堆栈内存溢出
  简体   繁体   English

为什么此SQL语句给我一个无效的列名错误?

[英]Why is this SQL statement giving me an invalid column name error?

 原文  2016-05-05 17:59:03       sql/ sql-server/ database/ parameters

问题描述

I'm trying to use an SQL select statement to read from a database to validate a login form. 我正在尝试使用SQL select语句从数据库中读取以验证登录表单。 The problem I'm having is its telling me its an invalid column name. 我遇到的问题是它告诉我其无效的列名。 

SELECT * FROM users
WHERE [username] = @theusername  
AND [password] = @thepassword

where @theusername is a parameratized value of "Rymo_18", and the password is, for the sake of argument, "password". 其中,@ theusername是“ Rymo_18”的参数化值,而出于参数目的,密码是“ password”。

The errors I get are: 我得到的错误是:

Invalid column name 'Rymo_18'. 无效的列名“ Rymo_18”。

Invalid column name 'password' 无效的列名“密码”

Don't know why I'm getting those errors. 不知道为什么我会收到这些错误。 I've tried swapping the values around the = sign, tried using values directly (username = "Rymo_18") and all other matters of fiddling to fix it, and I've had no luck. 我尝试过在=号附近交换值,尝试直接使用值(用户名=“ Rymo_18”)以及其他所有要解决它的问题,但我没有运气。 There are no other tables called 'user' within my Database. 我的数据库中没有其他表称为“用户”。

EDIT: Here's the code as it appears in the C# I'm using: 编辑:这是它在我正在使用的C#中显示的代码: 

string user = unametext.Text;
        string pword = pwordtext.Text;

        string connectionstring = WebConfigurationManager.ConnectionStrings["elmtreeconnect"].ConnectionString;

        SqlConnection myconnection = new SqlConnection(connectionstring);

        myconnection.Open();

        string query = "SELECT * FROM users WHERE (username= @theusername OR email = @theusername) AND password = @thepassword";

        SqlCommand attemptLogin = new SqlCommand(query, myconnection);

        attemptLogin.Parameters.AddWithValue("@theusername", user);
        attemptLogin.Parameters.AddWithValue("@thepassword", pword);

        SqlDataReader rdr = attemptLogin.ExecuteReader();

        if (rdr.HasRows)
        {
            Session["user"] = rdr["username"].ToString();
            Session["id"] = rdr["id"].ToString();
            Session["type"] = rdr["accountType"].ToString();

            Response.Redirect("loginsuccess.aspx");
        }
        else
        {
            unametext.Text = "";
            pwordtext.Text = "";

            statusLabel.Text = "Login failed. Please try again, or contact info@elmtree.co.uk for assistance";

        }

Thanks for the help! 谢谢您的帮助!

1 个解决方案

解决方案1
 0  2016-05-05 20:24:35

string query = "select 1 from users where username=@theusername and password=@password";
...
if(rdr.Read()){
...
}

exists should be used in if exists(select...) if exists(select...) exists则应使用if exists(select...)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 SQL语句给我以下错误消息模糊列名称 - SQL statement is giving me the following error message Ambiguous column name SQL语句给我一个错误? - SQL Statement Giving me an error? 添加后的 SQL 更新列给出“无效的列名”错误 - SQL Updating column after adding it giving "Invalid column name" error 来自OpenQuery结果的SQL语句中的“无效的列名”错误 - “Invalid column name” error on SQL statement from OpenQuery results 在 Python 中写入 SQL 语句时出现列名无效的错误 - Getting error that invalid column name while writing SQL statement in Python SQL插入到给无效列错误 - SQL Insert into giving Invalid column error 为什么给我一个SQL语法错误? - Why is is giving me an SQL syntax error? SQL中的“无效的列名”错误 - “Invalid column name” error in SQL SQL无效的列名称错误 - SQL invalid column name error 列名无效 C# SQL 语句 - Invalid column name C# SQL statement
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM