1. 首頁
  2. 問答
  3. C#SqlDataReader = null?

C#SqlDataReader = null?

2010-03-23 29 views
3 
  String sqlCheckPass = 
"Select * from Login where Username like @Username and Password like @Password"; 
     SqlCommand SqlCom = new SqlCommand(sqlCheckPass, myConnection); 
     SqlCom.Parameters.Add(new SqlParameter("@Username", sUserName)); 
     SqlCom.Parameters.Add(new SqlParameter("@Password", sPassword)); 

     myConnection.Open(); 
     SqlDataReader myreader; 
     myreader = SqlCom.ExecuteReader(); 
     int id = -1; 

ErrorBox.InnerHtml = "Username:" + sUserName + ":" + sPassword + ":<br/>"; 
while (myreader.HasRows) 
{ 
    id = (int)myreader["id"]; 
    String sUser = (String)myreader["Username"]; 
    String sPass = (String)myreader["Password"]; 
    ErrorBox.InnerHtml += "UserId is <b>" + id + "</b> " + sUser + ":" + sPass + ":<br >"; 
    Session["LoginID"] = id; 
    Server.Transfer(ReturnPage); 

} 
if (id == -1) 
{ 
    ErrorBox.InnerHtml = "Incorrect Password"; 
} 
myConnection.Close(); 
catch (Exception err) 
{ 
    ErrorBox.InnerHtml = "Error Getting Option ID" + err.Message; 
}

我在myreader = SqlCom.ExecuteReader()上添加了一個斷點。並且它一直返回myreader爲空,並且HasRows = False,但它確實有行。所以,它不斷驗證我的登錄不正確,因爲id = -1,C#SqlDataReader = null?

幫助?

來源

2010-03-23 tom

+0

要發佈的代碼應該是「SqlCom」的代。 – 2010-03-23 14:43:56

+1

其次...如果myreader爲null,那麼「HasRows」不能爲false。 – 2010-03-23 14:45:09

+0

*請參閱編輯的第一篇文章* – tom 2010-03-23 14:51:11

回答

4

您沒有將您的閱讀器連接到您的SQL連接/命令?

SqlConnection myConnection = new SqlConnection(myConnectionString); 
SqlCommand myCommand = new SqlCommand(mySelectQuery, myConnection); 
myConnection.Open(); 
SqlDataReader myReader = myCommand.ExecuteReader(CommandBehavior.CloseConnection); 
while(myReader.Read()) 
{ 
    Console.WriteLine(myReader.GetString(0)); 
} 
myReader.Close();

來源

2010-03-23 14:44:27

+0

+1 - 其明顯未初始化,因此爲NULL。其他值只是默認值。 – ChrisBD 2010-03-23 14:49:52

+0

查看原帖我已經編輯它,我,肯定它的連接正確。 @Chris - 什麼沒有初始化? – tom 2010-03-23 14:54:02

+0

是您的連接字符串正確安裝? try/catch或類似情況下是否引發異常? – 2010-03-23 14:59:22

1

問題可能是您的查詢中的LIKE與SqlParameters。嘗試

String sqlCheckPass = 
"Select * from Login where Username like '%' + @Username + '%' and Password like '%' + @Password + '%'";

來源

2010-03-23 15:02:13 David

+2

順便說一句,你爲什麼要使用LIKE而不是「=」? – David 2010-03-23 15:04:04

+0

是的!作品!謝謝! :D – tom 2010-03-23 15:04:19

+0

很酷。但是,使用LIKE %%進行身份驗證很危險。您應該使用「=」 – David 2010-03-23 15:07:29

1

布萊恩·丹尼的回答上面正確的,但是,我會附上所有內部使用語句代碼如下所示:

using (SqlConnection dataConnection = new SqlConnection(connectionString)) 
{ 
    using (SqlCommand SqlCom = dataConnection.CreateCommand()) 
    { 
     SqlCom.CommandText = "Select * from Login where Username like @Username and Password like @Password"; 
     SqlCom.Parameters.Add(new SqlParameter("@Username", sUserName)); 
     SqlCom.Parameters.Add(new SqlParameter("@Password", sPassword)); 

     dataConnection.Open(); 
     SqlDataReader myreader; 
     myreader = SqlCom.ExecuteReader(); 
     dataConnection.Close(); 
    } 
}

我沒有所有的代碼添加到該我想你明白了。

此外,您可以嘗試修改select語句返回的記錄數,因爲這是所有你需要不管怎麼說,一個數字:

SELECT COUNT(*) FROM Login WHERE Username like @Username AND Password like @Password

祝你好運!

來源

2010-03-23 15:32:23

相關問題

 相關問題