Question

我正在object OtherTraitMarker { private var _isInitialized = false def isInitialized = _isInitialized private[OtherTrait] def initialize() = _isInitialized = true } trait OtherTrait { ... expensive work OtherTraitMarker.initialize } object MyTrait { // Check to see if OtherTrait has been used/initialized yet if (OtherTraitMaker.isInitialized) { // do some work } }中构建sql查询以执行登录，在此结束时我收到语法错误，但我无法找出导致错误的原因

c#

Answer 1

您缺少"+"，您需要传递连接字符串或SqlConnection作为第二个参数

SqlDataAdapter sda = new SqlDataAdapter("Select * From bruker Where Brukernavn='" + Textbox1.Text + "' and Passord='" + TextBox2.Text +"","connectionString");

或

 SqlDataAdapter sda = new SqlDataAdapter("Select * From bruker Where Brukernavn='" + Textbox1.Text + "' and Passord='" + TextBox2.Text +"",con);

由于上面的代码容易受到sql注入，请使用下面的代码来防止sql注入。

try
{
    SqlConnection con = new SqlConnection("connectionString");
    SqlCommand commnad = new SqlCommand("Select * From bruker Where Brukernavn=@username and Passord=@password", con);

    commnad.Parameters.AddWithValue("@username", Textbox1.Text.Trim);
    commnad.Parameters.AddWithValue("@password", Textbox2.Text.Trim);
    //rest of the code
}
catch(Exception ex)
{
  //log exception and re-throw or send a generic exception message to UI
  throw;
}
finally
{
  //close the connection
}

如果能解决您的问题，请将其标记为答案。

ASP.Net登录：SQL查询语法错误

1 个答案: