【发布时间】:2011-02-08 06:53:57
【问题描述】:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Literal1.Text = Request.QueryString("Pno")
On Error Resume Next
Dim SQLData As New System.Data.SqlClient.SqlConnection("workstation id=ws.example.com;packet size=4096;user id=some-user;pwd=some-password;data source=mssql.example.com;persist security info=False;initial catalog=some-db")
Dim cmdSelect As New System.Data.SqlClient.SqlCommand("SELECT * FROM a1_ticket WHERE PNR_no ='" & Literal1.Text & "'", SQLData)
SQLData.Open()
Dim dtrReader As System.Data.SqlClient.SqlDataReader = cmdSelect.ExecuteReader()
If dtrReader.HasRows Then
While dtrReader.Read()
Literal2.Text = dtrReader("bus_type")
Literal3.Text = dtrReader("dep_time")
Literal4.Text = dtrReader("PRN")
Literal5.Text = dtrReader("fro_m")
Literal6.Text = dtrReader("seat_opt")
Literal7.Text = dtrReader("Ticket_no")
Literal8.Text = dtrReader("t_o")
Literal9.Text = dtrReader("taxes")
Literal10.Text = dtrReader("Travels")
Literal11.Text = dtrReader("journey_date")
Literal12.Text = dtrReader("net_pay")
Literal13.Text = dtrReader("name")
Literal14.Text = dtrReader("seat_opt")
Literal15.Text = dtrReader("sel_seat")
Literal16.Text = dtrReader("bd_point")
End While
Else
End If
Dim cmd As New System.Data.SqlClient.SqlCommand("SELECT * FROM a1_vendors WHERE UserId ='" & Request.QueryString("tid") & "'", SQLData)
cmd.ExecuteScalar()
Literal17.Text = dtrReader("travels")
Literal18.Text = dtrReader("Contactno")
SQLData.Close()
dtrReader.Close()
SQLData.Close()
End Sub
【问题讨论】:
-
真的吗?你告诉我们它出了什么问题,我们可能会告诉你如何解决它..
-
可能也不希望将连接字符串中的用户名和密码暴露给未洗过的大众。
-
感谢 abatishchev 隐藏我的用户名和密码...我忘了隐藏它..
-
更改 SQL Server 用户的密码立即 - 我编辑了问题,但用户名和密码都可以从以前的版本中检索。
-
你也不应该使用“On Error Resume Next”。它不仅一般来说是不好的形式,而且在 .net 中我们有“Try . . . Catch”块,它提供了真正的异常处理。除此之外,如果您能告诉我们您遇到的具体问题,我们将能够更好地提供帮助。
标签: .net vb.net sql-server-2005 tsql ado.net