C# 当我尝试将数据插入文本框时,System.Data.dll 中发生类型为“System.InvalidOperationException”的未处理异常
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19733448/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
An unhandled exception of type 'System.InvalidOperationException' occurred in System.Data.dll when I tried to insert data into textbox
提问by komaragiri
i am creating a connection to my database from from visual studio.
我正在从 Visual Studio 创建到我的数据库的连接。
this is my code:
这是我的代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
public partial class CM : System.Web.UI.Page
{
SqlConnection con = new SqlConnection("server =KIRITI; database =msdb; Integrated Security=True");
protected void Button1_Click(object sender, EventArgs e)
{
con.Open();
String NotesMaker = TextBox1.Text;
SqlCommand cmd = new SqlCommand("Insert into NOTESMAKER(NOTESMAKER) Values('"+NotesMaker+"',con)");
cmd.ExecuteNonQuery();
cmd.CommandText = "Select@@Identity";
con.Close();
}
}
I get an error at command.Executenonquery(): An exception of type 'System.InvalidOperationException' occurred in System.Data.dll but was not handled in user code
我在 command.Executenonquery() 处收到错误:System.Data.dll 中发生类型为“System.InvalidOperationException”的异常,但未在用户代码中处理
Additional information: ExecuteNonQuery: Connection property has not been initialized.
附加信息:ExecuteNonQuery:连接属性尚未初始化。
Please help!! I'm blocked from two days!!
请帮忙!!我被封两天!!
回答by Habib
Thats the first place where I have seen string concatenation causing connto be part of query.
那是我看到字符串连接导致conn成为查询一部分的第一个地方。
You misplaced string quotes, your statement should be:
您放错了字符串引号,您的语句应该是:
SqlCommand cmd =
new SqlCommand("Insert into NOTESMAKER(NOTESMAKER) Values('" + NotesMaker + "'",con);
In your current code, you are passing string "Insert into NOTESMAKER(NOTESMAKER) Values('"+NotesMaker+"',con)", hence the connection property is not initialized and hence the exception.
在您当前的代码中,您正在传递 string "Insert into NOTESMAKER(NOTESMAKER) Values('"+NotesMaker+"',con)",因此连接属性未初始化,因此异常。
You should never use string concatenation for creating queries, instead use Parameters. This will save you from SQL Injection. Like:
您永远不应该使用字符串连接来创建查询,而应使用参数。这将使您免于SQL 注入。喜欢:
using(SqlConnection con = new SqlConnection("connectionstring"))
using(SqlCommand cmd = new SqlCommand("Insert into NOTESMAKER(NOTESMAKER) Values(@NotesMaker)",con))
{
cmd.Parameters.AddWithValue("@NotesMaker", NotesMaker);
con.Open();
cmd.ExecuteNonQuery();
}
回答by Golden Dragon
You put coninside the quotes of the first parameter of the constructor for SqlCommand, thus the code is complaining because you aren't setting the Connection property of your SqlCommand
您将con构造函数的第一个参数的引号放在for 中SqlCommand,因此代码会抱怨,因为您没有设置您的 Connection 属性SqlCommand
change
改变
SqlCommand cmd = new SqlCommand("Insert into NOTESMAKER(NOTESMAKER) Values('"+NotesMaker+"',con)");
to
到
SqlCommand cmd = new SqlCommand("Insert into NOTESMAKER(NOTESMAKER) Values('"+NotesMaker+"')",con);
