开发者

problem with inserting from textbox to sql

问答 作者:

here is my code

SqlCommand insert_user = new SqlCommand("insert into dbo.users (username,password,firstname,lastname,address,country,city,phonenumber,gender,email) VALUES (' bader','123','beno','venp','33','pal','d',''1234','male'," + @TextBox3.Text + ");", badersql);

what i am trying is to insert from textbox3.text to my sql email column , the problem is when i try that , this error msg during debuging popups " Error 9 The name 'TextBox3' does not exist in the current context".

i tried '" + TextBox3.text + "' with @ and without , same problem

if it helps , here is all my code 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data.Sql;

public partial class Default4 : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Button1_Click(object sender, EventArgs e)
    {


        SqlConnection badersql = new SqlConnection("Data Source=BADER-VAIO\\SQLEXPRESS;Initial Catalog=webage;Persist Security Info=True;User ID=sa;Password=123");

        badersql.Open();
        SqlCommand insert_user = new SqlCommand("insert into dbo.users (username,password,firstname,lastname,address,country,city,phonenumber,gender,email) VALUES (' bader','123','beno','venp','33','pal','d',''1234','male'," + @TextBox3.Text + ");", badersql);

        insert_user.ExecuteNonQuery();
        //insert into webpage.dbo.users (username,password,firstname,l开发者_C百科astname,address,country,city,phonenumber,gender,email) VALUES (' bader','123','beno','venp','33','pal','d',''1234','male','pal@pal.com');
        badersql.Close();


    }


    protected void RadioButton1_CheckedChanged(object sender, EventArgs e)
    {


    }
}

any suggestions ?

regards,

You don't have a server side control with the ID TextBox3 on your .aspx page. Did you rename it or remove it?

As an aside - this is wide open to SQL Injection attacks - you should be using parameterized queries instead of string concatenation.

Is that a typo in your question or in your code? ''1234' ?

it works , i was trying to debug the .cs page itself , thats why the erorr pop ups , thanks everyone for your help

继续阅读:asp.netsqlvisual-studio-2010

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9