在VB.NET中不返回值

时间:2018-07-25 06:26:10

标签: vb.net

我正在寻求您的帮助,以帮助我解决此问题。我被困了将近1个月了。我为列表项值创建了一个下拉列表: OPTO,工具室,IMP,PHL和其他过程,因此它将返回每个模块的列表。结果应该是每个模块将为每个相应的列表项值显示。但是当我尝试调试时,使用创建另一个列表项值的值,例如; 2倍OPTO。

这是我对aspx.vb的编码:

    If (DropDownList.SelectedValue = "OPTO") Then
        myConnection = New SqlConnection("server=mtmwhs;uid=sa;pwd=private;database=elearning")
'you need to provide password for sql server
        myConnection.Open()
        myCommand = New SqlCommand("update EmployeePrivacy set DateRead4=@time where emp_id = '" & userNameLabel.Text & "'", myConnection)
        reader = myCommand.ExecuteReader()
        If (reader.Read()) Then


            Session("emp_username") = reader("emp_username")
            If (DropDownList.SelectedValue = "") Then
                ScriptManager.RegisterStartupScript(Me.Page, Page.GetType(), "ErrorMsg", "alert('Please choose your option.');", True)
                DropDownList.Focus()
            Else
                Response.Redirect("optomodule.aspx")
            End If
            reader.Close()
            myConnection.Close()
        End If
    End If

    If (DropDownList.SelectedValue = "PHL") Then
        myConnection = New SqlConnection("server=mtmwhs;uid=sa;pwd=private;database=elearning")
'you need to provide password for sql server
        myConnection.Open()
        myCommand = New SqlCommand("update EmployeePrivacy set DateRead4=@time where emp_id = '" & userNameLabel.Text & "'", myConnection)
        reader = myCommand.ExecuteReader()
        If (reader.Read()) Then


            Session("emp_username") = reader("emp_username")
            If (DropDownList.SelectedValue = "") Then
                ScriptManager.RegisterStartupScript(Me.Page, Page.GetType(), "ErrorMsg", "alert('Please choose your option.');", True)
                DropDownList.Focus()
            Else
                Response.Redirect("phlmodule.aspx")
            End If
            reader.Close()
            myConnection.Close()
        End If
    End If

    If (DropDownList.SelectedValue = "IMP") Then
        myConnection = New SqlConnection("server=mtmwhs;uid=sa;pwd=private;database=elearning")
'you need to provide password for sql server
        myConnection.Open()
        myCommand = New SqlCommand("update EmployeePrivacy set DateRead4=@time where emp_id = '" & userNameLabel.Text & "'", myConnection)
        reader = myCommand.ExecuteReader()
        If (reader.Read()) Then


            Session("emp_username") = reader("emp_username")
            If (DropDownList.SelectedValue = "") Then
                ScriptManager.RegisterStartupScript(Me.Page, Page.GetType(), "ErrorMsg", "alert('Please choose your option.');", True)
                DropDownList.Focus()
            Else
                Response.Redirect("impmodule.aspx")
            End If
            reader.Close()
            myConnection.Close()
        End If
    End If

    If (DropDownList.SelectedValue = "Tool Room") Then
        myConnection = New SqlConnection("server=mtmwhs;uid=sa;pwd=private;database=elearning")
'you need to provide password for sql server
        myConnection.Open()
        myCommand = New SqlCommand("update EmployeePrivacy set DateRead4=@time where emp_id = '" & userNameLabel.Text & "'", myConnection)
        reader = myCommand.ExecuteReader()
        If (reader.Read()) Then


            Session("emp_username") = reader("emp_username")
            If (DropDownList.SelectedValue = "") Then
                ScriptManager.RegisterStartupScript(Me.Page, Page.GetType(), "ErrorMsg", "alert('Please choose your option.');", True)
                DropDownList.Focus()
            Else
                Response.Redirect("trmodule.aspx")
            End If
            reader.Close()
            myConnection.Close()
        End If
    End If

