ASP.NET/VB.NET/SQL Server 2012 - 页面不断加载

Posted 2023-04-18

【中文标题】ASP.NET/VB.NET/SQL Server 2012 - 页面不断加载

【英文标题】：ASP.NET/VB.NET/SQL Server 2012 - Page keeps loading

【发布时间】：2013-03-31 14:37:17

【问题描述】：

我正在尝试运行此代码，但每当我按下“注册”按钮时，什么都没有发生（页面就像加载但停留在同一页面上）

代码：

 Public Sub register()



    Dim Username As String = txtUsername.Text
    Dim Surname As String = txtSurname.Text
    Dim Password As String = txtPassword.Text
    Dim Name As String = txtName.Text
    Dim Address1 As String = txtAddress1.Text
    Dim Address2 As String = txtAddress2.Text
    Dim City As String = txtCity.Text
    Dim Email As String = txtEmail.Text
    Dim Country As String = drpCountry.Text
    Dim DOB As Date = calDOB.SelectedDate
    Dim Occupation As String = txtOccupation.Text
    Dim WorkLocation As String = txtWorkLocation.Text
    Dim Age As Integer = Date.Today.Year - calDOB.SelectedDate.Year


    Dim ProjectManager As String = "N/A"
    Dim TeamLeader As String = "N/A"
    Dim TeamLeaderID As Integer = "1"
    Dim ProjectManagerID As Integer = "1"

    Dim RegistrationDate As Date = DateTime.Today
    Dim ContractType As String = "N/A"
    Dim ContractDuration As Integer = 6
    Dim Department As String = "N/A"

    Dim conn As New SqlConnection("Data Source=BRIAN-PC\SQLEXPRESS;Initial Catalog=master_db;Integrated Security=True")
    Dim registerSQL As SqlCommand
    Dim sqlComm As String

    Dim validateSQL As SqlCommand

    Dim sqlValidate As String

    sqlValidate = "SELECT * FROM users  where username=" + txtUsername.Text.ToString

    sqlComm = "INSERT INTO users(Username, Password, Name, Surname, Address1, Address2, " +
        "City, Country, date_of_birth, age, Occupation, department, work_location, " +
        "project_manager,team_leader, team_leader_id, project_manager_id, " +
        "date_registration, contract_type, contract_duration) " +
        "VALUES(@p1, @p2,@p3,@p4,@p5,@p6,@p7,@p8,@p9,@p10,@p11,@p12,@p13,@p14,@p15," +
        "@p16,@p17,@p18,@p19,@p20)"

    conn.Open()

    validateSQL = New SqlCommand(sqlValidate, conn)
    Dim dr As SqlDataReader = validateSQL.ExecuteReader()

    If dr.HasRows = False Then


        validateSQL = New SqlCommand(sqlValidate, conn)
        validateSQL.CommandText = sqlValidate

        Dim reader As SqlDataReader = validateSQL.ExecuteReader()
        reader.Read()

        registerSQL = New SqlCommand(sqlComm, conn)
        registerSQL.Parameters.AddWithValue("@p1", Username)
        registerSQL.Parameters.AddWithValue("@p2", Password)
        registerSQL.Parameters.AddWithValue("@p3", Name)
        registerSQL.Parameters.AddWithValue("@p4", Surname)
        registerSQL.Parameters.AddWithValue("@p5", Address1)
        registerSQL.Parameters.AddWithValue("@p6", Address2)
        registerSQL.Parameters.AddWithValue("@p7", City)
        registerSQL.Parameters.AddWithValue("@p8", Country)
        registerSQL.Parameters.AddWithValue("@p9", DOB)
        registerSQL.Parameters.AddWithValue("@p10", Age)
        registerSQL.Parameters.AddWithValue("@p11", Occupation)
        registerSQL.Parameters.AddWithValue("@p12", Department)
        registerSQL.Parameters.AddWithValue("@p13", WorkLocation)
        registerSQL.Parameters.AddWithValue("@p14", ProjectManager)
        registerSQL.Parameters.AddWithValue("@p15", TeamLeader)
        registerSQL.Parameters.AddWithValue("@p16", TeamLeaderID)
        registerSQL.Parameters.AddWithValue("@p17", ProjectManagerID)
        registerSQL.Parameters.AddWithValue("@p18", RegistrationDate)
        registerSQL.Parameters.AddWithValue("@p19", ContractType)
        registerSQL.Parameters.AddWithValue("@p20", ContractDuration)

        registerSQL.ExecuteNonQuery()

        conn.Close()

    ElseIf dr.HasRows = True Then


        lblUsername.Text = "That Username (" + txtUsername.Text + ") is already registered/taken."
        lblUsername.Visible = True
        conn.Close()

    End If


End Sub

按钮事件处理程序：

Protected Sub btnRegister_Click(sender As Object, e As EventArgs) Handles btnRegister.Click

    register()


End Sub

代码有问题吗？

【问题讨论】：

哪个代码调用了这个子？这不是事件处理程序，您还没有显示处理单击事件的代码。

@Steve 我更新了问题。谢谢！

【参考方案1】：

From MSDN

在使用 SqlDataReader 时，关联的 SqlConnection 是 忙于服务SqlDataReader，不能进行其他操作 在 SqlConnection 上执行而不是关闭它。情况就是这样 直到调用 SqlDataReader 的 Close 方法。例如， 在调用 Close 之前，您无法检索输出参数。

当您尝试执行插入命令时，似乎打开了 SqlDataReader。 我会在使用插入命令之前尝试关闭它

If dr.HasRows = False Then
    dr.Close()

    ' The following lines are probably a remainder of a copy/paste operation'
    ' They are not needed and you should remove them'

    'validateSQL = New SqlCommand(sqlValidate, conn)'
    'validateSQL.CommandText = sqlValidate'
    'Dim reader As SqlDataReader = validateSQL.ExecuteReader()'
    'reader.Read()'

    ' Now execute the insert command

除了性能参数之外，您检查用户存在的命令也是错误的，因为引入了 Sql Injection 可能性。

总结尝试这些变化......

 sqlValidate = "SELECT * FROM users  where username=@uname"
 validateSQL = New SqlCommand(sqlValidate, conn)
 validateSQL.Parameters.AddWithValue("@uname", txtUserName.Text)
 Dim dr As SqlDataReader = validateSQL.ExecuteReader()
 Dim userFound = dr.HasRows
 dr.Close()
 if userFound = False then
    ......

【讨论】：

所以我删除了额外的打开连接，现在我在validateSQL = New SqlCommand(sqlValidate, conn) Dim dr As SqlDataReader = validateSQL.ExecuteReader() conn.Close() 中遇到另一个错误，错误是：无效的列名'cdarwin'。 （其中 cdarwin 是在用户名文本框中输入的用户名）

否conn.Close()，这会关闭连接，是DataReader需要关闭dr.Close()....

列名无效，因为您不使用参数（并且在原始命令中您忘记了单引号）

好的，谢谢！你知道为什么它给我这个错误：sqlValidate = "SELECT * FROM users where username=" + txtUsername.Text.ToString

错误是Invalid column name 'cdarwin'.（其中 cdarwin 是在用户名文本框中输入的用户名