【发布时间】:2012-12-20 09:55:36
【问题描述】:
我遇到了这个错误:
不支持关键字:'provider'。
说明:在执行当前 Web 请求期间发生未处理的异常。请查看堆栈跟踪以获取有关错误及其源自代码的位置的更多信息。
异常详细信息:System.ArgumentException:不支持关键字:'provider'。
来源错误:
Line 24: {
Line 25: Session["id"] = e.CommandArgument.ToString();
Line 26: SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
Line 27: con.Open();
Line 28: SqlCommand cmd1 = new SqlCommand("INSERT INTO tb2 (id, name) SELECT id, name FROM tb1 where id='"+Session["id"].ToString()+"'", con);
Source File: c:\inetpub\wwwroot\logon\page.aspx Line: 26
这是我的完整代码:
<%@ Page Language="C#" Debug="true" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace = "System.Data.SqlClient" %>
<script runat="server" type="css">
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
bind();
}
}
protected void bind()
{
PendingRecordsGridview.DataSourceID = "";
PendingRecordsGridview.DataSource = sd1;
PendingRecordsGridview.DataBind();
}
protected void PendingRecordsGridview_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "accept")
{
Session["id"] = e.CommandArgument.ToString();
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
con.Open();
SqlCommand cmd1 = new SqlCommand("INSERT INTO tb2 (id, name) SELECT id, name FROM tb1 where id='"+Session["id"].ToString()+"'", con);
SqlCommand cmd2 = new SqlCommand("delete from tb1 where id='"+Session["id"].ToString()+"'", con);
cmd1.ExecuteNonQuery();
cmd2.ExecuteNonQuery();
bind();
}
}
</script>
<form id="form1" runat="server">
<asp:GridView ID="PendingRecordsGridview" runat="server" AutoGenerateColumns="False" DataKeyNames="id" onrowcommand="PendingRecordsGridview_RowCommand" DataSourceID="sd1">
<Columns>
<asp:templatefield HeaderText="Accept">
<ItemTemplate>
<asp:Button CommandArgument='<%# Bind("id") %>' ID="Button1" runat="server" CausesValidation="false" CommandName="accept" Text="Accept" />
</ItemTemplate>
</asp:templatefield>
<asp:templatefield HeaderText="name" SortExpression="name">
<EditItemTemplate>
<asp:TextBox ID="TextBox1" runat="server" Text='<%# Bind("name") %>'>
</asp:TextBox>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="Label1" runat="server" Text='<%# Bind("name") %>'>
</asp:Label>
</ItemTemplate>
</asp:templatefield>
<asp:templatefield HeaderText="id" SortExpression="id">
<EditItemTemplate>
<asp:Label ID="Label1" runat="server" Text='<%# Eval("id") %>'>
</asp:Label>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="Label2" runat="server" Text='<%# Bind("id") %>'>
</asp:Label>
</ItemTemplate>
</asp:templatefield>
</Columns>
</asp:GridView>
<asp:SqlDataSource ID="sd1" runat="server"
ConnectionString="<%$ ConnectionStrings:ConnectionString %>"
ProviderName="<%$ ConnectionStrings:ConnectionString.ProviderName %>"
SelectCommand="SELECT * FROM [tb1]" DeleteCommand="DELETE FROM [tb1] WHERE [id] = ?" InsertCommand="INSERT INTO [tb1] ([name]) VALUES (?)" UpdateCommand="UPDATE [tb1] SET [name] = ? WHERE [id] = ?">
<DeleteParameters>
<asp:parameter Name="id" Type="Int32" />
</DeleteParameters>
<UpdateParameters>
<asp:parameter Name="name" Type="String" />
<asp:parameter Name="id" Type="Int32" />
</UpdateParameters>
<InsertParameters>
<asp:parameter Name="name" Type="String" />
</InsertParameters>
</asp:SqlDataSource>
</form>
Web.config
<configuration>
<connectionStrings>
<add name="ConnectionString" connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\inetpub\wwwroot\logon\_private\db1.mdb"
providerName="System.Data.OleDb" />
</connectionStrings>
</configuration>
请帮忙!谢谢!
【问题讨论】:
-
你能显示 web.config 中包含连接字符串的部分吗?
-
通过这样的字符串连接,您的代码对SQL Injection开放。
-
@PetersonPilares 没关系......将生成一个 web.config。您甚至在代码“configurationManager.ConnectionString”中引用它
-
那么,你的连接字符串是从哪里来的呢?我相信这就是@scartag 正在寻找的(实际的连接字符串)。
-
@PetersonPilares 检查项目文件夹。
标签: asp.net ado.net connection-string provider