各位高手。我用vs2005写了一个.aspx页面,功能是注册用户,数据库中业务员编号(字段名ClNo)不能超过3个字符,且为主键。代码如下。出现了这样一个问题:在本机服务器上调试可正常插入新用户到数据库中,并转到指定页。但在另一台计算机作为客户端浏览时,明明按要求输入了数据,却总提示"提交数据不成功,用户编号未按规定设置或已被使用!"(该提示是代码中自定义的提示文字)实在不知道什么原因,请高手给我分析分析。感激!using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Drawing;
using System.Text;
using System.ComponentModel;
using System.Web.SessionState;public partial class NewUser : System.Web.UI.Page
{
public DataSet ds;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void BtnSubmit_Click(object sender, EventArgs e)
{
// if (Context.User.Identity.IsAuthenticated)
// UpdateUser();
// else
InsertUser();
} private void InsertUser()
{
if (Page.IsValid)
{
SqlConnection con = new SqlConnection("Data Source=xy;Initial Catalog=ProManDB;Integrated Security=true");
string sql;
SqlCommand cmd;
//书上的方法
StringBuilder sb = new StringBuilder();
ArrayList values = new ArrayList();
sb.Append("INSERT INTO [Clerk] ");
sb.Append("(ClNo,ClFullName,ClPassword) ");
sb.Append("VALUES ('{0}','{1}','{2}')");
values.Add(txtClNo.Text.Trim());
values.Add(txtClFullName.Text.Trim());
values.Add(txtClPassword.Text.Trim());
sql = String.Format(sb.ToString(), values.ToArray());
cmd = new SqlCommand(sql, con);
con.Open(); bool doredirect = true; try
{
cmd.ExecuteNonQuery(); }
catch
{
doredirect = false; this.lblMessage.Text = "提交数据不成功,用户编号未按规定设置或已被使用!";
}
finally
{
con.Close();
} if (doredirect)
{
HttpCookie cn = new HttpCookie("clno");
cn.Values["ClNo"] = txtClNo.Text.Trim();
Response.Cookies.Add(cn);
Response.Redirect("Login.aspx");
} }
else
{
lblMessage.Text = "请按要求填写资料,并重新提交!"; } }
}
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Drawing;
using System.Text;
using System.ComponentModel;
using System.Web.SessionState;public partial class NewUser : System.Web.UI.Page
{
public DataSet ds;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void BtnSubmit_Click(object sender, EventArgs e)
{
// if (Context.User.Identity.IsAuthenticated)
// UpdateUser();
// else
InsertUser();
} private void InsertUser()
{
if (Page.IsValid)
{
SqlConnection con = new SqlConnection("Data Source=xy;Initial Catalog=ProManDB;Integrated Security=true");
string sql;
SqlCommand cmd;
//书上的方法
StringBuilder sb = new StringBuilder();
ArrayList values = new ArrayList();
sb.Append("INSERT INTO [Clerk] ");
sb.Append("(ClNo,ClFullName,ClPassword) ");
sb.Append("VALUES ('{0}','{1}','{2}')");
values.Add(txtClNo.Text.Trim());
values.Add(txtClFullName.Text.Trim());
values.Add(txtClPassword.Text.Trim());
sql = String.Format(sb.ToString(), values.ToArray());
cmd = new SqlCommand(sql, con);
con.Open(); bool doredirect = true; try
{
cmd.ExecuteNonQuery(); }
catch
{
doredirect = false; this.lblMessage.Text = "提交数据不成功,用户编号未按规定设置或已被使用!";
}
finally
{
con.Close();
} if (doredirect)
{
HttpCookie cn = new HttpCookie("clno");
cn.Values["ClNo"] = txtClNo.Text.Trim();
Response.Cookies.Add(cn);
Response.Redirect("Login.aspx");
} }
else
{
lblMessage.Text = "请按要求填写资料,并重新提交!"; } }
}
执行有问题
不过过程确实值得回味的!上面这位大侠。说我的这段代码可能不是一种安全规范的!请指点位置和解决办法。谢谢