我的注册工作正常,但即时通讯尝试登录到我的网站,它曾经工作过,但我编辑了几件事情,现在它不断给我这个错误。我唯一改变的是我删除了信用卡名称和值,因为我不需要使用它们,所以现在我的用户类不包含cvv,信用卡类型,信用卡号码,城市,街道地址。没有给出一个或多个必需参数的值。 daObj.Fill(dsUser);
我的代码是:
<asp:Panel ID="loginpan" Visible="false" runat="server" BackColor="Black" BorderColor="White" BorderStyle="Double" Style="height: 125px; margin-left: 728px; width: 415px; margin-top: -10px; position:absolute;">
<table style="height: 125px">
<tr>
<td>
<asp:Label ID="lblemail" runat="server" Text="E-Mail:" ForeColor="White"></asp:Label>
</td>
<td>
<asp:TextBox ID="txtemail" runat="server" Width="326px"></asp:TextBox>
</td>
<td>
</td>
</tr>
<tr>
<td>
<asp:Label ID="lblpass" runat="server" Text="Password:" ForeColor="White"></asp:Label>
</td>
<td>
<asp:TextBox ID="txtpass" runat="server" Width="327px" TextMode="Password"></asp:TextBox>
</td>
<td>
</td>
</tr>
<tr>
<td> </td>
<td>
<asp:Button ID="btnsignin" runat="server" CausesValidation="False" Text="Login" CssClass="TopBtns"
OnClick="btnsignin_Click" OnClientClick="return validate();" />
<asp:Button ID="forgotpass" runat="server" CausesValidation="False" Text="Forgot Password?" PostBackUrl="~/SiteForms/ForgotPass.aspx" CssClass="TopBtns" />
</td>
</tr>
<tr>
<td> </td>
<td>
<asp:Label ID="lblinfo" runat="server" Visible="true" ForeColor="White"></asp:Label>
</td>
</tr>
在后面的代码
:
UserClass userobj = new UserClass();
string email = txtemail.Text;
string pass = txtpass.Text;
userobj.UserEmailId = email;
userobj.UserPassword = pass;
if (userobj.UserExist())
{
Session["userobj"] = userobj;
if(Session ["FP"] == null)
Response.Redirect(Request.RawUrl);
Response.Redirect("~/SiteForms/Homepage.aspx");
}
else
{
if (userobj.UserExistSignUp() == false)
lblinfo.Text = " the email you inputted is not registered";
else
lblinfo.Text = " the password you inputted is wrong";
lblinfo.Visible = true;
}
}
,他们给我的错误是: 没有为一个或多个必需的参数给定值。
描述:执行当前Web请求期间发生未处理的异常。请查看堆栈跟踪以获取有关该错误的更多信息以及源代码的位置。
异常详细信息:System.Data.OleDb.OleDbException:未给出一个或多个必需参数的值。
源错误:
线36:OleDbDataAdapter的daObj =新OleDbDataAdapter的(的SqlString,conObj);
行37:DataSet dsUser = new DataSet();
第38行:daObj.Fill(dsUser);
第39行:DataTable dt = dsUser.Tables [0];
第40行:conObj.Close();
他们突出显示了daObj.Fill(dsUser); 所以我认为它是从我的用户类和dbfunctions,但我没有改变任何东西。
我UserClass的:
private string userEmailId;
public string UserEmailId
{
get { return userEmailId; }
set { this.userEmailId = value; }
}
private string userPassword;
public string UserPassword
{
get { return userPassword; }
set { this.userPassword = value; }
}
private string userFirstName;
public string UserFirstName
{
get { return userFirstName; }
set { this.userFirstName = value; }
}
private string userLastName;
public string UserLastName
{
get { return userLastName; }
set { this.userLastName = value; }
}
// =========================================================================
public bool UserExist()
{
string userSqlStr = "select [userPassword] from [UserTable] where [userPassword]='" +
this.UserPassword + "' and [eMailAddress]='" + this.userEmailId + "'";
DataTable dt = DBFunctions.SelectFromTable(userSqlStr, "DataBase.accdb");
if (dt.Rows.Count > 0)
return true;
return false;
}
public bool UserExistSignUp()
{
string userSqlStr = "select [eMailAddress] from [UserTable] where [eMailAddress]='" + this.userEmailId + "'";
DataTable dt = DBFunctions.SelectFromTable(userSqlStr, "DataBase.accdb");
if (dt.Rows.Count > 0)
return true;
return false;
}
和我dbfunction是
public static OleDbConnection GenerateConnection(string dbFileName)
{
OleDbConnection conObj = new OleDbConnection();
conObj.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" + HttpContext.Current.Server.MapPath("~/App_Data/" + dbFileName) + ";Persist Security Info=False";
conObj.Open();
return conObj;
}
public static DataTable SelectFromTable(string sqlString, string dbFileName)
{
OleDbConnection conObj = GenerateConnection(dbFileName);
OleDbCommand cmd = new OleDbCommand();
cmd.CommandText = sqlString;
cmd.Connection = conObj;
OleDbDataAdapter daObj = new OleDbDataAdapter(sqlString, conObj);
DataSet dsUser = new DataSet();
daObj.Fill(dsUser);
DataTable dt = dsUser.Tables[0];
conObj.Close();
return dt;
}
你有没有试过复制导致问题的'CommandText'并直接在Access中运行它?这样做应该让你更深入地了解发生了什么问题。你确定你的字段名称在你的查询中拼写正确吗? – pstrjds
** OMG **'“从[UserTable]中选择[eMailAddress],其中[eMailAddress] ='”+ this.userEmailId +“'”;'**请阅读:** https://en.wikipedia.org/wiki/SQL_injection –
这仅仅是我的学校项目考试,所以任何人都可以入侵它并不重要。它不在线上。 – Jouwana