0
當我從軟件更新數據時,我正面臨着死鎖錯誤。交易過程 - 死鎖錯誤
這裏是我的代碼:
所有的private void btn_upd_Click(object sender, EventArgs e)
{
try
{
SqlConnection con = new SqlConnection(Constr);
con.Open();
string myquery = "Select Reg,Rank,Trade,Name,Wing,Father_name,Dob,Gender,Cast,Sect,Serial,Qualification,Tehseel,District,Cnic_No,Blood_Group,Height,Weight,Identification_Mark,Permanent_Add,Nameof_Spouse,Relation,Nameof_MaleKids,image1 from PersonalInfo where Reg='" + txt_srch.Text + "'";
SqlCommand c = new SqlCommand(myquery, con);
SqlDataReader rd = c.ExecuteReader();
if (!(rd.HasRows))
{
MessageBox.Show("No such data to delete");
}
else
{
string query;
query = "update PersonalInfo set Rank='" + textBox2.Text + "', Serial='" + SN.Text + "', Trade='" + textBox3.Text + "',Name='" + textBox4.Text + "',Wing='" + textBox5.Text + "',Father_name='" + textBox6.Text + "',Dob='" + textBox7.Text + "',Gender='" + textBox8.Text + "',Cast='" + textBox9.Text + "',Sect='" + textBox23.Text + "',Qualification='" + textBox10.Text + "',Tehseel='" + textBox24.Text + "',District='" + textBox21.Text + "',Cnic_No='" + textBox11.Text + "',Blood_Group='" + textBox12.Text + "',Height='" + textBox13.Text + "',Weight='" + textBox14.Text + "',Identification_Mark='" + textBox15.Text + "',Permanent_Add='" + textBox16.Text + "',Nameof_Spouse='" + textBox18.Text + "',Relation='" + textBox19.Text + "',Nameof_MaleKids='" + textBox20.Text + "',image1='" + ImageToBase64(pictureBox1.Image, System.Drawing.Imaging.ImageFormat.Jpeg) + "' where Reg='" + txt_srch.Text + "'";
SqlCommand cmd = new SqlCommand(query, con);
cmd.ExecuteNonQuery();
MessageBox.Show("Data Updated");
}
con.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
[SQL注入警報(http://msdn.microsoft.com/en-us/library/ms161953%28v= sql.105%29.aspx) - 你應該不**將你的SQL語句連接在一起 - 使用**參數化查詢**來避免SQL注入 - 檢出[Little Bobby Tables](https://xkcd.com/327 /) –