0
我必须做一个简单的登录,当您插入浏览器时不会崩溃a(“),所以我需要参数化查询字符串,但由于某种原因,我得到一个错误说:必须声明标量变量“@ UserName”
必须声明标量变量 “@用户”
这里是代码
private void DoSqlQuery()
{
try
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["RolaConnectionString"].ConnectionString);
conn.Open();
string checkUser = "select * from UserData where UserName = @UserName";
SqlCommand com = new SqlCommand(checkUser, conn);
com.Parameters.AddWithValue("@Username", txtUserName.Text.Trim());
int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
conn.Close();
if (temp == 1)
{
conn.Open();
string checkPassword = "select Password from UserData where UserName = @UserName";
SqlCommand passConn = new SqlCommand(checkPassword, conn);
com.Parameters.AddWithValue("@Username", txtUserName.Text.Trim());
string password = passConn.ExecuteScalar().ToString();
conn.Close();
if (password == txtPassword.Text)
{
Session["New"] = txtUserName.Text;
Response.Write("Password is correct");
Response.Redirect("~/LoggedIn.aspx");
}
else
{
Response.Write("Password is not correct");
}
}
else
{
Response.Write("Username is not correct");
}
}
catch(Exception e)
{
Response.Write(e.ToString());
}
}
检查拼写非常密切 - 你犯了一个错字。 – 2015-04-01 16:51:29
具体来讲,要注意每个角色的情况。 – Servy 2015-04-01 16:52:04
'@ Username''不等于''UserName'' – 2015-04-01 16:52:18