1. 首頁
  2. 問答
  3. 當唯一鍵違反

當唯一鍵違反

2014-12-23 65 views
1 
protected void Button1_Click(object sender, EventArgs e) 
    { 
     SqlConnection myConnection = new SqlConnection("server=VIVID-PC;Integrated Security = True;Database=SchoolDb"); 
     SqlCommand myCommand = new SqlCommand("Command String", myConnection); 
     myConnection.Open(); 

     string firstText = TextBox1.Text; 
     string SecondText = TextBox2.Text; 
     string thirdText = TextBox3.Text; 
     string fourthText = TextBox4.Text; 



     myCommand = new SqlCommand("INSERT INTO SchoolDb_Student(StudentName,RollNo,Session,MobileNo)values('" + firstText + "','" + SecondText + "' , '" + thirdText + "','" + fourthText + "')", myConnection); 
     myCommand.ExecuteNonQuery(); 

     myConnection.Close(); 

     Response.Redirect("/view.aspx"); 

    }

來源

2014-12-23 Ashiq

+2

檢測到[SQL Injection](http://www.w3schools.com/sql/sql_injection.asp)。使用命令參數 –

+0

對不起,我不能讓你。具體幫助我,我是一個初學者。 – Ashiq

+0

你可以點擊鏈接 –

回答

1
  1. Use command with parameters to pass data to server
  2. 確保你處理連接和命令(via using statement
  3. Store connection strings in config file
  4. 不要創建虛擬命令對象

下面是完整的代碼:

using(var connection = new SqlConnection(connectionString)) 
using(var command = connection.CreateCommand()) 
{ 
    command.CommandText = 
     @"INSERT INTO SchoolDb_Student(StudentName,RollNo,Session,MobileNo) 
     VALUES (@studentName, @rollNo, @session, @mobileNo)"; 

    command.Parameters.AddWithValue("studentName", TextBox1.Text); 
    command.Parameters.AddWithValue("rollNo", TextBox2.Text); 
    command.Parameters.AddWithValue("session", TextBox3.Text); 
    command.Parameters.AddWithValue("mobileNo", TextBox4.Text); 

    connection.Open(); 

    try 
    { 
     command.ExecuteNonQuery(); 
    } 
    catch(SqlException e) 
    { 
     if (e.Message.Contains("Violation of UNIQUE KEY constraint")) 
      // you got unique key violation 
    } 
}

進一步考慮 - 改善命名的你的代碼 - TextBox1,TextBox2等對讀者沒有任何意義。給他們適當的名字,比如StudentNameTextBox,RollNoTextBox等。另外一個好的做法是將數據訪問和UI邏輯分開。

來源

2014-12-23 10:56:26

+1

謝謝你的建議兄弟。 – Ashiq

0

如果數據庫檢測到唯一鍵衝突如何得到警報,這一行

myCommand.ExecuteNonQuery();

會拋出異常。您可以捕獲該異常並繼續處理您自己的代碼:

try 
{ 
    myCommand.ExecuteNonQuery(); 
} 
catch(Exception e) 
{ 
    // right here, "something" went wrong. Examine e to check what it was. 
}

請注意,您的代碼容易受到SQL注入攻擊。您應該使用命令參數而不是手動構建SQL。另外,你應該使用using塊(see here for details

來源

2014-12-23 10:46:29 nvoigt

0

使用您的returnType from ExecuteNonQuery()(閱讀備註部分)來檢測插入失敗。你可以使用例外或不。行患部

的試試這個:

try 
{ 
... your rest of the code 
... 
int rowsAffected = myCommand.ExecuteNonQuery(); // Most probaboly it will throw exception in case of Unique key violation. If not, still no rows have been affected 
if(rowsAffected<1) 
{ 
    //your Alert for no records inserted 
} 
else 
{ 
    //your alert for successful insertion 
} 

} 
catch(SqlException ex) 
{ 
//check the exception and display alert 
} 
finally 
{ 
    //release connection and dispose command object 
}

來源

2014-12-23 10:47:50 Codeek

+0

非常感謝你....這幫了我 – Ashiq

+0

隨時哥們,快樂編碼 – Codeek

0

正如評論use命令PARAM建議。

try 
{ 
    //Your other code 
    _myCommand.ExecuteNonQuery(); 
    myConnection.Close(); 
    Response.Redirect("/view.aspx"); 
} 
catch(SqlException sqlExc) 
{ 
// Your popup or msg. 
}

您還循環查找catch塊中的不同sql錯誤。

來源

2014-12-23 10:50:10

相關問題

 相關問題