1. 首页
  2. 问答
  3. C#SqlDataReader = null?

C#SqlDataReader = null?

2010-03-23 47 views
3 
  String sqlCheckPass = 
"Select * from Login where Username like @Username and Password like @Password"; 
     SqlCommand SqlCom = new SqlCommand(sqlCheckPass, myConnection); 
     SqlCom.Parameters.Add(new SqlParameter("@Username", sUserName)); 
     SqlCom.Parameters.Add(new SqlParameter("@Password", sPassword)); 

     myConnection.Open(); 
     SqlDataReader myreader; 
     myreader = SqlCom.ExecuteReader(); 
     int id = -1; 

ErrorBox.InnerHtml = "Username:" + sUserName + ":" + sPassword + ":<br/>"; 
while (myreader.HasRows) 
{ 
    id = (int)myreader["id"]; 
    String sUser = (String)myreader["Username"]; 
    String sPass = (String)myreader["Password"]; 
    ErrorBox.InnerHtml += "UserId is <b>" + id + "</b> " + sUser + ":" + sPass + ":<br >"; 
    Session["LoginID"] = id; 
    Server.Transfer(ReturnPage); 

} 
if (id == -1) 
{ 
    ErrorBox.InnerHtml = "Incorrect Password"; 
} 
myConnection.Close(); 
catch (Exception err) 
{ 
    ErrorBox.InnerHtml = "Error Getting Option ID" + err.Message; 
}

我在myreader = SqlCom.ExecuteReader()上添加了一个断点。并且它一直返回myreader为空,并且HasRows = False,但它确实有行。所以,它不断验证我的登录不正确,因为id = -1,C#SqlDataReader = null?

帮助?

来源

2010-03-23 tom

+0

要发布的代码应该是“SqlCom”的代。 – 2010-03-23 14:43:56

+1

其次...如果myreader为null,那么“HasRows”不能为false。 – 2010-03-23 14:45:09

+0

*请参阅编辑的第一篇文章* – tom 2010-03-23 14:51:11

回答

4

您没有将您的阅读器连接到您的SQL连接/命令?

SqlConnection myConnection = new SqlConnection(myConnectionString); 
SqlCommand myCommand = new SqlCommand(mySelectQuery, myConnection); 
myConnection.Open(); 
SqlDataReader myReader = myCommand.ExecuteReader(CommandBehavior.CloseConnection); 
while(myReader.Read()) 
{ 
    Console.WriteLine(myReader.GetString(0)); 
} 
myReader.Close();

来源

2010-03-23 14:44:27

+0

+1 - 其明显未初始化,因此为NULL。其他值只是默认值。 – ChrisBD 2010-03-23 14:49:52

+0

查看原帖我已经编辑它,我,肯定它的连接正确。 @Chris - 什么没有初始化? – tom 2010-03-23 14:54:02

+0

是您的连接字符串正确安装? try/catch或类似情况下是否引发异常? – 2010-03-23 14:59:22

1

问题可能是您的查询中的LIKE与SqlParameters。尝试

String sqlCheckPass = 
"Select * from Login where Username like '%' + @Username + '%' and Password like '%' + @Password + '%'";

来源

2010-03-23 15:02:13 David

+2

顺便说一句,你为什么要使用LIKE而不是“=”? – David 2010-03-23 15:04:04

+0

是的!作品!谢谢! :D – tom 2010-03-23 15:04:19

+0

很酷。但是,使用LIKE %%进行身份验证很危险。您应该使用“=” – David 2010-03-23 15:07:29

1

布莱恩·丹尼的回答上面正确的,但是,我会附上所有内部使用语句代码如下所示:

using (SqlConnection dataConnection = new SqlConnection(connectionString)) 
{ 
    using (SqlCommand SqlCom = dataConnection.CreateCommand()) 
    { 
     SqlCom.CommandText = "Select * from Login where Username like @Username and Password like @Password"; 
     SqlCom.Parameters.Add(new SqlParameter("@Username", sUserName)); 
     SqlCom.Parameters.Add(new SqlParameter("@Password", sPassword)); 

     dataConnection.Open(); 
     SqlDataReader myreader; 
     myreader = SqlCom.ExecuteReader(); 
     dataConnection.Close(); 
    } 
}

我没有所有的代码添加到该我想你明白了。

此外,您可以尝试修改select语句返回的记录数,因为这是所有你需要不管怎么说,一个数字:

SELECT COUNT(*) FROM Login WHERE Username like @Username AND Password like @Password

祝你好运!

来源

2010-03-23 15:32:23

相关问题

 相关问题