我已经关闭所有的读者都没有我吗?每次触发该功能时,都会导致错误其他SqlDataReader需要关闭,虽然我已经关闭了其他任何其他
System.InvalidOperationException:'无法尝试在阅读器关闭时调用Read。
现在我真的很沮丧。
我的代码有什么问题?一切似乎都很好。
Private Sub Button_EditData_Click(sender As Object, e As EventArgs) Handles Button_EditData.Click
FormEnabler()
Me.TextBox_BranchID.Enabled = False
Me.Button_AddNew.Enabled = False
Me.Button_EditData.Enabled = False
Me.Button_DeleteData.Enabled = False
Me.Button_Save.Enabled = True
Me.Button_Cancel.Enabled = True
Me.Button_ManageThisBranchStock.Enabled = False
Me.Button_ManageThisBranchEmployee.Enabled = False
theConnection.Open()
Dim theEditInputCommand As New SqlCommand
Dim theEditInputDataReader As SqlDataReader
theEditInputCommand.Connection = theConnection
theEditInputCommand.CommandText = "SELECT * FROM Branch WHERE BranchID = '" & Me.TextBox_BranchID.Text & "'"
theEditInputDataReader = theEditInputCommand.ExecuteReader()
If theEditInputDataReader.Read() Then
Me.TextBox_Title.Text = theEditInputDataReader.Item("Title")
Me.RichTextBox_Address.Text = theEditInputDataReader.Item("Address")
Me.TextBox_ContactNumber.Text = theEditInputDataReader.Item("ContactNo")
Me.ComboBox_BranchManager.Text = theEditInputDataReader.Item("BranchManager")
theEditInputDataReader.Close()
End If
theConnection.Close()
theConnection.Open()
Dim theEditInputBranchManagerCommand As New SqlCommand
Dim theEditInputBranchManagerDataReader As SqlDataReader
Dim theEditInputBranchManagerDataTable As New DataTable
theEditInputBranchManagerCommand.Connection = theConnection
theEditInputBranchManagerCommand.CommandText = "SELECT EmployeeID FROM AssignmentDetail WHERE BranchID = '" & Me.TextBox_BranchID.Text & "'"
theEditInputBranchManagerDataReader = theEditInputBranchManagerCommand.ExecuteReader()
theEditInputBranchManagerDataTable.Load(theEditInputBranchManagerDataReader)
If theEditInputBranchManagerDataReader.Read() Then
Me.ComboBox_BranchManager.ValueMember = "EmployeeID"
Me.ComboBox_BranchManager.DisplayMember = "EmployeeID"
Me.ComboBox_BranchManager.DataSource = theEditInputBranchManagerDataTable
theEditInputBranchManagerDataReader.Close()
Else
Me.ComboBox_BranchManager.ValueMember = "'-'"
theEditInputBranchManagerDataReader.Close()
End If
theConnection.Close()
End Sub
调试器指出的错误在这里:
If theEditInputBranchManagerDataReader.Read() Then
Me.ComboBox_BranchManager.ValueMember = "EmployeeID"
Me.ComboBox_BranchManager.DisplayMember = "EmployeeID"
Me.ComboBox_BranchManager.DataSource = theEditInputBranchManagerDataTable
theEditInputBranchManagerDataReader.Close()
Else
Me.ComboBox_BranchManager.ValueMember = "'-'"
theEditInputBranchManagerDataReader.Close()
End If
你需要阅读,理解,并开始使用参数化查询鲍比表来拜访了。 http://bobby-tables.com/这个代码对sql注入是开放的。 –
wtf是博比表吗? – bidipeppercrap
请点击链接。这是一个关于sql注入的漫画。而你的代码是这个漏洞如何工作的典型例子。 –