    If (DropDownList.SelectedValue = "Other Process") Then
        myConnection = New SqlConnection("server=mtmwhs;uid=sa;pwd=private;database=elearning")
'you need to provide password for sql server
        myConnection.Open()
        myCommand = New SqlCommand("update EmployeePrivacy set DateRead4=@time where emp_id = '" & userNameLabel.Text & "'", myConnection)
        reader = myCommand.ExecuteReader()
        If (reader.Read()) Then


            Session("emp_username") = reader("emp_username")
            If (DropDownList.SelectedValue = "") Then
                ScriptManager.RegisterStartupScript(Me.Page, Page.GetType(), "ErrorMsg", "alert('Please choose your option.');", True)
                DropDownList.Focus()
            Else
                Response.Redirect("otherprocessmodule.aspx")
            End If
            reader.Close()
            myConnection.Close()
        End If
    End If

谢谢。

1 个答案:

答案 0 :(得分:1)

首先,您需要给“ DropDownList”一个更好的名称。我选择了“ LocationOptions”。

然后确保下拉列表的填充不超过一次,因此仅在首次运行页面时创建其项,而不是在回发的情况下创建

Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Loa
    If Not Page.IsPostBack Then
        ' Create items in LocationOptions dropdown.
    End If

    ' other code...

End Sub

然后,您需要整理问题中显示的代码。注意如何一遍又一遍地完成同一件事,但唯一实际的更改是重定向位置。因此,我们可以为重定向位置创建一个变量,并在该代码的一个副本中使用它。

我注意到您有一个UPDATE命令而不是SELECT命令。后面的命令将必须编写。

您必须在SQL Server上更改sa帐户的密码,因为现在全世界都知道它是什么。

您需要在SQL Server中为此项目创建一个不同的用户,并为其赋予最小的权限以使其正常工作。我建议您记录哪些表和存储过程用于哪些目的。

代码的某些意图使我难以理解,但是我认为这很接近:

If LocationOptions.SelectedIndex = -1 Then
    ScriptManager.RegisterStartupScript(Me.Page, Page.GetType(), "ErrorMsg", "alert('Please choose your option.');", True)
    LocationOptions.Focus()
    Exit Sub
End If

Dim selectedLocation = LocationOptions.SelectedValue
Dim userName = userNameLabel.Text

Dim redirectUrl As String = Nothing

Select Case selectedLocation
    Case "OPTO"
        redirectUrl = "optomodule.aspx"
    Case "PHL"
        redirectUrl = "phlmodule.aspx"
    Case "IMP"
        redirectUrl = "impmodule.aspx"
    Case "Tool Room"
        redirectUrl = "trmodule.aspx"
    Case "Other Process"
        redirectUrl = "otherprocessmodule.aspx"
End Select

'TODO: create variables for the SELECT criteria
Dim someValue = "appropriate value"

'TODO: Stop using the sa login.
'TODO: Change the sa password because everyone knows it now.
'TODO: Use the correct credentials.
Using sqlConn = New SqlConnection("server=mtmwhs;uid=elearningUser;pwd=neverExposeYourPassword;database=elearning")
    'TODO: Write the correct SQL query.
    Using sqlCmd = New SqlCommand("SELECT emp_username FROM [tableName] WHERE [someColumn] = @someValue", sqlConn)
        ' this is an example of adding an SQL parameter:
        sqlCmd.Parameters.Add(New SqlParameter With {
                              .ParameterName = "@someValue",
                              .SqlDbType = SqlDbType.NVarChar,
                              .Size = 30,
                              .Value = someValue})

        sqlConn.Open()

        Dim reader = sqlCmd.ExecuteReader()

        If reader.Read() Then
            Session("emp_username") = reader("emp_username")
            Response.Redirect(redirectUrl)
        End If

    End Using

End Using

Using语句可确保一切保持整洁,例如避免内存泄漏和用尽SQL连接。

相关问题
最新问题