列)和帖子(列),其中标题(列)等于Apple(列)

var btnVerify = document.getElementById("btnVerify"); btnVerify.addEventListener("click", function() { window.open('GetDocs.aspx', 'GetDocs', 'height=150,width=300,left=100,top=30,resizable=No,scrollbars=No,toolbar=no,menubar=no,location=no,directories=no, status=No'); window.location.href = "somewebpage.aspx"; }); 不是有效列!

虽然只需在cboxDB的值周围添加单引号,但您应该使用参数而不是连接字符串。 http://blog.codinghorror.com/give-me-parameterized-sql-or-give-me-death/

相关问题
最新问题