参数化查询 '(@mbox varchar(150),@age int,@phone varchar(50),@address varchar' 需要参数 '@mbox',但未提供该参数。
public bool upinform()
{
conn = new SqlConnection(connstr);
string sql = "update admin set mailbox=@mbox,age=@age,phone=@phone,address=@address where username=@uname";
try
{
conn.Open();
SqlCommand comm = new SqlCommand(sql, conn);
comm.Parameters.Add("@mbox", SqlDbType.VarChar, 150);
comm.Parameters.Add("@age", SqlDbType.Int);
comm.Parameters.Add("@phone",SqlDbType.VarChar,50);
comm.Parameters.Add("@address",SqlDbType.VarChar,250);
comm.Parameters.Add("@uname",SqlDbType.VarChar,16);
comm.Parameters[0].Value = MailBox;
comm.Parameters[1].Value = Age;
comm.Parameters[2].Value = Phone;
comm.Parameters[3].Value = Address;
comm.Parameters[4].Value= UserName;
int rows = Convert.ToInt16(comm.ExecuteScalar());
if (rows > 0)
{
return true;
}
else
{
return false;
}
}
catch (System.Data.SqlClient.SqlException e)
{
throw new Exception(e.Message);
}
finally
{
conn.Close();
} }public partial class hout : System.Web.UI.Page
{
private string eid = "";
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if(Request.QueryString["username"]!=null)
{
eid = Request.QueryString["username"].ToString();
}
initu();
}
} private void initu()
{
Admin ad = new Admin();
ad.UserName = Session["username"].ToString();
ad.upinform();
} protected void btup_Click(object sender, EventArgs e)
{
Admin ad = new Admin();
ad.UserName = Session["username"].ToString();
ad.Age=int.Parse(upage.Text.Trim().Replace(" ",""));
ad.MailBox = mailbox.Text.Trim().Replace(" ", "");
ad.Phone = upphone.Text.Trim().Replace(" ", "");
ad.Address = uptbaddress.Text.Trim().Replace(" ", "");
if (!ad.upinform())
{
Response.Write("<script>alert(\'更新个人信息成功\');</script>");
Response.Redirect("edituser.aspx");
}
else
{
Response.Write("<script>alert(\'更新个人信息失败\');</script>");
} }
}
public bool upinform()
{
conn = new SqlConnection(connstr);
string sql = "update admin set mailbox=@mbox,age=@age,phone=@phone,address=@address where username=@uname";
try
{
conn.Open();
SqlCommand comm = new SqlCommand(sql, conn);
comm.Parameters.Add("@mbox", SqlDbType.VarChar, 150);
comm.Parameters.Add("@age", SqlDbType.Int);
comm.Parameters.Add("@phone",SqlDbType.VarChar,50);
comm.Parameters.Add("@address",SqlDbType.VarChar,250);
comm.Parameters.Add("@uname",SqlDbType.VarChar,16);
comm.Parameters[0].Value = MailBox;
comm.Parameters[1].Value = Age;
comm.Parameters[2].Value = Phone;
comm.Parameters[3].Value = Address;
comm.Parameters[4].Value= UserName;
int rows = Convert.ToInt16(comm.ExecuteScalar());
if (rows > 0)
{
return true;
}
else
{
return false;
}
}
catch (System.Data.SqlClient.SqlException e)
{
throw new Exception(e.Message);
}
finally
{
conn.Close();
} }public partial class hout : System.Web.UI.Page
{
private string eid = "";
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if(Request.QueryString["username"]!=null)
{
eid = Request.QueryString["username"].ToString();
}
initu();
}
} private void initu()
{
Admin ad = new Admin();
ad.UserName = Session["username"].ToString();
ad.upinform();
} protected void btup_Click(object sender, EventArgs e)
{
Admin ad = new Admin();
ad.UserName = Session["username"].ToString();
ad.Age=int.Parse(upage.Text.Trim().Replace(" ",""));
ad.MailBox = mailbox.Text.Trim().Replace(" ", "");
ad.Phone = upphone.Text.Trim().Replace(" ", "");
ad.Address = uptbaddress.Text.Trim().Replace(" ", "");
if (!ad.upinform())
{
Response.Write("<script>alert(\'更新个人信息成功\');</script>");
Response.Redirect("edituser.aspx");
}
else
{
Response.Write("<script>alert(\'更新个人信息失败\');</script>");
} }
}
comm.Parameters[0].Value = MailBox;
comm.Parameters[1].Value = Age;
comm.Parameters[2].Value = Phone;
comm.Parameters[3].Value = Address;
comm.Parameters[4].Value= UserName;
红色部分是否将值传入
comm.Parameters.Add("age", SqlDbType.Int);
comm.Parameters.Add("phone",SqlDbType.VarChar,50);
comm.Parameters.Add("address",SqlDbType.VarChar,250);
comm.Parameters.Add("uname",SqlDbType.VarChar,16);
comm.Parameters["mbox"].Value = MailBox;
comm.Parameters["age"].Value = Age;
comm.Parameters["phone"].Value = Phone;
comm.Parameters["address"].Value = Address;
comm.Parameters["uname"].Value= UserName;
试试看看
Admin
这个类是怎么写的,问题在Admin类
{
conn = new SqlConnection(connstr);
string sql = "update admin set mailbox=@mbox,age=@age,phone=@phone,address=@address where username=@uname";
try
{
conn.Open();
SqlCommand comm = new SqlCommand(sql, conn);
comm.Parameters.Add("@mbox", SqlDbType.VarChar, 150);
comm.Parameters.Add("@age", SqlDbType.Int);
comm.Parameters.Add("@phone",SqlDbType.VarChar,50);
comm.Parameters.Add("@address",SqlDbType.VarChar,250);
comm.Parameters.Add("@uname",SqlDbType.VarChar,16);
comm.Parameters[0].Value = MailBox;
comm.Parameters[1].Value = Age;
comm.Parameters[2].Value = Phone;
comm.Parameters[3].Value = Address;
comm.Parameters[4].Value= UserName;
int rows = Convert.ToInt16(comm.ExecuteScalar());
if (rows > 0)
{
return true;
}
else
{
return false;
}
}
catch (System.Data.SqlClient.SqlException e)
{
throw new Exception(e.Message);
}
finally
{
conn.Close();
} }
这个不就是admin的类了
从数据库里把值读出来,又update回数据库去?
private int id;
private string username;
private string userpass;
private string mailbox;
private int usertype;
private int age;
private string phone;
private string address;
public int Id
{
get { return id; }
set { id = value; }
}
public string UserName
{
get { return username; }
set { username = value; }
}
public string UserPass
{
get { return userpass; }
set { userpass = value; }
}
public string MailBox
{
get { return mailbox; }
set { mailbox = value; }
}
public int UserType
{
get { return usertype; }
set { usertype = value; }
}
public int Age
{
get { return age; }
set { age = value; }
}
public string Phone
{
get { return phone; }
set { phone = value; }
}
public string Address
{
get { return address;}
set { address = value; }
}
#endregion