接受ASP後的數據，並插入到SQL Server

Question

我只是重新做了我的問題，並增加了一些其他腳本需要拉都在一起

這是我使用接收後，推動數據的小腳本到SQL服務器（2008，如果該事項）： 更新2建議後：

<%@ Page Language="VB" %> 
<%@ Import Namespace="System.Data.SqlClient" %> 
<script runat="server"> 
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
Dim myConn As SqlConnection = New SqlConnection("Integrated Security=false;Data Source=.;Initial Catalog=DOMAIN_NAME;UserID=user;Password=password") 
myConn.Open() 
Dim sqlstring As String = " INSERT INTO sean.local (etype, latitude, longtitude, phone) VALUES ('" + Request.Form("type") + "','" + Request.Form("latitude") + "','" + Request.Form("longtitude") + "','" + Request.Form("phone") + "')" 
Dim cmd As SqlCommand = New SqlCommand(sqlstring, myConn) 
cmd.ExecuteNonQuery() 
myConn.Close() 
Response.Redirect(Request.RawUrl, True) 
Response.Write("1 record added") 
End Sub 
</script> 

這裏是我創建表腳本

CREATE TABLE local 
(
P_Id int PRIMARY KEY IDENTITY, 
etype varchar(255) NOT NULL, 
latitude varchar(255), 
longtitude varchar(255), 
phone varchar(255) 
) 

，這裏是在F orm我正在測試

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
<title>A Web Page</title> 
</head> 
<body> 
<BR></BR> 
<form action="http://www.mydomain.com/script.asp" method="post"> 
<h1>Form Test</h1> 
Phone:<BR></BR><input type="text" name="phone"/>  
<BR></BR> 
type:<BR></BR><input type="text" name="type"/> 
<BR></BR> 
lat:<BR></BR><input type="text" name="latitude"/> 
<BR></BR> 
lng:<BR></BR><input type="text" name="longtitude"/> 
<BR></BR> 
<input type="submit" name="submit" value="Submit Data"/> 
</form> 
</body> 
</html> 

它可能是一些小事，但我真的沒有其他的想法......謝謝。

Answer 1

這主要是VB，只需切換到它

<%@ Page Language="VB" %> 
<%@ Import Namespace="System.Data.SqlClient" %> 
<script runat="server"> 
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
     Dim myConn As SqlConnection = New SqlConnection("Integrated Security=false;Data Source=.;Initial Catalog=DOMAIN_NAME;UserID=abc;Password=123") 
     myConn.Open() 
     Dim sqlstring As String = " INSERT INTO sean.local (etype, latitude, longtitude, phone) VALUES ('" + Request.Form("type") + "','" + Request.Form("latitude") + "','" + Request.Form("longtitude") + "','" + Request.Form("phone") + "')" 
     Dim cmd As SqlCommand = New SqlCommand(sqlstring, myConn) 
     cmd.ExecuteNonQuery() 
     myConn.Close() 
     Response.Redirect(Request.RawUrl, True) 
     Response.Write("1 record added") 
    End Sub 
</script> 

如果您需要在C＃中，通過這樣運行它：http://wiki.sharpdevelop.net/Code%20Converter.ashx

Answer 2

這將解決在現有代碼的幾個問題，包括一些你不現在還不知道：

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 

    Dim sql As String = "INSERT INTO sean.local (etype, latitude, longtitude, phone) VALUES (@etype, @latitude, @longtitude, @phone)" 
    Using myConn As New SqlConnection("Integrated Security=false;Data Source=.;Initial Catalog=DOMAIN_NAME;UserID=user;Password=password"), _ 
      cmd As New SqlCommand(sql, cn) 

     'I had to make up database types... edit this to use the real types 
     cmd.Parameters.Add("@etype", SqlDbType.Integer).Value = Request.Form("type") 
     cmd.Parameters.Add("@latitude", SqlDbType.Float).Value = Request.Form("latitude") 
     cmd.Parameters.Add("@longtitude", SqlDbType.Float).Value = Request.Form("longtitude") 
     cmd.Parameters.Add("@phone", SqlDbType.Varchar, 12).Value = Request.Form("phone") 

     myConn.Open() 
     cmd.ExecuteNonQuery() 
    End Using 

    Response.Redirect(Request.RawUrl, True) 

    'This line will never run! 
    Response.Write("1 record added") 

End Sub