0
我有一個Web表單項目來更新Microsoft SQL 2012數據庫表中的列。當我爲我的SqlConnection「硬編碼」連接信息時,一切正常。但是,如果我嘗試去ConfigurationManager.ConnectionStrings路線,我得到不支持的關鍵字「ID」。我已將Imports.System.Configuration代碼包含到我的項目中。下面是我在哪裏通過添加的ConnectionString到我的web.config像這樣ASP.NET(VB)從web.config嘗試設置數據庫連接
<connectionStrings >
<add
name="PRRWeb"
connectionString="Server=server;Database=DB;Timeout=200;User ID=user; Password=Password; Trusted_Connection=False;"
providerName="System.Data.SqlClient"/>
運行到解決這一問題的問題
Protected Sub BtnSubmit_Click(sender As Object, e As EventArgs) Handles BtnSubmit.Click
Dim myConn As SqlConnection
Dim cmd As SqlCommand
Dim sqlstring, RqType, RqLast, RqFirst, RqOrg, RqEmail, RqNeedDate, SubFirst, SubLast, RqDetails, RqGenDate, RqOperator As String
RqType = cbxRequestType.SelectedValue
RqLast = txtReqLastName.Text
RqFirst = txtReqFirstname.Text
RqOrg = txtOrganization.Text
RqEmail = txtEmail.Text
RqNeedDate = txtReqDate.Text
SubFirst = txtSubFirst.Text
SubLast = txtSubLast.Text
RqDetails = txtReqDetails.Text
RqGenDate = txtGenDate.Text
RqOperator = txtOperator.Text
If Agree.Checked = False Then
MsgBox("You must agree to the terms before proceeding")
Else
myConn = New SqlConnection(ConfigurationManager.ConnectionStrings("PRRWeb").ConnectionString)
myConn.Open()
sqlstring = "INSERT INTO Requests (LastName, FirstName, Organization, DateRequested, DateNeeded, OperatorID, SubjectLastName, SubjectFirstName, Notes, TypeID, Email) VALUES ('" + RqLast + "','" + RqFirst + "', '" + RqOrg + "','" + RqGenDate + "', '" + RqNeedDate + "','" + RqOperator + "','" + SubLast + "','" + SubFirst + "','" + RqDetails + "','" + RqType + "','" + RqEmail + "')"
cmd = New SqlCommand(sqlstring, myConn)
cmd.ExecuteNonQuery()
myConn.Close()
MsgBox("Your request has been submitted.", MsgBoxStyle.Information)
Response.Redirect(Request.RawUrl)
End If
錯誤來自哪條線? – mason
向我們展示web.config條目,這可能是責任。 – Mike
這段代碼是世界上每一個渴望黑客的人的喜悅。你有沒有聽說過Sql Injection? – Steve