使用asp.net和sql投票投票

Question

我做了一个应用程序在Android上的移动投票.. 支持，我有一些页面在asp.net。 现在我被困在那里我必须做出一个页面中的投票铸造是做...

我想出了这个...
程序包括三个步骤..

步骤1检查id和_password是对还是错。

步骤2检查表格中是否存在竞争者名称。

步骤3检查ID是否存在于表格castVote如果不是然后将其与contenderName进入它...

protected void Page_Load(object sender, EventArgs e) 

{ 
    Boolean step1 = false; 
    Boolean step2 = false; 
    Boolean step3 = false; 
    SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["conString"].ToString()); 
    try 
    { 
     con.Open(); 
     String _view = String.Format("Select * from login_password where id='{0}' and _password='{1}'", Request.QueryString["id"].ToString(), Request.QueryString["_password"].ToString()); 
     SqlCommand cmd = new SqlCommand(_view, con); 
     SqlDataReader dr = cmd.ExecuteReader(); 
     while (dr.HasRows) 
     { 
      step1 = true; 
      Response.Write("step1 fulfilled"); 
     } 
     if(step1 == false) 
     { 
      // step1 = false; 
      Response.Write("Check User Details"); 
     } 
    } 
    catch (Exception ee) 
    { 
     Response.Write("Exception in Step1:" + ee.ToString()); 
    } 
    // finally 
    // { 
    //  con.Close(); 
    // } 
    try 
     { 
     if (step1 == true) 
     { 
      // con.Open(); 
      String _view1 = String.Format("Select * from RegisterContender where Name='{2}'", Request.QueryString["Name"].ToString()); 
      SqlCommand cmd1 = new SqlCommand(_view1, con); 
      SqlDataReader dr = cmd1.ExecuteReader(); 
      while (dr.HasRows) 
      { 
       step2 = true; 
       Response.Write("Step2 fulfilled"); 
      } 
      if (step2 == false) 
      { 
       Response.Write("No Such Contender Exists"); 
       step2 = false; 
       step1 = false; 
      } 
     } 
    } 
    catch (Exception eee) 
    { 
     Response.Write("Exception in Step2:" + eee.ToString()); 
    } 
    /*finally 
    { 
     con.Close(); 
    }*/ 
    try 
    { 
     if (step1 == true && step2 == true) 
     { 
    //  con.Open(); 
      String _view2 = String.Format("Select * from castVote where VoterLogin='{0}'", Request.QueryString["VoterLogin"].ToString()); 
      SqlCommand cmd2 = new SqlCommand(_view2, con); 
      SqlDataReader dr = cmd2.ExecuteReader(); 
      while (dr.HasRows) 
      { 
       step3 = false; 
       Response.Write("You have already casted the vote"); 
       return; 
      } 
      if (step1 == true && step2 == true) 
      { 
       step3 = true; 
       Response.Write("step 3 fulfilled"); 
      } 
     } 
    } 
    catch (Exception eeee) 
    { 
     Response.Write("Exception in step3:" + eeee.ToString()); 
    } 
    // finally 
    // { 
    //  con.Close(); 
    // } 
    try 
    { 
     if (step1 == true && step2 == true && step3 == true) 
     { 
     //  con.Open(); 
      String _view3 = String.Format("Insert into castVote values VoterLogin='{0}' and ContenderName='{2}'", Request.QueryString["VoterLogin"].ToString(), Request.QueryString["ContenderName"].ToString()); 
      SqlCommand cmd3 = new SqlCommand(_view3, con); 
      SqlDataReader dr = cmd3.ExecuteReader(); 
      Response.Write("Vote Casting Done Successfully"); 
     } 
    } 
    catch (Exception eeeee) 
    { 
     Response.Write("exception in casting:" + eeeee.ToString()); 
    } 
    finally 
    { 
     step1 = false; 
     step2 = false; 
     step3 = false; 
     con.Close(); 
    } 
} 

表中使用are--

create table login_password 
(id varchar(200), 
_password varchar(200)) 

create table RegisterContender 
(ContenderId int identity(1,1) Primary Key Not Null, 
Name varchar(100), 
PartyName varchar(100), 
History varchar(1000), 
Future_Proposals varchar(500), 
Region varchar(150) 
) 

create table castVote(VoterLogin varchar(100),ContenderName varchar(100)) 

和当我在本地运行此页...使用querystrings

CastVote/CastVote.aspx?id=naman6064&_password=WW5ghx3p&Name=namit 

它需要很长时间...然后它说内存不足的异常

什么MI做错了...是我的查询权

Answer 1

你有一个无限循环

变化

while (dr.HasRows) 

到

while (dr.Read()) 

“HasRows”将返回true或false以太数据读取器有行，但是“读取”将SqlDataReader推进到下一个记录。