嘿并发症的家伙位在这里,我有一个创建帐户页面,它只是将数据插入一个MySQL数据库:插入到多个表中不知道的主键
protected void Button1_Click(object sender, EventArgs e)
{
OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite2; User=root; Password=commando;");
cn.Open();
OdbcCommand cmd = new OdbcCommand("INSERT INTO User (Email, FirstName, SecondName, DOB, Location, Aboutme, username, password) VALUES ('" + TextBox1.Text + "', '" + TextBox2.Text + "', '" + TextBox3.Text + "', '" + TextBox4.Text + "', '" + TextBox5.Text + "', '" + TextBox6.Text + "', '" + TextBox7.Text + "', '" + TextBox8.Text + "')", cn);
cmd.ExecuteNonQuery();
{
//e.Authenticated = true;
Response.Redirect("Login.aspx");
// Event useradded is true forward to login
}
}
}
但这里是我的问题创建账户页面我添加了一个FileUpload控件,我想上传图片,并保存在图片表中的IMAGEURL:
string filenameDB = Path.GetFileName(FileUploadControl.FileName);
string fileuploadpath = Server.MapPath("~/userdata/" + theUserId + "/uploadedimage/") + Path.GetFileName(FileUploadControl.FileName);
FileUploadControl.SaveAs(fileuploadpath);
string fileuploadpaths = ("~/userdata/" + theUserId + "/uploadedimage/") + filenameDB;
StatusLabel.Text = "Upload status: File uploaded!";
OdbcCommand cmd = new OdbcCommand("INSERT INTO Pictures VALUES picturepath ='" + fileuploadpaths + "' WHERE UserId = '" + theuserid + "'", cn);
cmd.ExecuteNonQuery();
的第一个问题是sql语法我需要将文件上传与我buttonclick结合,从而这将是INSERT INTO两张表用户和图片,但亲瑕疵之后是如何得到用户名如果帐户尚未创建? AHHH笑
表结构:
所以总结起来,我需要插入用户的详细信息到用户表,并上传到项目文件并插入IMAGEURL到图片表(存储像所以〜/ userdata/2/uploadedimages/bla.jpg),你可以看到图片表与用户表有一个1-1关系,所以它依赖于用户标识符be4帐户被创建,没有用户标识符,所以不知道是否有一种错开代码的方法,以便首先插入用户详细信息,然后使用会话检索该用户标识,然后将图像插入到图片表中?
或者也许有一些时髦的功能,一些聪明的人已经来到这个问题上,或者它只是一个简单的SQL语法decomobobulator。
P.S我知道SQL注入风险,请不要发布这个。多谢你们!
编辑:
protected void Button1_Click(object sender, EventArgs e)
{
if (FileUpload1.HasFile)
{
try
{
OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite2; User=root; Password=commando;");
cn.Open();
OdbcCommand cmd = new OdbcCommand("INSERT INTO User (Email, FirstName, SecondName, DOB, Location, Aboutme, username, password) VALUES ('" + TextBox1.Text + "', '" + TextBox2.Text + "', '" + TextBox3.Text + "', '" + TextBox4.Text + "', '" + TextBox5.Text + "', '" + TextBox6.Text + "', '" + TextBox7.Text + "', '" + TextBox8.Text + "')", cn);
OdbcCommand sc = new OdbcCommand("SELECT LAST_INSERT_ID()", cn);
//convert LAST INSERT into string theUserId
string filenameDB = Path.GetFileName(FileUpload1.FileName);
string fileuploadpath = Server.MapPath("~/userdata/" + theUserId + "/uploadedimage/") + Path.GetFileName(FileUpload1.FileName);
FileUpload1.SaveAs(fileuploadpath);
string fileuploadpaths = ("~/userdata/" + theUserId + "/uploadedimage/") + filenameDB;
Label10.Text = "Upload status: File uploaded!";
OdbcCommand cm = new OdbcCommand("INSERT INTO Pictures (picturepath, UserId) VALUES ('" + fileuploadpaths + "', " + theUserId + ")", cn);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
Label10.Text = "Upload status: The file could not be uploaded. The following error occured: " + ex.Message;
}
//e.Authenticated = true;
//Response.Redirect("Login.aspx");
// Event useradded is true forward to login
}
}
}
Nah我不能把它们放到用户表中,我怎么才能使用last_insert方法将我的插入到用户和图片表中的所有按钮单击下? – 2011-04-04 15:30:51
如果您先执行用户插入操作,则在执行图片插入操作之前请抓住最后一个插入ID。 'SELECT LAST_INSERT_ID()'确保在与插入相同的数据库连接中运行它。 – sreimer 2011-04-04 15:33:20
so SELECT LAST_INSERT_ID()FROM User或SELECT LAST_USERID()FROM User? – 2011-04-04 15:44:01