【发布时间】:2020-12-03 05:17:55
【问题描述】:
我有一个会议注册数据库。当人们注册时,tblAttendance.RegistrationType 获得“W”表示等候名单或“F”表示完全注册。
我正在开发一个页面,将人们从等候名单转移到填写注册。
这是我的小鸡抓挠,它应该如何工作
-
获取会议详情
-
创建要发送的电子邮件
-
查找活动注册以查看是否有比参加者更多的容量。
-
查找等候名单上的人。
-
do while (容量 > 出勤率) & (有等待名单上的人) 6. 将等候名单上的第一人移至完全注册。 7. 向他们发送包含 Zoom 会议连接信息的电子邮件。
- 查找活动注册以查看容量是否超过参加者。
- 在候补名单上查找人员。
-
循环
代码:
Page Language="vb" AutoEventWireup="false" CodeBehind="offWaitlist.aspx.vb" Inherits="Parish_Faith_Formation.offWaitlist" %>
<%@ Import Namespace="System.Net.Mail" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.SqlClient" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<div>
<%
Response.Write("Meeting: " & Request.QueryString("meeting") & "<br><br>")
Dim connetionString As String
connetionString = ConfigurationManager.ConnectionStrings("SQLServer").ConnectionString
Dim connection As SqlConnection
Dim command As SqlCommand
Dim sql As String
Dim adapter As New SqlDataAdapter(command)
Dim dsOpenings As New DataSet
Dim dsWaitingList As New DataSet
Dim dsMeetings As New DataSet
connection = New SqlConnection(connetionString)
connection.Open()
command = New SqlCommand()
' 1. get meeting details.
sql = "SELECT tblmeeting.* FROM tblmeeting WHERE (((tblmeeting.ID)=" & Request.QueryString("meeting") & "));"
command.CommandText = sql
command.Connection = connection
adapter.SelectCommand = command
adapter.Fill(dsMeetings)
'2. create email body.
Session("body") = ""
Session("body") = Session("body") & " <!DOCTYPE HTML >"
Session("body") = Session("body") & " <html><head>"
Session("body") = Session("body") & " <meta charset=""utf-8"">"
Session("body") = Session("body") & " <meta http-equiv=""X-UA-Compatible"" content=""IE=edge"" />"
Session("body") = Session("body") & " <title>RCDA.org Custom Applications</title>"
Session("body") = Session("body") & " <meta name=""viewport"" content=""width=device-width, initial-scale=1.0"">"
Session("body") = Session("body") & "<script> "
Session("body") = Session("body") & "header{"
Session("body") = Session("body") & "display:block;"
Session("body") = Session("body") & "height:30px; "
Session("body") = Session("body") & "line-height:30px;"
Session("body") = Session("body") & "background-color:#3B4A83;"
Session("body") = Session("body") & "/*background-color:#2C5463;*/"
Session("body") = Session("body") & "width:85%;"
Session("body") = Session("body") & "margin:auto;"
Session("body") = Session("body") & "text-align:center;"
Session("body") = Session("body") & "color:#fff;"
Session("body") = Session("body") & "font-family:arial;"
Session("body") = Session("body") & "font-size:14pt;"
Session("body") = Session("body") & "vertical-align:middle;"
Session("body") = Session("body") & "min-width:350px;"
Session("body") = Session("body") & " box-shadow: -5px 20px 18px #A0A0A0, 5px 20px 18px #A0A0A0, -5px 0px 18px #A0A0A0, 5px 0px 18px #A0A0A0;"
Session("body") = Session("body") & "}"
Session("body") = Session("body") & "article{"
Session("body") = Session("body") & "width:85%;"
Session("body") = Session("body") & "margin:0 auto;"
Session("body") = Session("body") & "vertical-align:top;"
Session("body") = Session("body") & "/*background-color:#ffffff;*/"
Session("body") = Session("body") & "background-color:#fff;"
Session("body") = Session("body") & "padding:0; "
Session("body") = Session("body") & "min-height: calc(100% - 30px) !important;"
Session("body") = Session("body") & "min-width:350px;"
Session("body") = Session("body") & "flex: 1 0 auto; "
Session("body") = Session("body") & " "
Session("body") = Session("body") & "box-shadow: 10px 10px 5px #808080;"
Session("body") = Session("body") & "/* For IE 8 */"
Session("body") = Session("body") & "box-shadow: 10px 15px 18px rgba(128, 128, 128, .7), -10px 15px 18px rgba(128, 128, 128, .7); "
Session("body") = Session("body") & "}"
Session("body") = Session("body") & "html, body{"
Session("body") = Session("body") & "height:98%;"
Session("body") = Session("body") & "background-color:#CCC;"
