显示executiontenonquery未初始化错误

时间:2016-01-15 12:33:10

标签: c# ms-access oledb 

    protected void Button1_Click(object sender, EventArgs e)
    {
        int anInteger;
        anInteger = Convert.ToInt32(txtmarks.Text);
        anInteger = int.Parse(txtmarks.Text);
        if (anInteger >= 60)
        {
            OleDbConnection con = new OleDbConnection();
            con.ConnectionString =" Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\\Users\\sakshi\\Documents\\m.accdb";
            con.Open();
           OleDbCommand cmd = new OleDbCommand();  

           OleDbDataAdapter adp = new OleDbDataAdapter();
            OleDbDataReader rd;

            cmd = new OleDbCommand("insert into student(fname,fmarks,fboard)values('" + txtname.Text + "','" + txtmarks.Text + "','" + ddlbrd.SelectedItem.ToString() + "'),con");
            cmd.ExecuteNonQuery();
        }
        else
        {
            Response.Write("u are not elligible");
        }

2 个答案:

答案 0 :(得分:2)

正如您对问题的评论中所提到的,您应该查看参数化查询,但是看起来您没有正确调用OleDbCommand构造函数。

你有:

cmd = new OleDbCommand("insert into student(fname,fmarks,fboard)values('" + txtname.Text + "','" + txtmarks.Text + "','" + ddlbrd.SelectedItem.ToString() + "'),con");

看起来你在错误的地方关闭了你的字符串。请尝试以下方法:

cmd = new OleDbCommand("insert into student(fname,fmarks,fboard)values('" + txtname.Text + "','" + txtmarks.Text + "','" + ddlbrd.SelectedItem.ToString() + "')",con);

我会将我的代码更改为以下内容:

OleDbCommand cmd = new OleDbCommand(
    "insert into student(fname,fmarks,fboard)values(@fname,@fmarks,@fboard);",
    con
    );

OleDbParameter parmName = cmd.CreateParameter();
parmName.ParameterName = "@fname";
parmName.OleDbType = OleDbType.VarChar;
parmName.Value = txtname.Text;
cmd.Parameters.Add(parmName);

OleDbParameter parmMarks = cmd.CreateParameter();
parmMarks.ParameterName = "@fmarks";
parmMarks.OleDbType = OleDbType.VarChar;
parmMarks.Value = txtmarks.Text;
cmd.Parameters.Add(parmMarks);

OleDbParameter parmBoard = cmd.CreateParameter();
parmBoard.ParameterName = "@fboard";
parmBoard.OleDbType = OleDbType.VarChar;
parmBoard.Value = ddlbrd.SelectedItem.ToString();
cmd.Parameters.Add(parmBoard);

答案 1 :(得分:2)

基于未初始化错误,看起来您在con构造函数中添加了OleDbCommand作为sql命令的一部分,不是第二个参数。

更改您的

+ "'),con");


+ "')", con);

但我建议更多一些事情;

  • 您应该始终使用parameterized queries。这种字符串连接可用于SQL Injection攻击。
  • 删除您的OleDbDataAdapterOleDbDataReader定义,因为从不使用它们。
  • 删除anInteger = Convert.ToInt32(txtmarks.Text)行,因为它与anInteger = int.Parse(txtmarks.Text)行相同。
  • 使用using statement自动处理您的连接和命令。
  • 在执行命令之前打开您的连接 。在con.Open()行之前移动cmd.ExecuteNonQuery()行。

if(int.Parse(txtmarks.Text) > 60)
{
   using(var con = new OleDbConneciton("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\\Users\\sakshi\\Documents\\m.accdb"))
   using(var cmd = con.CreateCommand())
   {
      cmd.CommandText = @"insert into student(fname,fmarks,fboard)
                          values(@fname, @fmarks, @fboard)";
      // Add your parameters and their values with Add method and specifing their types
      con.Open();
      cmd.ExecuteNonQuery();
   }
}
相关问题
最新问题