我尝试使用mysql在visual studio 2017 asp.net c#web应用程序中登录页面,结果显示以下错误:
第33行:querystr=“select*from webapp.userregistration where username='”+usernametextbox.text+“'and password='”+passwordtexbox.text;第34行:cmd=new mysql.data.mysqlclient.mysqlcommand(querystr,conn);第35行:reader=cmd.executereader();第36行:第37行:name=“”;
源文件:c:\users\home\source\repos\webpage\webpage\default.aspx.cs行:35
堆栈跟踪:
[mysqlexception(0x80004005):您的sql语法有错误;在第1行,检查与mysql服务器版本相对应的手册中的正确语法]
mysql.data.mysqlclient.mysqlstream.readpacket()+309
mysql.data.mysqlclient.nativedriver.getresult(int32&affectedrow,int64&insertedid)+67
mysql.data.mysqlclient.driver.getresult(int32 statementid,int32&affectedrows,int64&insertedid)+17
mysql.data.mysqlclient.driver.nextresult(int32 statementid,boolean force)+110 mysql.data.mysqlclient.mysqldatareader.nextresult()+875 mysql.data.mysqlclient.mysqlcommand.executereader(commandbehavior)+1688 mysql.data.mysqlclient.mysqlcommand.executereader()+6网页。\u默认值。提交\u单击(object sender,eventargs e)在c:\users\home\source\repos\webpage\webpage\default.aspx.cs:35中
system.web.ui.webcontrols.button.onclick(eventargs e)+9782450
system.web.ui.webcontrols.button.raisepostbackevent(string eventargument)+204
system.web.ui.webcontrols.button.system.web.ui.ipostbackeventhandler.raisepostbackevent(string eventargument)+12
system.web.ui.page.raisepostbackevent(ipostbackeventhandler sourcecontrol,string eventargument)+15
system.web.ui.page.raisepostbackevent(namevaluecollection postdata)+35 system.web.ui.page.processrequestmain(布尔includestagesbeforeasyncpoint,布尔includeStagesSafterAsyncPoint)+1639
代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System;
using System.Data;
using MySql.Data;
using MySql.Data.MySqlClient;
namespace WebPage
{
public partial class _default : System.Web.UI.Page
{
MySql.Data.MySqlClient.MySqlConnection conn;
MySql.Data.MySqlClient.MySqlCommand cmd;
MySql.Data.MySqlClient.MySqlDataReader reader;
String name;
protected void Page_Load(object sender, EventArgs e)
{
DoSQLQuery();
}
protected void Submit_Click(object sender, EventArgs e)
{
String connString = System.Configuration.ConfigurationManager.ConnectionStrings["WebAppConnString"].ToString();
conn = new MySql.Data.MySqlClient.MySqlConnection(connString);
conn.Open();
String queryStr = "";
queryStr = "SELECT * FROM webapp.userregistration WHERE username='" + usernameTextBox.Text+ "'AND password='" + passwordTextBox.Text;
cmd = new MySql.Data.MySqlClient.MySqlCommand(queryStr,conn);
reader = cmd.ExecuteReader();
name = "";
while (reader.HasRows && reader.Read())
{
{
name = reader.GetString(reader.GetOrdinal("username")) + " " + reader.GetString(reader.GetOrdinal("password"));
}
//if the data matches the rows (username, password), then you enter to the page
if (reader.HasRows)
{
Session["uname"] = name;
Response.BufferOutput = true;
Response.Redirect("login.aspx", false);
}
else
{
passwordTextBox.Text = "invalid user";
}
}
reader.Close();
conn.Close();
}
private void DoSQLQuery()
{
try
{
}
catch (Exception e)
{
passwordTextBox.Text = e.ToString();
}
}
}
}
1条答案
按热度按时间jv4diomz1#
字符串在查询端有错误和危险的同时请看这里
您的查询输出
从webapp.userregistration中选择*其中username='admin'和password='12345
'最后一个字符不存在'