asp.net用户注册的问题
帮帮忙看一看下面用户注册的代码,就是不对,提交就说User附近用错
public partial class Register : System.Web.UI.Page
{
private SqlConnection objConnection;
protected void Page_Load(object sender, EventArgs e)
{
objConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["hui"].ConnectionString.ToString());
// new SqlConnection(ConfigurationSettings.AppSettings["hui"]);
}
protected void Btn_Register_Click(object sender, EventArgs e)
{
objConnection.Open();
string username = txtUserName.Text.ToString().Trim().Replace("'", "''");
string strSelReg = "select * from User where UserName='" + username + "'";
SqlCommand myCommandReg = new SqlCommand(strSelReg, objConnection);
SqlDataAdapter myDbAdapterReg = new SqlDataAdapter(myCommandReg);
DataSet myDataSet = new DataSet();
myDbAdapterReg.Fill(myDataSet,"User");<---有错的地方,User是我建的用户表
objConnection.Close();
if (myDataSet.Tables["User"].Rows.Count > 0)
{
LB_Wrong.Text = "英雄略有所同,你刚刚想注册的用户名已经被人注册了!换个用户名试试!";
}
else
{
string userpass = txtPassword.Text.ToString().Trim().Replace("'", "''");
string usersex;
if (Sex_B.Checked)
{
usersex = "帅哥";
}
else
{
usersex = "靓妹";
}
string userquest = txtPassQuest.Text.ToString().Trim().Replace("'", "''");
string useranswer = txtPassAnswer.Text.ToString().Trim().Replace("'", "''");
string email =txtEmail.Text.ToString().Trim();
string homepage =txtHomePage.Text.ToString().Trim();
int qq;
if (QQ.Text.ToString() == "")
{
qq = 0;
}
else
{
qq = System.Convert.ToInt32(QQ.Text.ToString());
}
string birthday = Birthday.Text.ToString().Trim();
string signature = Signature.Text.ToString().Replace("'", "''");
string time = DateTime.Now.ToString();
objConnection.Open();
string updateStr = "insert into User (UserName,Password,Sex,HomePage,Email,QQ,Birthday,Signature,PassQuest,PassAnswer) VALUES ('" + username + "','" + userpass + "','" + usersex + "','" + homepage + "','" + email + "'," + qq + ",'" + birthday + "','" + signature + "','" + userquest + "','" + useranswer + "')";
SqlCommand myCommandUpate = new SqlCommand(updateStr, objConnection);
myCommandUpate.ExecuteNonQuery();
objConnection.Close();
Response.Write("注册成功");
//Response.Redirect("success.aspx?action=reg");
}
}
}
------解决方案--------------------
表名用User和sql server数据库系统保留字冲突了,改成这样
string strSelReg = "select * from [User] where UserName='" + username + "'";
另外建议参数化sql 语句
[解决办法]
据我了解,.FILL这个方法是填充到一个虚拟表中,并不是直接填到数据库中
下面代码是绑定控件并显示
//为DropDownList1绑定数据
SqlConnection sqlCon = new SqlConnection();
sqlCon.ConnectionString = "server=.;uid=sa;pwd=sa123;database=TestMenu";
string SqlStr = "select CityName from TestCity";
SqlDataAdapter da = new SqlDataAdapter(SqlStr, sqlCon);
DataSet ds = new DataSet();
da.Fill(ds, "TestCity");
this.DropDownList1.DataSource = ds.Tables[0].DefaultView;
this.DropDownList1.DataValueField = "CityName";
this.DropDownList1.DataTextField = "CityName";
this.DropDownList1.DataBind();
如果是注册的话,下面代码
string username = this.TextBox1.Text;
string userpassword = this.TextBox2.Text;
string email = this.TextBox4.Text;
string mobile = this.TextBox5.Text;
int sex = 1;
if (this.RadioButton1.Checked == true)
{
sex = 1;
}
else
{
sex = 0;
}
string birth =Convert .ToString ( ddlYear.SelectedItem + "-" + ddlMonth.SelectedItem + "-" + ddlDay.SelectedItem );
DateTime birthday = Convert.ToDateTime(birth );
SqlConnection sql = new SqlConnection("Data Source=SC012;Integrated Security=True;Initial Catalog=yct");
sql.Open();
SqlCommand Cm = new SqlCommand("SELECT * FROM YCT_User WHERE UserName='" + username + "'", sql);
SqlDataReader Dr = Cm.ExecuteReader();
if (Dr.Read())//如果存在相同用户名
{
Response.Write("<script>alert('Sorry,用户已被注册!');</script>");
Dr.Close();
}
else
{
Dr.Close();
SqlCommand Cm2 = new SqlCommand("INSERT INTO YCT_User (UserName,UserPassword,Email,mobile,Sex,birthday,islock) values ('" + username + "','" + userpassword + "','" + email + "','" + mobile + "','"+sex +"','"+birthday +"',0) ", sql);
Cm2.ExecuteNonQuery();
Response.Redirect("Default2.aspx");
}
sql.Close();
当然命名空间也不能少using System.Data.SqlClient;
可能和你的不太一样,但你稍微改改就可以了!
