ASP.NET/VB.NET/SQL Server 2012-页面不断加载

Question

I'm trying to run this code, and whenever I press the 'Register' button, nothing is happening (the page is like loading but stays on the same page)

Code:

 Public Sub register()



    Dim Username As String = txtUsername.Text
    Dim Surname As String = txtSurname.Text
    Dim Password As String = txtPassword.Text
    Dim Name As String = txtName.Text
    Dim Address1 As String = txtAddress1.Text
    Dim Address2 As String = txtAddress2.Text
    Dim City As String = txtCity.Text
    Dim Email As String = txtEmail.Text
    Dim Country As String = drpCountry.Text
    Dim DOB As Date = calDOB.SelectedDate
    Dim Occupation As String = txtOccupation.Text
    Dim WorkLocation As String = txtWorkLocation.Text
    Dim Age As Integer = Date.Today.Year - calDOB.SelectedDate.Year


    Dim ProjectManager As String = "N/A"
    Dim TeamLeader As String = "N/A"
    Dim TeamLeaderID As Integer = "1"
    Dim ProjectManagerID As Integer = "1"

    Dim RegistrationDate As Date = DateTime.Today
    Dim ContractType As String = "N/A"
    Dim ContractDuration As Integer = 6
    Dim Department As String = "N/A"

    Dim conn As New SqlConnection("Data Source=BRIAN-PC\SQLEXPRESS;Initial Catalog=master_db;Integrated Security=True")
    Dim registerSQL As SqlCommand
    Dim sqlComm As String

    Dim validateSQL As SqlCommand

    Dim sqlValidate As String

    sqlValidate = "SELECT * FROM users  where username=" + txtUsername.Text.ToString

    sqlComm = "INSERT INTO users(Username, Password, Name, Surname, Address1, Address2, " +
        "City, Country, date_of_birth, age, Occupation, department, work_location, " +
        "project_manager,team_leader, team_leader_id, project_manager_id, " +
        "date_registration, contract_type, contract_duration) " +
        "VALUES(@p1, @p2,@p3,@p4,@p5,@p6,@p7,@p8,@p9,@p10,@p11,@p12,@p13,@p14,@p15," +
        "@p16,@p17,@p18,@p19,@p20)"

    conn.Open()

    validateSQL = New SqlCommand(sqlValidate, conn)
    Dim dr As SqlDataReader = validateSQL.ExecuteReader()

    If dr.HasRows = False Then


        validateSQL = New SqlCommand(sqlValidate, conn)
        validateSQL.CommandText = sqlValidate

        Dim reader As SqlDataReader = validateSQL.ExecuteReader()
        reader.Read()

        registerSQL = New SqlCommand(sqlComm, conn)
        registerSQL.Parameters.AddWithValue("@p1", Username)
        registerSQL.Parameters.AddWithValue("@p2", Password)
        registerSQL.Parameters.AddWithValue("@p3", Name)
        registerSQL.Parameters.AddWithValue("@p4", Surname)
        registerSQL.Parameters.AddWithValue("@p5", Address1)
        registerSQL.Parameters.AddWithValue("@p6", Address2)
        registerSQL.Parameters.AddWithValue("@p7", City)
        registerSQL.Parameters.AddWithValue("@p8", Country)
        registerSQL.Parameters.AddWithValue("@p9", DOB)
        registerSQL.Parameters.AddWithValue("@p10", Age)
        registerSQL.Parameters.AddWithValue("@p11", Occupation)
        registerSQL.Parameters.AddWithValue("@p12", Department)
        registerSQL.Parameters.AddWithValue("@p13", WorkLocation)
        registerSQL.Parameters.AddWithValue("@p14", ProjectManager)
        registerSQL.Parameters.AddWithValue("@p15", TeamLeader)
        registerSQL.Parameters.AddWithValue("@p16", TeamLeaderID)
        registerSQL.Parameters.AddWithValue("@p17", ProjectManagerID)
        registerSQL.Parameters.AddWithValue("@p18", RegistrationDate)
        registerSQL.Parameters.AddWithValue("@p19", ContractType)
        registerSQL.Parameters.AddWithValue("@p20", ContractDuration)

        registerSQL.ExecuteNonQuery()

        conn.Close()

    ElseIf dr.HasRows = True Then


        lblUsername.Text = "That Username (" + txtUsername.Text + ") is already registered/taken."
        lblUsername.Visible = True
        conn.Close()

    End If


End Sub

Button event handler:

Protected Sub btnRegister_Click(sender As Object, e As EventArgs) Handles btnRegister.Click

    register()


End Sub

Is something wrong with the code?

Answer 1

From MSDN

While the SqlDataReader is being used, the associated SqlConnection is busy serving the SqlDataReader, and no other operations can be performed on the SqlConnection other than closing it. This is the case until the Close method of the SqlDataReader is called. For example, you cannot retrieve output parameters until after you call Close.

It appears that you have the SqlDataReader open when you try to execute the insert command.
I will try to close it before using the insert command

If dr.HasRows = False Then
    dr.Close()

    ' The following lines are probably a remainder of a copy/paste operation'
    ' They are not needed and you should remove them'

    'validateSQL = New SqlCommand(sqlValidate, conn)'
    'validateSQL.CommandText = sqlValidate'
    'Dim reader As SqlDataReader = validateSQL.ExecuteReader()'
    'reader.Read()'

    ' Now execute the insert command

Also your command to check for the user presence, apart from perfomance arguments, is wrong because introduces Sql Injection possibilities.

Summarizing try with these changes....

 sqlValidate = "SELECT * FROM users  where username=@uname"
 validateSQL = New SqlCommand(sqlValidate, conn)
 validateSQL.Parameters.AddWithValue("@uname", txtUserName.Text)
 Dim dr As SqlDataReader = validateSQL.ExecuteReader()
 Dim userFound = dr.HasRows
 dr.Close()
 if userFound = False then
    ......