-1
我目前正在做一個asp.net網站,藉此註冊用戶可以在一個名爲Edit Profile的頁面中更新他們的詳細資料。爲什麼我的輸入數據無法在數據庫中更新?
編輯配置文件頁面的工作方式是註冊用戶的數據將通過文本框顯示,數據通過會話功能顯示。
用戶將能夠通過相同的文本框編輯他們的數據,並且特定用戶的新輸入數據應該在數據庫中更新。
這是我的cs文件的代碼...
int profileid;
string username = "";
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if(Session["NonAdmin"] !=null)
{
getlogininfo();
getInfo();
}
}
else
{
getInfo();
}
}
private void getlogininfo()
{
username = (String)Session["NonAdmin"];
MySqlConnection mcon = new MySqlConnection("My connectionString");
MySqlCommand command = mcon.CreateCommand();
mcon.Open();
command.CommandText = "SELECT Username FROM pointofcontact WHERE Username='" + tbUsername.Text + "'";
MySqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
string u = reader["Username"].ToString();
if(username == u)
{
profileid = Convert.ToInt32(reader["POCID"]);
}
}
}
private void getInfo()
{
username = (String)Session["NonAdmin"];
MySqlConnection mcon = new MySqlConnection("server=182.50.133.91;user id=Jonathan;password=****;persistsecurityinfo=True;database=ajactrac_;allowuservariables=True");
MySqlCommand command = mcon.CreateCommand();
mcon.Open();
command.CommandText = "SELECT * from pointofcontact WHERE Username ='" + username + "'";
MySqlDataReader reader = command.ExecuteReader();
reader.Read();
tbUsername.Text = reader["Username"].ToString();
tbOldPassword.Text = reader["Password"].ToString();
tbFirstName.Text = reader["FirstName"].ToString();
tbLastName.Text = reader["LastName"].ToString();
tbMobile.Text = reader["ContactNumber"].ToString();
tbEmail.Text = reader["EmailAddress"].ToString();
tbAddress.Text = reader["Address"].ToString();
tbBackupContact.Text = reader["BackupContactNumber"].ToString();
}
protected void btnContinue_Click(object sender, EventArgs e)
{
//Declaration of variable to update Profile Image
string imageName, newContact;
imageName = FileUpload1.FileName.ToString();
newContact = tbMobile.Text.ToString();
FileUpload1.PostedFile.SaveAs(Server.MapPath("~/Images/") + imageName);
username = (String)Session["NonAdmin"];
MySqlConnection mcon = new MySqlConnection("server=182.50.133.91;user id=Jonathan;password=****;persistsecurityinfo=True;database=ajactrac_;allowuservariables=True");
MySqlDataAdapter sda = new MySqlDataAdapter("select * from pointofcontact where Username = '" + username.ToString() + "'", mcon);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows.Count.ToString() == "1")
{
MySqlCommand command = mcon.CreateCommand();
MySqlCommand command1 = mcon.CreateCommand();
MySqlCommand command2 = mcon.CreateCommand();
MySqlCommand command3 = mcon.CreateCommand();
MySqlCommand command4 = mcon.CreateCommand();
MySqlCommand command5 = mcon.CreateCommand();
MySqlCommand command6 = mcon.CreateCommand();
MySqlCommand command7 = mcon.CreateCommand();
command.CommandText = "update pointofcontact set Password = ?pwd where Username = '" + username.ToString() + "'";
command1.CommandText = "update pointofcontact set FirstName = ?firstname where Username = '" + username.ToString() + "'";
command2.CommandText = "update pointofcontact set LastName = ?lastname where Username = '" + username.ToString() + "'";
command3.CommandText = "update pointofcontact set ContactNumber = ?contact where Username = '" + username.ToString() + "'";
command4.CommandText = "update pointofcontact set EmailAddress = ?email where Username = '" + username.ToString() + "'";
command5.CommandText = "update pointofcontact set Address = ?address where Username = '" + username.ToString() + "'";
command6.CommandText = "update pointofcontact set BackupContactNumber = ?backupnumber where Username = '" + username.ToString() + "'";
command7.CommandText = "update pointofcontact set ProfilePic = ?newimage where Username = '" + username.ToString() + "'";
mcon.Open();
if(tbNewPassword.Text == null)
{
command.Parameters.AddWithValue("?pwd", tbOldPassword.Text.Trim());
}
else
{
command.Parameters.AddWithValue("?pwd", tbNewPassword.Text.Trim());
}
command1.Parameters.AddWithValue("?firstname", tbFirstName.Text.Trim());
command2.Parameters.AddWithValue("?lastname", tbLastName.Text.Trim());
command3.Parameters.AddWithValue("?contact", tbMobile.Text.Trim());
command4.Parameters.AddWithValue("?email", tbEmail.Text.Trim());
command5.Parameters.AddWithValue("?address", tbAddress.Text.Trim());
command6.Parameters.AddWithValue("?backupnumber", tbBackupContact.Text.Trim());
command7.Parameters.AddWithValue("?newimage", imageName);
command.ExecuteNonQuery();
command1.ExecuteNonQuery();
command2.ExecuteNonQuery();
command3.ExecuteNonQuery();
command4.ExecuteNonQuery();
command5.ExecuteNonQuery();
command6.ExecuteNonQuery();
command7.ExecuteNonQuery();
mcon.Close();
但是,當我檢查數據庫,已更新的唯一的事情就是密碼。
我會很感激任何幫助我的代碼,因爲我自己不知道我能做些什麼來修復我的代碼。
謝謝。 :)
還有,我忘了包括圖像(FileUpload1)總是需要更新,無論關於用戶是否想要更新它。 – MrStutterz
發佈代碼時要小心。你不應該發佈密碼,你應該小心有關你的數據庫的其他信息(如IP地址和用戶名)。 –
哦,我的。如果要更新錶行的多個字段,則不必爲每個字段執行1'update'語句。只需執行一條'update'語句:'update table set field1 = value1,field2 = value2,...,fieldN = valueN where ...' – sstan