0
我得到一個異常,稱爲已經有一個開放的數據讀取器與此命令關聯,必須先關閉,我試圖尋找解決方案谷歌我試圖在連接字符串中使用MARS = true,並將所有內容都保存在USING中,但它沒有解決問題。 我收到一個異常行 cm.ExecuteNonQuery();已經有一個與這個命令相關的開放數據讀取器,必須先關閉異常
public void UpdateActionSchedule(string actionScheduleKey, string note, string PEOPLE_CODE_ID)
{
using (SqlConnection con = new SqlConnection("server=123; database=abc; user id=qwe; password=qwe;"))
{
con.Open();
if (note == "" || note == null)
{
string UPDATE_COMPLETE = String.Format("UPDATE ACTIONSCHEDULE SET EXECUTION_DATE = '" + DateTime.Now + "', COMPLETED = 'Y', REVISION_OPID='WFLOW' where UNIQUE_KEY = '" + actionScheduleKey + "' and people_org_code_id='" + PEOPLE_CODE_ID + "'");
SqlCommand cd = new SqlCommand(UPDATE_COMPLETE, con);
cd.ExecuteNonQuery();
cd.Dispose();
}
else
{
string oriNote = "";
string GET_NOTE = String.Format("SELECT NOTE FROM ACTIONSCHEDULE WHERE people_org_code_id='{0}' and UNIQUE_KEY='{1}'", PEOPLE_CODE_ID, actionScheduleKey);
using (SqlCommand cmd = new SqlCommand(GET_NOTE, con))
{
// SqlDataReader dr = cmd.ExecuteReader();
using (SqlDataReader dr = cmd.ExecuteReader())
{
if (dr.HasRows)
{
while (dr.Read())
{
oriNote = dr["NOTE"].ToString();
}
note = oriNote + " " + note;
}
//string UPDATE = String.Format("UPDATE ACTIONSCHEDULE SET Note = '" + note + "' where UNIQUE_KEY = '" + actionScheduleKey + "' and people_org_code_id='" + PEOPLE_CODE_ID + "'");
//SqlCommand cm = new SqlCommand(UPDATE, con);
//cm.ExecuteNonQuery();
//cm.Dispose();
string UPDATE_COMPLETE = String.Format("UPDATE ACTIONSCHEDULE SET EXECUTION_DATE = '" + DateTime.Now + "',Note = '" + note + "', COMPLETED = 'Y', REVISION_OPID='WFLOW' where UNIQUE_KEY = '" + actionScheduleKey + "' and people_org_code_id='" + PEOPLE_CODE_ID + "'");
SqlCommand cmw = new SqlCommand(UPDATE_COMPLETE, con);
cmw.ExecuteNonQuery();
cmw.Dispose();
}
}
}
}
}
無關:您需要參數化您的查詢,而不是進行字符串連接。這裏是[相關文章爲什麼](https://msdn.microsoft.com/en-us/library/ff648339.aspx) – MrZander
那麼。這個錯誤對我來說似乎很清楚。在發佈上次更新命令之前,您需要調用_dr.Close_。但真正你寫sql命令的方式是非常危險的。用參數儘快修復它。除SQL注入之外,如果您的字段NOTE包含單引號,您認爲會發生什麼? – Steve
也不要顯式調用Dispose - 而是使用(var cmw = new SqlCommand(...))將代碼封裝在裏面。 –