Question

protected void Button2_Click(object sender, EventArgs e)
{
    using (SqlConnection con = new SqlConnection())
    {
        con.ConnectionString = @"ADMIN\LOCALHOST;Initial Catalog=maha;Integrated Security=True";
        con.Open();

        SqlCommand cmd = new SqlCommand("Insert into dbo.student Values ('" + TB1.Text + "','" + TB2.Text + "','" + TB3.Text + "','" + @rm + "')", con);

        cmd.ExecuteNonQuery();
        con.Close();
    }
}

Answer 1

ADMIN\LOCALHOST上的连接字符串错误，从那里出现错误消息。

必须如下：

 con.ConnectionString = @"Data Source=localhost;Initial Catalog=maha;Integrated Security=True";

除此之外，你必须parameterize your query，以避免sql注入https://stackoverflow.com/search?q=sql+injection

How does the SQL injection from the "Bobby Tables" XKCD comic work?

你也可以阅读： Setting up connection string in ASP.NET to SQL SERVER

如何处理＆＃34; argumentexception未被用户＆＃34; asp.net中的错误？

1 个答案: