目的:检查用户是否有权查看页面以及他们是否不重定向。
问题:当我点击Command.ExecuteNonQuery()
行时出现错误(见下文)。为了解决这个问题,我添加了Parameter.Size = 1
,但随后又通过了#{1}}。每一次。
错误讯息:
类型' System.InvalidOperationException'的例外情况发生在System.Data.dll中但未在用户代码中处理
附加信息:String [0]:Size属性的大小无效。
我已经检查过EmployeeID
和ApplicationID
都传递了一个值。我看不到能够获得" Access"值(单个字母)出来。
存储过程代码:
ALTER PROCEDURE [dbo].[spSitePermission]
@EmployeeID varchar(max)
,@AppID int
,@Access nvarchar OUTPUT
AS
BEGIN
SET NOCOUNT ON;
SELECT @Access= Access FROM [TbSitePermissions]
WHERE EmployeeID = @EmployeeID AND ApplicationID = @AppID AND LIVE = 1
END
Aspx.vb代码:
If oUserFunctions.PrcAppPermissionChecker(CInt(oUser.EmployeeID), Me.sModuleNum) = "N" Then
Response.Redirect("../../Default.aspx")
End If
功能:
Public Function PrcAppPermissionChecker(vEmployeeID As String, vApp As Integer) As String
' Try
Dim connection As SqlConnection
Dim command As New SqlCommand
Dim ds As New DataSet
Dim sAvailable As String = "N"
Dim ConnectionString As String = System.Configuration.ConfigurationManager.ConnectionStrings("GWPemcoConnectionString").ToString()
connection = New SqlConnection(ConnectionString)
connection.Open()
command.Connection = connection
command.CommandText = "spSitePermission"
command.CommandType = CommandType.StoredProcedure
command.Parameters.Clear()
Dim parameter As SqlParameter = command.Parameters.Add("@Access", SqlDbType.NVarChar)
parameter.Direction = ParameterDirection.Output
' parameter.Size = 1
command.Parameters.AddWithValue("EmployeeID", vEmployeeID)
command.Parameters.AddWithValue("AppID", vApp)
command.ExecuteNonQuery()
sAvailable = command.Parameters("@Access").Value.ToString
command.Dispose()
' Catch ex As Exception
' End Try
Return sAvailable
End Function
答案 0 :(得分:0)
正确的方法是使用ExecuteScalar。
"执行查询,并返回查询返回的结果集中第一行的第一列。其他列或行将被忽略。" - MSDN -
<强>净强>
command.Parameters.AddWithValue("EmployeeID", vEmployeeID)
command.Parameters.AddWithValue("AppID", vApp)
sAvailable = CStr(command.ExecuteNonQuery()) '<-- Retrieves the [Access] column.
<强> SQL 强>
ALTER PROCEDURE [dbo].[spSitePermission]
@EmployeeID varchar(max),
@AppID int
AS
BEGIN
SET NOCOUNT ON;
SELECT
[Access]
FROM
[TbSitePermissions]
WHERE
[EmployeeID] = @EmployeeID AND
[ApplicationID] = @AppID AND
[LIVE] = 1
;
END;
另外,我建议您在使用Using
个对象时使用IDisposable
关键字。这是一个例子:
Public Function PrcAppPermissionChecker(vEmployeeID As String, vApp As Integer) As String
Dim result As Object = Nothing
Using connection As New SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings("GWPemcoConnectionString").ToString())
connection.Open()
Using command As SqlCommand = connection.CreateCommand()
command.CommandText = "spSitePermission"
command.CommandType = CommandType.StoredProcedure
command.Parameters.AddWithValue("EmployeeID", vEmployeeID)
command.Parameters.AddWithValue("AppID", vApp)
result = command.ExecuteScalar()
End Using
connection.Close()
End Using
If (IsDBNull(result) OrElse (result Is Nothing)) Then
Return CStr(Nothing)
Else
Return result.ToString()
End If
End Function