Session("body") = Session("body") & "min-width:300px;"
Session("body") = Session("body") & "} "
Session("body") = Session("body") & ".arial10pt{"
Session("body") = Session("body") & "font-family: arial;"
Session("body") = Session("body") & "font-size:10pt;"
Session("body") = Session("body") & "}"
Session("body") = Session("body") & "</script>"
Session("body") = Session("body") & "</head>"
Session("body") = Session("body") & "<body >"
Session("body") = Session("body") & "<header style=""width:85%; margin:0 auto; box-shadow: -5px 20px 18px #A0A0A0, 5px 20px 18px #A0A0A0, -5px 0px 18px #A0A0A0, 5px 0px 18px #A0A0A0; overflow:visible; background-color:#394984; color:#fff;"" >"
Session("body") = Session("body") & "</header>"
Session("body") = Session("body") & "<article style=""border:1px;#aaaaaa solid;"" > "
Session("body") = Session("body") & "<div style=""width:87%; margin:0 auto;""><br>"
Session("body") = Session("body") & "<div style=""width:40%; margin:0 auto;"">"
Session("body") = Session("body") & "<br /><br /> "
Session("body") = Session("body") & "Thank you for registering for: <strong>" & dsMeetings.Tables(0).Rows(0).Item("meetingName") & " <br>on " & dsMeetings.Tables(0).Rows(0).Item("Occurrence") & "</strong><br />"
Session("body") = Session("body") & "<br />"
Session("body") = Session("body") & "<strong>Join Zoom Meeting: </strong><a href=""" & dsMeetings.Tables(0).Rows(0).Item("URL") & """>" & dsMeetings.Tables(0).Rows(0).Item("URL") & "</a><br />"
Session("body") = Session("body") & "Password: " & dsMeetings.Tables(0).Rows(0).Item("password") & " <br />"
Session("body") = Session("body") & " <br><strong>One tap mobile</strong><br />"
Session("body") = Session("body") & "+16465588656,,687241195# US (New York)<br />"
Session("body") = Session("body") & "+13126266799,,687241195# US (Chicago)<br />"
Session("body") = Session("body") & "<br />"
Session("body") = Session("body") & "<strong>Dial by your location</strong><br />"
Session("body") = Session("body") & "+1 646 558 8656 US (New York)<br />"
Session("body") = Session("body") & "+1 312 626 6799 US (Chicago)<br />"
Session("body") = Session("body") & "+1 301 715 8592 US<br />"
Session("body") = Session("body") & "+1 346 248 7799 US (Houston)<br />"
Session("body") = Session("body") & "+1 669 900 9128 US (San Jose)<br />"
Session("body") = Session("body") & "+1 253 215 8782 US<br />"
Session("body") = Session("body") & "Meeting ID: " & dsMeetings.Tables(0).Rows(0).Item("meetingID") & "<br />"
Session("body") = Session("body") & "<br />"
Session("body") = Session("body") & "Find your local number: <a href=""https://zoom.us/u/arsh7lTr5"">https://zoom.us/u/arsh7lTr5</a>"
Session("body") = Session("body") & "</div>"
Session("body") = Session("body") & "<br><br></div> "
If Session("payment") = "check" Then
Session("body") = Session("body") & "<div class=""arial10pt"" style=""text-align:center;"">You indicated that you intend to pay by check.<br /> Please mail your check for $" & dsMeetings.Tables(0).Rows(0).Item("cost") & " to: <br /><br />Office of Lay Ministry and Parish Faith Formation<br />40 N. Main Ave<br />Albany, NY 12203</div>"
End If
If Session("payment") = "paypal" Then
Session("body") = Session("body") & "<div class=""arial10pt"" style=""text-align:center;"">Your transaction has been completed, and a receipt for your purchase has been emailed to you. You may log into your account at <a href=""http://www.paypal.com"">www.paypal.com</a> to view details of this transaction confirming your purchase.</div>"
End If
If Session("payment") = "College Students Free" Then
Session("body") = Session("body") & "<div class=""arial10pt"" style=""text-align:center;"">As a college student, you have been invited to attend this meeting for free. Enjoy!<br /><br /></div>"
End If
Session("body") = Session("body") & "</article>"
Session("body") = Session("body") & "</body>"
Session("body") = Session("body") & "</html> "
'3. lookup to see if there are any openings.
sql = "SELECT tblmeeting.ID, tblmeeting.Capacity, Count(tblAttendance.Registrant_ID) AS Attendance FROM tblmeeting INNER JOIN tblAttendance ON tblmeeting.ID = tblAttendance.Meeting_ID GROUP BY tblmeeting.ID, tblmeeting.Capacity HAVING (((tblmeeting.ID)=" & Request.QueryString("meeting") & "));"
command.CommandText = sql
command.Connection = connection
adapter.SelectCommand = command
adapter.Fill(dsOpenings)
Response.Write("Capacity: " & dsOpenings.Tables(0).Rows(0).Item("capacity") & "<br>")
Response.Write("Attendance: " & dsOpenings.Tables(0).Rows(0).Item("attendance") & "<br>")
If (dsOpenings.Tables(0).Rows(0).Item("capacity") > dsOpenings.Tables(0).Rows(0).Item("attendance")) = True Then
Response.Write("there are openings!<br>")
Else
Response.Write("there are NO openings!<br>")
End If
'-----------------------------------------------------------
'4. lookup to see if there are people on the waiting list.
sql = "SELECT tblAttendance.ID, tblAttendance.Meeting_ID, tblAttendance.Registrant_ID AS Attendance, tblAttendance.RegistrationType, tblAttendance.RegistrationDate, tblRegistrants.Fname, tblRegistrants.Lname, tblRegistrants.Email FROM tblRegistrants INNER JOIN tblAttendance ON tblRegistrants.ID = tblAttendance.Registrant_ID WHERE (((tblAttendance.Meeting_ID)=" & Request.QueryString("meeting") & ") AND ((tblAttendance.RegistrationType)='W')) ORDER BY tblAttendance.RegistrationDate;"
command.CommandText = sql
command.Connection = connection
adapter.SelectCommand = command
adapter.Fill(dsWaitingList)
If dsWaitingList.Tables(0).Rows.Count > 0 Then
Session("email") = dsWaitingList
End If
If dsWaitingList.Tables(0).Rows.Count > 0 Then
Response.Write("There are people on the waiting list!<br><br>")
Else
Response.Write("There are NO people on the waiting list!<br><br>")
End If
'5. Loop
Do While ((dsOpenings.Tables(0).Rows(0).Item("capacity") > dsOpenings.Tables(0).Rows(0).Item("attendance")) And dsWaitingList.Tables(0).Rows.Count > 0)
Response.Write("Processing the next person (" & dsWaitingList.Tables(0).Rows(0).Item("lname") & ", " & dsWaitingList.Tables(0).Rows(0).Item("fname") & ") off the waiting list.<br><br>")
'6. move the person into full registration
sql = "UPDATE tblAttendance SET tblAttendance.RegistrationType = 'F', tblAttendance.RegistrationDate = getdate() WHERE (((tblAttendance.ID)=" & dsWaitingList.Tables(0).Rows(0).Item("id") & "));"
Response.Write("<br><br>" & sql & "<br><br>")
command.CommandText = sql
command.Connection = connection
command.ExecuteNonQuery()
Session("sendEmail") = 0
'7.send email
Dim mail As New System.Net.Mail.MailMessage()
mail.IsBodyHtml = True
mail.To.Add(dsWaitingList.Tables(0).Rows(0).Item("email"))
mail.Subject = dsMeetings.Tables(0).Rows(0).Item("MeetingName")
mail.Body = Session("body")
Dim dsMailServer As New DataSet
sql = "SELECT tblSMTPServer.* FROM MailServer.dbo.tblSMTPServer WHERE (((tblSMTPServer.ID)=1));"
command = New SqlCommand(sql, connection)
adapter.SelectCommand = command
adapter.Fill(dsMailServer)
Session("smtpClient") = dsMailServer.Tables(0).Rows(0).Item("SMTPClient")
Session("port") = dsMailServer.Tables(0).Rows(0).Item("port")
Session("UserName") = "username@company.org"
Session("Password") = "password"
Session("Domain") = dsMailServer.Tables(0).Rows(0).Item("domain")
Session("ssl") = dsMailServer.Tables(0).Rows(0).Item("SSL")
Dim smtp As New SmtpClient(Session("SMTPClient"))
smtp.Port = 587
mail.From = New MailAddress(Session("username"))
mail.To.Add("registrant@email.org")
mail.ReplyTo = New MailAddress("username@company.org")
smtp.UseDefaultCredentials = False
smtp.Credentials = New System.Net.NetworkCredential(Session("username"), Session("password"), Session("domain"))
If Session("SSL") = -1 Then
smtp.EnableSsl() = True
Else
smtp.EnableSsl() = False
End If
If Session("sendEmail") = 0 Then
smtp.Send(mail)
Session("sendEmail") = 1
End If
'8. lookup to see if there are any openings.
sql = "SELECT tblmeeting.ID, tblmeeting.Capacity, Count(tblAttendance.Registrant_ID) AS Attendance FROM tblmeeting INNER JOIN tblAttendance ON tblmeeting.ID = tblAttendance.Meeting_ID GROUP BY tblmeeting.ID, tblmeeting.Capacity HAVING (((tblmeeting.ID)=" & Request.QueryString("meeting") & "));"
command.CommandText = sql
command.Connection = connection
adapter.SelectCommand = command
adapter.Fill(dsOpenings)
Response.Write("Capacity: " & dsOpenings.Tables(0).Rows(0).Item("capacity") & "<br>")
Response.Write("Attendance: " & dsOpenings.Tables(0).Rows(0).Item("attendance") & "<br>")
If (dsOpenings.Tables(0).Rows(0).Item("capacity") > dsOpenings.Tables(0).Rows(0).Item("attendance")) = True Then
Response.Write("there are openings!<br>")
Else
Response.Write("there are NO openings!<br>")
End If
'9. lookup to see if there are people on the waiting list.
sql = "SELECT tblAttendance.ID, tblAttendance.Meeting_ID, tblAttendance.Registrant_ID AS Attendance, tblAttendance.RegistrationType, tblAttendance.RegistrationDate, tblRegistrants.Fname, tblRegistrants.Lname FROM tblRegistrants INNER JOIN tblAttendance ON tblRegistrants.ID = tblAttendance.Registrant_ID WHERE (((tblAttendance.Meeting_ID)=" & Request.QueryString("meeting") & ") AND ((tblAttendance.RegistrationType)='W')) ORDER BY tblAttendance.RegistrationDate;"
command.CommandText = sql
command.Connection = connection
adapter.SelectCommand = command
adapter.Fill(dsWaitingList)
If dsWaitingList.Tables(0).Rows.Count > 0 Then
Response.Write("There are people on the waiting list!<br>")
Else
Response.Write("There are NO people on the waiting list!<br>")
End If
'10. loop
Loop
connection.Close()
%>
</div>
</body>
</html>
为了尝试让它工作,我将 do while 循环换成了一个 if 语句,它对一个人来说运行得非常好。我知道它运行良好,因为我在其中放入了大量屏幕写入并随后验证了表格中的数据。
随着循环,浏览器旋转并且永远不会结束。我也没有屏幕输出。我确实尝试注释掉电子邮件发送命令,以便排除发送导致延迟。
【问题讨论】:
-
哦,酷,第 9 步中的 SQL 注入风险。你说这个网站是干什么用的?
-
据我所知,循环中没有任何内容可以修改
dsOpenings,因此被比较的条件永远不会改变。然而,我很少看到如此难以理解的代码。 -
要么在
While循环(或记录、打印等)内的第一行中断并检查您的条件值,因为它们很可能没有改变,或者至少 - 显然 - 不令人满意你的退出条件。另外,尝试发布不那么复杂的代码;一个最小的例子更清楚,在创建它时,你可能会发现你的问题。 -
你只使用 Rows(0),你不想要一个行计数器吗?
-
为 Session("body") 创建和丢弃的字符串太多。使用
StringBuilder(可变)来构建您的字符串。
标签: vb.net while-loop