1. 首頁
  2. 問答
  3. ASP.NET中的oRecordset mySQL

ASP.NET中的oRecordset mySQL

2010-04-09 16 views
-1

我有這個mySQL代碼連接到我的服務器。它連接就好了:ASP.NET中的oRecordset mySQL

Dim MyConString As String = "DRIVER={MySQL ODBC 3.51 Driver};" & _ 
"SERVER=example.com;" & _ 
"DATABASE=xxx;" & _ 
"UID=xxx;" & _ 
"PASSWORD=xxx;" & _ 
"OPTION=3;" 

Dim conn As OdbcConnection = New OdbcConnection(MyConString) 
conn.Open() 

Dim MyCommand As New OdbcCommand 
MyCommand.Connection = conn 
MyCommand.CommandText = "select * from userinfo WHERE emailAddress = '" & theUN & "'"" 
MyCommand.ExecuteNonQuery() 
conn.Close()

但是,我有一個使用「oRecordset」從MySQL服務器獲取數據的舊傳統的ASP頁面:

Set oConnection = Server.CreateObject("ADODB.Connection") 
Set oRecordset = Server.CreateObject("ADODB.Recordset") 

oConnection.Open "DRIVER={MySQL ODBC 3.51 Driver}; SERVER=example.com; PORT=3306; DATABASE=xxx; USER=xxx; PASSWORD=xxx; OPTION=3;" 
sqltemp = "select * from userinfo WHERE emailAddress = '" & theUN & "'" 
oRecordset.Open sqltemp, oConnection,3,3

,我可以使用oRecordset如下:

if oRecordset.EOF then.... 


strValue = oRecordset("Table_Name").value 


oRecordset("Table_Name").value = "New Value" 
oRecordset.update

等等

但是,我用我的生命,我找不到任何.NET代碼類似於我的經典ASP頁的!!!!!

任何幫助將是巨大的! :O)

大衛

來源

2010-04-09 StealthRT

回答

1

這是你必須做的:

,而不是MyCommand.ExecuteNonQuery的你應該使用MyCommand.ExecuteQuery並將其分配給DataReader的。

看看這個例子:

Dim myConnection As SqlConnection 
Dim myCommand As SqlCommand 
Dim dr As New SqlDataReader() 
'declaring the objects 

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs)_ 
Handles MyBase.Load 
myConnection = New SqlConnection("server=localhost;uid=sa;pwd=;database=pubs") 
'establishing connection. you need to provide password for sql server 
Try 
myConnection.Open() 
'opening the connection 
myCommand = New SqlCommand("Select * from discounts", myConnection) 
'executing the command and assigning it to connection 
dr = myCommand.ExecuteReader() 
While dr.Read() 
'reading from the datareader 
MessageBox.Show("discounttype" & dr(0).ToString()) 
MessageBox.Show("stor_id" & dr(1).ToString()) 
MessageBox.Show("lowqty" & dr(2).ToString()) 
MessageBox.Show("highqty" & dr(3).ToString()) 
MessageBox.Show("discount" & dr(4).ToString()) 
'displaying the data from the table 
End While 
dr.Close() 
myConnection.Close() 
Catch e As Exception 
End Try

HTH

來源

2010-04-09 22:44:01 Raja

+0

太棒了,HTH。我做了與你的例子有點不同,但它有幫助!謝謝您的幫助。 – StealthRT 2010-04-09 22:53:15

+0

很高興爲你效勞...... Raja – Raja 2010-04-09 22:55:51

+0

Ugg ..拉惹,你有什麼想法如何添加一個新的記錄? rst.addnew似乎不起作用? – StealthRT 2010-04-09 22:59:53

0 
Dim email As String = "[email protected]" 
Dim stringValue As String 

Using conn As OdbcConnection = New OdbcConnection(MyConString) 
    conn.Open() 
    Dim sql = "Select ... From userInfo Where emailAddress = @Email" 
    Using cmd As OdbcCommand = New OdbcCommand(sql, conn) 
     cmd.Parameters.AddWithValue("@Email", email) 
     Dim reader As OdbcDataReader = cmd.ExecuteReader() 
     While reader.Read() 
      stringValue = reader.GetString(0) 
     End While 
    End Using 
    conn.Close() 
End Using 

'To do an Update 
Using conn As OdbcConnection = New OdbcConnection(MyConString) 
    conn.Open() 
    Dim sql As String = "Update userInfo Set Column = @Value Where PK = @PK" 
    Using cmd As OdbcCommand = New OdbcCommand(sql, conn) 
     cmd.Parameters.AddWithValue("@Email", email) 
     cmd.ExecuteNonQuery() 
    End Using 
End Using 

'To do an Insert 
Using conn As OdbcConnection = New OdbcConnection(MyConString) 
    conn.Open() 
    Dim sql As String = "Insert userInfo(Col1,Col2,...) Values(@Value1,@Value2...)" 
    Using cmd As OdbcCommand = New OdbcCommand(sql, conn) 
     cmd.Parameters.AddWithValue("@Col1", value1) 
     cmd.Parameters.AddWithValue("@Col2", value2) 
     ... 
     cmd.ExecuteNonQuery() 
    End Using 
End Using

首先,即使是在ASP經典,它是直接連接一值轉換爲SQL語句中的絕對可怕的辦法。這就是SQL注入漏洞的發生方式。您應始終對連接到SQL語句的值進行清理。在.NET中,您可以使用參數化查詢來替換查詢中使用以@符號開頭的變量的值。然後,您可以向命令對象添加一個參數並以此方式設置您的值。 Command對象將爲您清理值。

ADDITION 您在評論中提到您的ASP Classic代碼較短。事實上,.NET代碼更短,因爲有很多事情發生,你沒有看到並且沒有在你的ASP Classic代碼中實現。我已經提到了一個正在消毒輸入的消息。另一種是伐木。開箱即用,如果引發異常,它將使用調用堆棧將其記錄到事件日誌中。甚至在ASP Classic中獲得調用堆棧也是一件麻煩的事情,這比任何一種不錯的日誌記錄都要少得多。您需要設置On Error Resume Next並在每行後檢查err.number <> 0。另外,如果沒有On Error Resume Next,如果發生錯誤,則不能保證連接將被關閉。它被關閉,但唯一可以肯定的方法是使用On Error Resume Next並嘗試關閉它。

一般來說,我封裝我所有的數據訪問代碼爲一組的方法,使我可以簡單地通過SQL語句和參數值,並確保它每次都正確地調用。 (這也適用於ASP Classic)。

來源

2010-04-09 22:45:22 Thomas

+0

嗯,感謝這個例子,但是好像很多額外的代碼與傳統的ASP代碼相互配合。你會如何去做第一個.addnew? – StealthRT 2010-04-09 22:59:13

+0

@StealthRT - 修改我的答案。 – Thomas 2010-04-09 23:40:57

0 
Dim conn As OdbcConnection = New OdbcConnection("DRIVER={MySQL ODBC 3.51 Driver}; SERVER=xxx.com; DATABASE=xxx; UID=xxx; PASSWORD=xxx; OPTION=3;") 
    conn.Open() 

    Dim MyCommand As New OdbcCommand 
    MyCommand.Connection = conn 
    MyCommand.CommandText = "SELECT * FROM userinfo" 
    Dim rst = MyCommand.ExecuteReader() 

    While rst.Read() 
     response.write(rst("userID").ToString())   
    End While 
    conn.Close()

來源

2010-04-09 22:53:58 StealthRT

相關問題

 相關問題