这种方法有什么问题?我试图在Web服务(.asmx)文件中添加此方法。但它显示我的错误。添加后,甚至该.asmx文件中的其他方法也显示相同的错误。
[WebMethod]
public string UpdateEvent(EventsClass es)
{
string cs = ConfigurationManager.ConnectionStrings["DBCS"].ToString();
using (SqlConnection con = new SqlConnection(cs))
{
string qr = "UPDATE Events SET Title = '" + es.Title +
"', DateFrom = '" + es.DateFrom +
"', DateTo = '" + es.DateTo +
"', Location = '" + es.Location +
"', DateTo = '" + es.DateTo +
"', Status = '" + es.Status +
"', Description = '" + es.Description +
"', UpdateDate = '" + es.UpdateDate +
"' WHERE Id = '" + es.Id + "'";
SqlCommand cmd = new SqlCommand(qr, con);
con.Open();
cmd.ExecuteNonQuery();
}
return "1";
}
错误信息如下:
System.IndexOutOfRangeException: Index was outside the bounds of the array.
at System.Web.Services.Protocols.HttpServerType..ctor(Type type)
at System.Web.Services.Protocols.HttpServerProtocol.Initialize()
at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing)
ajax post方法中返回的错误消息:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
function(){return f&&(c&&!b&&(h=f.length-1,g.push(c)),function d(b){n.each(b,function(b,c){n.isFunction(c)?a.unique&&j.has(c)||f.push(c):c&&c.length&&"string"!==n.type(c)&&d(c)})}(arguments),c&&!b&&i…
答案 0 :(得分:3)
这是因为您在DBCS中没有Web.config配置密钥,并且您在此行中获得了异常:
string cs = ConfigurationManager.ConnectionStrings["DBCS"].ToString();
从不以这种方式生成SQL查询。始终使用SqlParameter代替。
使用参数有助于防止SQL注入攻击