堆栈内存溢出
  简体   繁体   English

使用aspx格式的经典asp插入数据

[英]insert data with classic asp in aspx form

 原文  2013-04-02 08:17:04       asp.net/ sql/ asp-classic

问题描述

I am using parameterised query for inserting the data in aspx page with classic asp. 我正在使用参数化查询在具有经典asp的aspx页面中插入数据。 Below is my code : 下面是我的代码: 

cmd = Server.CreateObject("ADODB.Command")
cmd.CommandText = "insert into Sponsor_Inputs 
(sponsor,Spon_Username,Spon_PASSWORD,Spon_First_Name,Spon_Last_Name,Spon_Co_Name,Spon_E_Mail,
  Spon_Phone,Spon_TOU,Remote_Computer_Name,Browser_Type,
  unsub_notif,Spon_CurrentMsg_NL,Spon_Pic_NL,Spon_Web_NL,Spon_Email_NL,
  Spon_YourName_NL,Spon_Phone_NL,Spon_Email,Spon_PhoneBan,Spon_Logo,Spon_YourName,
  Spon_Pic,featurestring,spon_fr_alias,spon_em_addr,spon_sub_line,spon_add_msg,
  spon_add_msg2,Spon_Current_Msg,newsletter_template) 
  values 
     (@sponsor ,@Spon_Username ,@Spon_PASSWORD ,@Spon_First_Name ,@Spon_Last_Name 
      ,@Spon_Co_Name ,@Spon_E_Mail ,@Spon_Phone ,@Spon_TOU ,@Remote_Computer_Name 
      ,@Browser_Type ,@unsub_notif ,@Spon_CurrentMsg_NL ,@Spon_Pic_NL ,@Spon_Web_NL 
      ,@Spon_Email_NL ,@Spon_YourName_NL ,@Spon_Phone_NL ,@Spon_Email ,@Spon_PhoneBan 
      ,@Spon_Logo ,@Spon_YourName ,@Spon_Pic ,@featurestring ,@spon_fr_alias ,@spon_em_addr 
      ,@spon_sub_line ,@spon_add_msg ,@spon_add_msg2 ,@Spon_Current_Msg ,
     @newsletter_template )"
cmd.CommandType = CommandType.Text                               
cmd.Parameters.Append(cmd.CreateParameter("@sponsor", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, sponsor))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Username", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Username))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_PASSWORD", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_PASSWORD))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_First_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_First_Name))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Last_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_Last_Name))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Co_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 300, Spon_Co_Name))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_E_Mail", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_E_Mail))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Phone", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Phone))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_TOU", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_TOU))
cmd.Parameters.Append(cmd.CreateParameter("@Remote_Computer_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Remote_Computer_Name))
cmd.Parameters.Append(cmd.CreateParameter("@Browser_Type", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Browser_Type))
cmd.Parameters.Append(cmd.CreateParameter("@unsub_notif", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, unsub_notif))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_CurrentMsg_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_CurrentMsg_NL))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Pic_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Pic_NL))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Web_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 250, Spon_Web_NL))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Email_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_Email_NL))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_YourName_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 300, Spon_YourName_NL))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Phone_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Phone_NL))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Email", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_Email))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_PhoneBan", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_PhoneBan))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Logo", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Logo))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_YourName", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, Spon_YourName))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Pic", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Pic))
cmd.Parameters.Append(cmd.CreateParameter("@featurestring", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , featurestring))
cmd.Parameters.Append(cmd.CreateParameter("@spon_fr_alias", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, spon_fr_alias))
cmd.Parameters.Append(cmd.CreateParameter("@spon_em_addr", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, spon_em_addr))
cmd.Parameters.Append(cmd.CreateParameter("@spon_sub_line", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , spon_sub_line))
cmd.Parameters.Append(cmd.CreateParameter("@spon_add_msg", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, spon_add_msg))
cmd.Parameters.Append(cmd.CreateParameter("@spon_add_msg2", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , spon_add_msg2))
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Current_Msg", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Current_Msg))
cmd.Parameters.Append(cmd.CreateParameter("@newsletter_template", System.Data.SqlDbType.NChar, System.Data.ParameterDirection.Input, 1, newsletter_template))
rs = Server.CreateObject("ADODB.Recordset")
rs = cmd.Execute

Using above code i am getting below error : 使用上面的代码,我得到以下错误:

Arguments are of the wrong type, are out of acceptable range, or are in conflict with one another. 参数的类型错误,超出可接受范围或彼此冲突。 

Description: An unhandled exception occurred during the execution of the current web request.
Please review the stack trace for more information about the error and where it originated 
in the code.

Exception Details: 异常详细信息: 

System.Runtime.InteropServices.COMException: Arguments are of the wrong type, are out of 
acceptable range, or are in conflict with one another.

Source Error: 源错误: 

Line 858:                                        
Line 859:                                    
Line 860:                                          
cmd.Parameters.Append(cmd.CreateParameter("@sponsor", System.Data.SqlDbType.VarChar,   
System.Data.ParameterDirection.Input, 200, sponsor))
Line 861:                                          
cmd.Parameters.Append(cmd.CreateParameter("@Spon_Username", System.Data.SqlDbType.VarChar,     
System.Data.ParameterDirection.Input, 50, Spon_Username))
Line 862:                                        
cmd.Parameters.Append(cmd.CreateParameter("@Spon_PASSWORD", System.Data.SqlDbType.VarChar, 
System.Data.ParameterDirection.Input, 50, Spon_PASSWORD))

What's wrong in it ? 里面怎么了 I used the syntax from here : How do I run a parameterized SQL query in classic ASP? 我从这里使用了语法: 如何在经典ASP中运行参数化SQL查询? And is it secure? 而且安全吗?

Thanks in advance. 提前致谢。

1 个解决方案

解决方案1
 0  2013-04-02 16:58:43

Error is definitely caused by the constants you supply for cmd.CommandType and all .NET constants that you use for the parameters. 错误肯定是由您为cmd.CommandType提供的常量以及用于参数的所有.NET常量引起的。 Use constants as per ADO's specifications. 根据ADO的规范使用常量。

Also experiment with "?" 还要尝试“?” instead of named parameters inside the SQL. 而不是SQL中的命名参数。 It's been some time sonce I last did this, but I seem to remember that I had problems using named parameters in the SQL. 我上次这样做已经有一段时间了,但是我似乎记得我在SQL中使用命名参数时遇到了问题。 This is working code from a solution I maintain: 这是我维护的解决方案中的有效代码: 

strSQL = ...
strSQL = strSQL & "WHERE col1 = 1 AND col2 = 1 AND col3 = ? AND col4 != somevalue "
...
Set objParameter = cmd.CreateParameter("@NamedParamHereIsOk", adInteger, adParamInput, 5) 'Use constants as per "classic" ADO specifications'
objParameter.value = some_value
cmd.Parameters.Append objParameter

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Aspx中的IFRAME中的ClassiC ASP - ClassiC ASP inside a IFRAME in Aspx 在jQuery中以经典asp加载aspx页面 - loading aspx page in classic asp in jquery 在经典ASP中具有实体数据源的ASPX页面 - aspx page with entity datasource in classic asp aspx页面上的经典asp页面httprequest? - classic asp page httprequest on aspx page? 从ASPX调用经典的ASP函数 - Call classic ASP function from ASPX 将.Net表单数据动态地发布到经典的asp页面 - Post .Net form data to classic asp page dynamically Webconfig URL重写以隐藏Classic ASP ext,但不隐藏.aspx或其他ext - Webconfig URL Rewrite to Hide Classic ASP ext but not .aspx or other ext 经典的ASP形式到perl,反之亦然 - Classic ASP form to perl and vice-versa ASP.NET和经典HTML表单 - ASP.NET and the classic HTML form 如何在不带斜杠的情况下将表单数据发布到url? iis6,asp classic或.net - How can I post form data to a url without a trailing slash? iis6, asp classic or .net
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM