我的后台程序改了一下后,新增可以正常保存,但在现有的内容编辑后,就出现了“ExecuteNonQuery: CommandText 属性尚未初始化 ”程序如下:
if (Session["action"].ToString() == "edit")
{
try
{//修改数据库 string Edittext = new Common().GetText(txtContent.Text);
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBConn"].ToString());
SqlCommand comm = new SqlCommand("", conn);
//"update Article set"
// + "[News_first_title]='" + tbox_FirTitle.Text + "',"
// + "[News_second_title]='" + tbox_SecTitle.Text + "',"
// + "[News_third_title]='" + tbox_ThdTitle.Text + "',"
// + "[News_time]='" + tbox_Date.Text + "',"
// + "[News_author]='" + tbox_Author.Text + "',"
// + "[News_content]='" + Edittext + "',"
// + "[News_homepage_tag]='" + chk_HomePage.Checked + "',"
// + "[News_photo_tag]='" + chk_Flash.Checked + "',"
// + "[News_affiche_tag]='" + chk_Affiche.Checked + "',"
// + "[News_top_tag]='" + chk_Top.Checked + "',"
// + "[news_public_tag]='" + chk_Public.Checked + "',"
// + "[news_hot_tag]='" + chk_Hot.Checked + "',"
// + "[News_attachment]='" + str_Attachment + "',"
// + "[news_public_type]='" + ddlist_PublicType.SelectedItem.Text + "',"
// + "[news_affiche_time]='" + tbox_Affiche.Text + "',"
// + "[news_group_]='" + Session["type"].ToString()
// + "' WHERE [News_id]='" + Session["keys"] + "'"
if (strID != null)
{
for (int ni = 0; ni < strID.Length; ni++)
{
sql += "insert into [Article] ("
+ "[News_first_title],"
...
+ "VALUES ('" + tbox_FirTitle.Text + "',"
+ "'" + tbox_SecTitle.Text + "',"
...
,"
+ "'" + strID[ni] + "'"
+ ");";
}
}
sql = "delete from Article where News_id ='" + Session["keys"] + "';" + sql;
conn.Open();
comm.ExecuteNonQuery();
conn.Close();
comm.Dispose();
conn.Dispose();
}
catch (Exception f)
{
Response.Write(f.Message.ToString());
}
}
else
{
try
{//存入数据库
string Edittext = new Common().GetText(txtContent.Text);
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBConn"].ToString());
SqlCommand comm = new SqlCommand("",conn);
if (strID != null)
{
for (int ni = 0; ni < strID.Length; ni++)
{
sql += "insert into [Article] ("
+ "[News_first_title],"
..."
+ "VALUES ('" + tbox_FirTitle.Text + "',"
+ "'" + tbox_SecTitle.Text + "',"
...
+ "'" + tbox_Affiche.Text + "',"
+ "'" + strID[ni] + "'"
+ ");";
} }
else
{
sql = "insert into [Article] ("
+ "[News_first_title],"
...
+ "[news_group_]) "
+ "VALUES ('" + tbox_FirTitle.Text + "',"
+ "'" + tbox_SecTitle.Text + "',"
...
+ "'" + Session["type"].ToString() + "'"
+ ");";
}
comm.CommandText = sql.Substring(0, sql.Length - 1);
conn.Open();
comm.ExecuteNonQuery();
conn.Close();
comm.Dispose();
conn.Dispose();
}
catch (Exception f)
{ Response.Write(f.Message.ToString()); }
} Session["typeID"] = null;
Session["typeName"] = null;
ds.Tables[0].Rows[0]["name"] = " ";
ds.WriteXml(Server.MapPath("XML_UpFile.xml"));
Server.Transfer("manager_content_list.aspx", true);
}
protected void btn_Return_Click(object sender, EventArgs e)
{
Server.Transfer("manager_content_list.aspx", true);
}}
if (Session["action"].ToString() == "edit")
{
try
{//修改数据库 string Edittext = new Common().GetText(txtContent.Text);
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBConn"].ToString());
SqlCommand comm = new SqlCommand("", conn);
//"update Article set"
// + "[News_first_title]='" + tbox_FirTitle.Text + "',"
// + "[News_second_title]='" + tbox_SecTitle.Text + "',"
// + "[News_third_title]='" + tbox_ThdTitle.Text + "',"
// + "[News_time]='" + tbox_Date.Text + "',"
// + "[News_author]='" + tbox_Author.Text + "',"
// + "[News_content]='" + Edittext + "',"
// + "[News_homepage_tag]='" + chk_HomePage.Checked + "',"
// + "[News_photo_tag]='" + chk_Flash.Checked + "',"
// + "[News_affiche_tag]='" + chk_Affiche.Checked + "',"
// + "[News_top_tag]='" + chk_Top.Checked + "',"
// + "[news_public_tag]='" + chk_Public.Checked + "',"
// + "[news_hot_tag]='" + chk_Hot.Checked + "',"
// + "[News_attachment]='" + str_Attachment + "',"
// + "[news_public_type]='" + ddlist_PublicType.SelectedItem.Text + "',"
// + "[news_affiche_time]='" + tbox_Affiche.Text + "',"
// + "[news_group_]='" + Session["type"].ToString()
// + "' WHERE [News_id]='" + Session["keys"] + "'"
if (strID != null)
{
for (int ni = 0; ni < strID.Length; ni++)
{
sql += "insert into [Article] ("
+ "[News_first_title],"
...
+ "VALUES ('" + tbox_FirTitle.Text + "',"
+ "'" + tbox_SecTitle.Text + "',"
...
,"
+ "'" + strID[ni] + "'"
+ ");";
}
}
sql = "delete from Article where News_id ='" + Session["keys"] + "';" + sql;
conn.Open();
comm.ExecuteNonQuery();
conn.Close();
comm.Dispose();
conn.Dispose();
}
catch (Exception f)
{
Response.Write(f.Message.ToString());
}
}
else
{
try
{//存入数据库
string Edittext = new Common().GetText(txtContent.Text);
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["DBConn"].ToString());
SqlCommand comm = new SqlCommand("",conn);
if (strID != null)
{
for (int ni = 0; ni < strID.Length; ni++)
{
sql += "insert into [Article] ("
+ "[News_first_title],"
..."
+ "VALUES ('" + tbox_FirTitle.Text + "',"
+ "'" + tbox_SecTitle.Text + "',"
...
+ "'" + tbox_Affiche.Text + "',"
+ "'" + strID[ni] + "'"
+ ");";
} }
else
{
sql = "insert into [Article] ("
+ "[News_first_title],"
...
+ "[news_group_]) "
+ "VALUES ('" + tbox_FirTitle.Text + "',"
+ "'" + tbox_SecTitle.Text + "',"
...
+ "'" + Session["type"].ToString() + "'"
+ ");";
}
comm.CommandText = sql.Substring(0, sql.Length - 1);
conn.Open();
comm.ExecuteNonQuery();
conn.Close();
comm.Dispose();
conn.Dispose();
}
catch (Exception f)
{ Response.Write(f.Message.ToString()); }
} Session["typeID"] = null;
Session["typeName"] = null;
ds.Tables[0].Rows[0]["name"] = " ";
ds.WriteXml(Server.MapPath("XML_UpFile.xml"));
Server.Transfer("manager_content_list.aspx", true);
}
protected void btn_Return_Click(object sender, EventArgs e)
{
Server.Transfer("manager_content_list.aspx", true);
}}
comm.CommandText = sql;
conn.Open();
comm.ExecuteNonQuery();
正解! 你的SQL没有传给comm对象阿 ,打开连接,去执行SQL语句或存储过程的时候,并没有给comm.CommandText赋值
这个后,编辑是没有“ExecuteNonQuery: CommandText 属性尚未初始化 ”提示了。
但是,编辑后把文章删除了。。不见了。。呃呃。。
cmd.commandtext=sql
弱弱的说句:楼主很懒!而且你还用拼接字符串的形式,有很多安全漏洞,最好用SqlParameter类进行参数化,这样会防很多sql注入。如:SqlParameter sqlpt1 = new SqlParameter("@Name", Name);
希望我说的对你能有帮助!
因为它
那是否这句应该不要呢?
// + "[News_first_title]='" + tbox_FirTitle.Text + "',"
// + "[News_second_title]='" + tbox_SecTitle.Text + "',"
// + "[News_third_title]='" + tbox_ThdTitle.Text + "',"
// + "[News_time]='" + tbox_Date.Text + "',"
// + "[News_author]='" + tbox_Author.Text + "',"
// + "[News_content]='" + Edittext + "',"
// + "[News_homepage_tag]='" + chk_HomePage.Checked + "',"
// + "[News_photo_tag]='" + chk_Flash.Checked + "',"
// + "[News_affiche_tag]='" + chk_Affiche.Checked + "',"
// + "[News_top_tag]='" + chk_Top.Checked + "',"
// + "[news_public_tag]='" + chk_Public.Checked + "',"
// + "[news_hot_tag]='" + chk_Hot.Checked + "',"
// + "[News_attachment]='" + str_Attachment + "',"
// + "[news_public_type]='" + ddlist_PublicType.SelectedItem.Text + "',"
// + "[news_affiche_time]='" + tbox_Affiche.Text + "',"
// + "[news_group_]='" + Session["type"].ToString()
// + "' WHERE [News_id]='" + Session["keys"] + "'"
--------------
要是编辑的话,你把这个取消注释
--------------------------------------------------------------------------------运行时错误
说明: 服务器上出现应用程序错误。此应用程序的当前自定义错误设置禁止远程查看应用程序错误的详细信息(出于安全原因)。但可以通过在本地服务器计算机上运行的浏览器查看。 详细信息: 若要使他人能够在远程计算机上查看此特定错误消息的详细信息,请在位于当前 Web 应用程序根目录下的“web.config”配置文件中创建一个 <customErrors> 标记。然后应将此 <customErrors> 标记的“mode”属性设置为“Off”。
<!-- Web.Config 配置文件 --><configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
注释: 通过修改应用程序的 <customErrors> 配置标记的“defaultRedirect”属性,使之指向自定义错误页的 URL,可以用自定义错误页替换所看到的当前错误页。
<!-- Web.Config 配置文件 --><configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>