Question

这种方法有什么问题？我试图在Web服务（.asmx）文件中添加此方法。但它显示我的错误。添加后，甚至该.asmx文件中的其他方法也显示相同的错误。

    [WebMethod]
    public string UpdateEvent(EventsClass es)
    {
        string cs = ConfigurationManager.ConnectionStrings["DBCS"].ToString();
        using (SqlConnection con = new SqlConnection(cs))
        {
            string qr = "UPDATE Events SET Title = '" + es.Title +
                "', DateFrom = '" + es.DateFrom +
                "', DateTo = '" + es.DateTo +
                "', Location = '" + es.Location +
                "', DateTo = '" + es.DateTo +
                "', Status = '" + es.Status +
                "', Description = '" + es.Description +
                "', UpdateDate = '" + es.UpdateDate +
                "'  WHERE Id = '" + es.Id + "'";

            SqlCommand cmd = new SqlCommand(qr, con);
            con.Open();
            cmd.ExecuteNonQuery();
        }
        return "1";
    }

错误信息如下：

System.IndexOutOfRangeException: Index was outside the bounds of the array.
   at System.Web.Services.Protocols.HttpServerType..ctor(Type type)
   at System.Web.Services.Protocols.HttpServerProtocol.Initialize()
   at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing)

ajax post方法中返回的错误消息：

Failed to load resource: the server responded with a status of 500 (Internal Server Error)
function(){return f&&(c&&!b&&(h=f.length-1,g.push(c)),function d(b){n.each(b,function(b,c){n.isFunction(c)?a.unique&&j.has(c)||f.push(c):c&&c.length&&"string"!==n.type(c)&&d(c)})}(arguments),c&&!b&&i…

Answer 1

这是因为您在DBCS中没有Web.config配置密钥，并且您在此行中获得了异常：

 string cs = ConfigurationManager.ConnectionStrings["DBCS"].ToString();

从不以这种方式生成SQL查询。始终使用SqlParameter代替。使用参数有助于防止SQL注入攻击

C＃ - 添加方法后显示错误

1 个答案: