protected void Button2_Click(object sender, EventArgs e)
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = @"ADMIN\LOCALHOST;Initial Catalog=maha;Integrated Security=True";
con.Open();
SqlCommand cmd = new SqlCommand("Insert into dbo.student Values ('" + TB1.Text + "','" + TB2.Text + "','" + TB3.Text + "','" + @rm + "')", con);
cmd.ExecuteNonQuery();
con.Close();
}
}
答案 0 :(得分:0)
ADMIN\LOCALHOST
上的连接字符串错误,从那里出现错误消息。
必须如下:
con.ConnectionString = @"Data Source=localhost;Initial Catalog=maha;Integrated Security=True";
除此之外,你必须parameterize your query,以避免sql注入https://stackoverflow.com/search?q=sql+injection
How does the SQL injection from the "Bobby Tables" XKCD comic work?
你也可以阅读: Setting up connection string in ASP.NET to SQL SERVER