我忘了在單層應用程序中返回值。如何從SqlDataReader返回單個值?
public int Studentid()
{
try
{
SqlConnection con = new SqlConnection(connectionStr);
SqlCommand cmd = new SqlCommand("SELECT s_id FROM student where name = + ('" + Request.QueryString.ToString() + "')", con);
con.Open();
SqlDataReader dr = null;
con.Open();
dr = cmd.ExecuteReader();
if (dr.Read())
{
//Want help hear how I return value
}
con.Close();
}
catch (Exception ex)
{
throw ex;
}
}
檢查[MSDN](http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqldatareader.read.aspx) – oleksii 2012-01-02 15:16:21
我想rturn S_ID如果學生的名字是' Request.QueryString.ToString.'Thats all.Thanks。 – 2012-01-02 15:17:11
沒有人會顯示@ShreeKhanal如何避免SQL注入漏洞? – 2012-01-02 15:20:01