我很奇怪,爲什麼我上SqlDataReader reader2 = theCommandInsert.ExecuteReader();
SQL服務器插入查詢
這一個例外是我使用的代碼:
var conString = ConfigurationManager.ConnectionStrings["LocalSqlServer"];
string strConnString = conString.ConnectionString;
SqlConnection dbConnection = new SqlConnection(strConnString);
dynamic queryString = ("INSERT INTO FOLDERS (Name) VALUES ('" + txtBoxFolderLabel.Text + "') ");
int param = CheckBoxList2.SelectedIndex;
param = param + 1;
dynamic queryStringInsert = ("INSERT INTO GROUPS_FOLDERS (Folder_Id, Group_Id) VALUES(IDENT_CURRENT('Folders') , " + param + ")");
SqlCommand theCommand = new SqlCommand(queryString, dbConnection);
SqlCommand theCommandInsert = new SqlCommand(queryStringInsert, dbConnection);
//Connection opening and executing
if (string.IsNullOrEmpty(txtBoxFolderLabel.Text) | CheckBoxList2.SelectedIndex.ToString() == null)
{
Response.Write("Empty fields !");
}
else if (Functions.IsNumeric(txtBoxFolderLabel.Text))
{
Response.Write("No numerics !");
}
else
{
dbConnection.Open();
SqlDataReader reader = theCommand.ExecuteReader();
string folderName = txtBoxFolderLabel.Text;
// Create folder
System.IO.Directory.CreateDirectory("C://inetpub//wwwroot//Files//" + folderName);
dbConnection.Close();
dbConnection.Open();
SqlDataReader reader2 = theCommandInsert.ExecuteReader();
dbConnection.Close();
這是例外,我得到:
的INSERT語句與FOREIGN KEY約束「FK_GROUPS_FOLDERS_Groups」衝突。衝突發生於數據庫 「9B15719DF48C3E2301D7F965674A6F93_VISUAL STUDIO 2010 \ PROJECTS \ CLIENTPORTAL \ APPLICATIONUI \網站\ CLIENTPORTAL \ APP_DATA \ DATAUI.MDF」, 表 「dbo.Groups」,列 'ID'。
我沒有檢查數據庫中,沒有重複的標識或東西..
你能幫助我嗎?
乾杯。
**警告**您的代碼容易受到sql注入攻擊! – 2012-03-06 17:45:41
解決方法是在SQL命令中使用參數,如我在下面的答案中所述。 – ashes999 2012-03-06 17:48:06
爲什麼使用btw的'ExecuteReader()'而不是'ExecuteNonQuery'? – 2012-03-06 21:11:08