即使 vb.net 中的 SqlDataReader 中存在数据,也无法读取数据
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19976409/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Invalid attempt to read data even when data is present in SqlDataReader in vb.net
提问by vimal vasudevan
Here's my code which gives error, the query returns value for the particular item.
这是我的代码,它给出了错误,查询返回特定项目的值。
Also in the database side the query return rows even I have put condition that if reader has rows then only assign it to a variable but still it throws an error eg.
同样在数据库端,查询返回行,即使我已经设置了条件,如果读者有行,则只将其分配给一个变量,但它仍然会引发错误,例如。
dqty = sqlreader("qty")
Code:
代码:
Private Function checkquantity(ByVal code As String, ByVal quan As Integer) As Boolean
sqlcommand.CommandText = "select sum(qty) as qty from pos_stock_balance where item_code='" & code & "'"
sqlcommand.Connection = AppsCon
sqlreader = sqlcommand.ExecuteReader
If sqlreader.HasRows Then
dqty = sqlreader("qty")
sqlreader.Close()
Else
sqlreader.Close()
End If
If quan > dqty Then
Return False
Else
Return True
End If
End Function
回答by Rajaprabhu Aravindasamy
It is because you are directly accessing the data without reading it, Try this,
那是因为你直接访问数据而不读取它,试试这个,
If sqlreader.HasRows Then
If sqlreader.read()
dqty = sqlreader("qty")
sqlreader.Close()
End If
Else
sqlreader.Close()
End If
Cleaned versionof your code,
代码的清理版本,
Private Function checkquantity _
(ByVal code As String, ByVal quan As Integer) As Boolean
try
sqlcommand.CommandText = "select" _
& "sum(qty) as qty from pos_stock_balance where item_code='" & code & "'"
sqlcommand.Connection = AppsCon
sqlreader = sqlcommand.ExecuteReader
If sqlreader.read() Then
dqty = sqlreader("qty")
End If
If quan > dqty Then
Return False
Else
Return True
End If
Finally
sqlreader.Close()
End try
End Function
Although i cleaned your code, Your code is still vulnerable to sql injection. Try to use parameterised queries to avoid that
尽管我清理了您的代码,但您的代码仍然容易受到sql 注入的影响。尝试使用参数化查询来避免这种情况
回答by Ric
If you are simply returning a scalar value use:
如果您只是返回标量值,请使用:
dqty = CType(sqlcommand.ExecuteScalar(), Integer)
...
If quan > dqty Then
Return False
Else
Return True
End If
This returns an objectwhich can be casted to the necessary type allowing your comparisons at the end of the code to continue as normal without the need for a SqlDataReaderat all.
But beware that as your sql is not wrapped in an ISNULL(), the value returned could be null in which case you may wish to check for this.
As a further note, use parameterized queries!
这将返回 an object,它可以转换为必要的类型,允许您在代码末尾的比较继续正常进行,而SqlDataReader根本不需要 a 。但请注意,由于您的 sql 未包含在 中ISNULL(),因此返回的值可能为 null,在这种情况下,您可能希望对此进行检查。进一步说明,使用参数化查询!
