Question

目的：检查用户是否有权查看页面以及他们是否不重定向。

问题：当我点击Command.ExecuteNonQuery()行时出现错误（见下文）。为了解决这个问题，我添加了Parameter.Size = 1，但随后又通过了＃{1}}。每一次。

错误讯息：

类型＆＃39; System.InvalidOperationException＆＃39;的例外情况发生在System.Data.dll中但未在用户代码中处理

附加信息：String [0]：Size属性的大小无效。

我已经检查过EmployeeID和ApplicationID都传递了一个值。我看不到能够获得＆＃34; Access＆＃34;值（单个字母）出来。

存储过程代码：

ALTER PROCEDURE [dbo].[spSitePermission]
    @EmployeeID varchar(max)
    ,@AppID int
    ,@Access nvarchar OUTPUT
AS

BEGIN 
SET NOCOUNT ON;

SELECT @Access= Access FROM [TbSitePermissions] 
WHERE EmployeeID = @EmployeeID AND ApplicationID = @AppID AND LIVE = 1

END

Aspx.vb代码：

If oUserFunctions.PrcAppPermissionChecker(CInt(oUser.EmployeeID), Me.sModuleNum) = "N" Then
           Response.Redirect("../../Default.aspx")
End If

功能：

Public Function PrcAppPermissionChecker(vEmployeeID As String, vApp As Integer) As String

        '   Try
        Dim connection As SqlConnection
        Dim command As New SqlCommand
        Dim ds As New DataSet
        Dim sAvailable As String = "N"
        Dim ConnectionString As String = System.Configuration.ConfigurationManager.ConnectionStrings("GWPemcoConnectionString").ToString()

        connection = New SqlConnection(ConnectionString)
        connection.Open()

        command.Connection = connection
        command.CommandText = "spSitePermission"
        command.CommandType = CommandType.StoredProcedure

        command.Parameters.Clear()

        Dim parameter As SqlParameter = command.Parameters.Add("@Access", SqlDbType.NVarChar)
        parameter.Direction = ParameterDirection.Output
        ' parameter.Size = 1

        command.Parameters.AddWithValue("EmployeeID", vEmployeeID)
        command.Parameters.AddWithValue("AppID", vApp)

        command.ExecuteNonQuery()
        sAvailable = command.Parameters("@Access").Value.ToString
        command.Dispose()

        '   Catch ex As Exception
        '  End Try

        Return sAvailable

    End Function

Answer 1

正确的方法是使用ExecuteScalar。

＆＃34;执行查询，并返回查询返回的结果集中第一行的第一列。其他列或行将被忽略。＆＃34; - MSDN -

<强>净

command.Parameters.AddWithValue("EmployeeID", vEmployeeID)
command.Parameters.AddWithValue("AppID", vApp)

sAvailable = CStr(command.ExecuteNonQuery()) '<-- Retrieves the [Access] column.

<强> SQL

ALTER PROCEDURE [dbo].[spSitePermission]
    @EmployeeID varchar(max),
    @AppID int
AS
BEGIN 
    SET NOCOUNT ON;
    SELECT 
        [Access] 
    FROM 
        [TbSitePermissions] 
    WHERE 
        [EmployeeID] = @EmployeeID AND 
        [ApplicationID] = @AppID AND 
        [LIVE] = 1
    ;
END;

另外，我建议您在使用Using个对象时使用IDisposable关键字。这是一个例子：

Public Function PrcAppPermissionChecker(vEmployeeID As String, vApp As Integer) As String
    Dim result As Object = Nothing
    Using connection As New SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings("GWPemcoConnectionString").ToString())
        connection.Open()
        Using command As SqlCommand = connection.CreateCommand()
            command.CommandText = "spSitePermission"
            command.CommandType = CommandType.StoredProcedure
            command.Parameters.AddWithValue("EmployeeID", vEmployeeID)
            command.Parameters.AddWithValue("AppID", vApp)
            result = command.ExecuteScalar()
        End Using
        connection.Close()
    End Using
    If (IsDBNull(result) OrElse (result Is Nothing)) Then
        Return CStr(Nothing)
    Else
        Return result.ToString()
    End If
End Function

存储过程不会使用Vb.net返回值

1 个答案: