asp中修改密码中的一段程序有错误
大家帮帮忙吧,我都没学过这东西,急死了,~~~~(>_<)~~~~错误是:参数化查询'(@usernamevarchar(200),@oldpassvarchar(200...
大家帮帮忙吧,我都没学过这东西,急死了,~~~~(>_<)~~~~
错误是:
参数化查询 '(@username varchar(200),@oldpass varchar(200))select 管理员,密码 f' 需要参数 @username,但未提供该参数。
程序代码:
protected void Button_Save_Click(object sender, EventArgs e)
{
String username = this.TextBox_LoginName.Text.Trim();
String oldpass = this.TextBox_OldPass.Text.Trim();
String newpass = this.TextBox_NewPass.Text.Trim();
String conpass = this.TextBox_Confirm.Text.Trim();
if (username.Length == 0)
{
this.Label2.Text = "请输入用户名!";
this.TextBox_LoginName.Focus();
return;
}
if (newpass != conpass)
{
this.Label2.Text = "两次输入密码不匹配!";
this.TextBox_NewPass.Focus();
return;
}
SqlConnection conn = new SqlConnection(@"server=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\yonghu.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True");
SqlCommand cmd;
SqlDataReader dr;
string t_sql = "select 管理员,密码 from yonghu where 管理员=@username and 密码=@oldpass";
cmd = new SqlCommand(t_sql, conn);
try
{
conn.Open();
SqlParameter puser = new SqlParameter("@username", SqlDbType.VarChar, 200);
SqlParameter ppassword = new SqlParameter("@oldpass", SqlDbType.VarChar, 200);
cmd.Parameters.Add(puser);
cmd.Parameters.Add(ppassword);
dr = cmd.ExecuteReader();
dr.Read();
conn.Dispose();
conn.Close();
}
finally { }
} 展开
错误是:
参数化查询 '(@username varchar(200),@oldpass varchar(200))select 管理员,密码 f' 需要参数 @username,但未提供该参数。
程序代码:
protected void Button_Save_Click(object sender, EventArgs e)
{
String username = this.TextBox_LoginName.Text.Trim();
String oldpass = this.TextBox_OldPass.Text.Trim();
String newpass = this.TextBox_NewPass.Text.Trim();
String conpass = this.TextBox_Confirm.Text.Trim();
if (username.Length == 0)
{
this.Label2.Text = "请输入用户名!";
this.TextBox_LoginName.Focus();
return;
}
if (newpass != conpass)
{
this.Label2.Text = "两次输入密码不匹配!";
this.TextBox_NewPass.Focus();
return;
}
SqlConnection conn = new SqlConnection(@"server=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\yonghu.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True");
SqlCommand cmd;
SqlDataReader dr;
string t_sql = "select 管理员,密码 from yonghu where 管理员=@username and 密码=@oldpass";
cmd = new SqlCommand(t_sql, conn);
try
{
conn.Open();
SqlParameter puser = new SqlParameter("@username", SqlDbType.VarChar, 200);
SqlParameter ppassword = new SqlParameter("@oldpass", SqlDbType.VarChar, 200);
cmd.Parameters.Add(puser);
cmd.Parameters.Add(ppassword);
dr = cmd.ExecuteReader();
dr.Read();
conn.Dispose();
conn.Close();
}
finally { }
} 展开
3个回答
展开全部
程序没有什么问题,你取到的结果放在那里啊,没有指出。
//这个程序只能读出密码,但并不能修改
protected void Button_Save_Click(object sender, EventArgs e)
{
String username = this.TextBox_LoginName.Text.Trim();
String oldpass = this.TextBox_OldPass.Text.Trim();
String newpass = this.TextBox_NewPass.Text.Trim();
String conpass = this.TextBox_Confirm.Text.Trim();
if (username.Length == 0)
{
this.Label2.Text = "请输入用户名!";
this.TextBox_LoginName.Focus();
return;
}
if (newpass != conpass)
{
this.Label2.Text = "两次输入密码不匹配!";
this.TextBox_NewPass.Focus();
return;
}
SqlConnection conn = new SqlConnection(@"server=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\yonghu.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True");
SqlCommand cmd;
SqlDataReader dr;
//定义变量
string user = string.Empty;
string pwd = string.Empty;
string t_sql = "select 管理员,密码 from yonghu where 管理员=@username and 密码=@oldpass";
cmd = new SqlCommand(t_sql, conn);
try
{
conn.Open();
SqlParameter puser = new SqlParameter("@username", SqlDbType.VarChar, 200);
SqlParameter ppassword = new SqlParameter("@oldpass", SqlDbType.VarChar, 200);
cmd.Parameters.Add(puser);
cmd.Parameters.Add(ppassword);
dr = cmd.ExecuteReader();
while (dr.Read())
{
//就收返回的值,比如说定义 一个变量 user , pwd
user = dr.GetString(0);
pwd = dr.GetString(1);
}
//然后根据你的选择密码可以打印出来或者这样
Response.Write("<script>alert('" + pwd + "')</script>");
//弹出都可以啊
conn.Dispose();
conn.Close();
}
finally { }
}
//这个程序只能读出密码,但并不能修改
protected void Button_Save_Click(object sender, EventArgs e)
{
String username = this.TextBox_LoginName.Text.Trim();
String oldpass = this.TextBox_OldPass.Text.Trim();
String newpass = this.TextBox_NewPass.Text.Trim();
String conpass = this.TextBox_Confirm.Text.Trim();
if (username.Length == 0)
{
this.Label2.Text = "请输入用户名!";
this.TextBox_LoginName.Focus();
return;
}
if (newpass != conpass)
{
this.Label2.Text = "两次输入密码不匹配!";
this.TextBox_NewPass.Focus();
return;
}
SqlConnection conn = new SqlConnection(@"server=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\yonghu.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True");
SqlCommand cmd;
SqlDataReader dr;
//定义变量
string user = string.Empty;
string pwd = string.Empty;
string t_sql = "select 管理员,密码 from yonghu where 管理员=@username and 密码=@oldpass";
cmd = new SqlCommand(t_sql, conn);
try
{
conn.Open();
SqlParameter puser = new SqlParameter("@username", SqlDbType.VarChar, 200);
SqlParameter ppassword = new SqlParameter("@oldpass", SqlDbType.VarChar, 200);
cmd.Parameters.Add(puser);
cmd.Parameters.Add(ppassword);
dr = cmd.ExecuteReader();
while (dr.Read())
{
//就收返回的值,比如说定义 一个变量 user , pwd
user = dr.GetString(0);
pwd = dr.GetString(1);
}
//然后根据你的选择密码可以打印出来或者这样
Response.Write("<script>alert('" + pwd + "')</script>");
//弹出都可以啊
conn.Dispose();
conn.Close();
}
finally { }
}
展开全部
string t_sql = "select 管理员,密码 from yonghu where 管理员=@username and 密码=@oldpass";
string t_sql = "select 管理员,密码 from yonghu where 管理员='" + username + "' and 密码= '"+ oldpass +"'";
string t_sql = "select 管理员,密码 from yonghu where 管理员='" + username + "' and 密码= '"+ oldpass +"'";
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
程序有问题,参数puser和ppassword没有赋值,赋值方法是puser.Value = username;
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询