堆栈内存溢出
  简体   繁体   English

Oracle select 查询是 C# 中的无效数字

[英]Oracle select query is invalid number in C#

 原文  2020-07-08 07:53:58       c#/ sql/ oracle

问题描述

I have a code that I use to login.我有一个用于登录的代码。 I call the data I get from textbox with a method and check the records with select query in the database.我使用一种方法调用从文本框中获取的数据,并使用数据库中的 select 查询检查记录。

I call to relevant method, when I press the button.当我按下按钮时,我会调用相关方法。

 private void btnGiris_Click(object sender, EventArgs e)
        {
            LoginBilgiler lb = new LoginBilgiler();
            bool sonuc = lb.GirisKontrol(txtAd.Text, txtSifre.Text);
        }

But I encounter errors in cmd.ExecuteReader the below.但是我在下面的 cmd.ExecuteReader 中遇到错误。

    public bool GirisKontrol(string ad,string sifre)
    {
        using (OracleConnection con = new OracleConnection(connectionString))
        {


            string query = String.Format("SELECT count(*) from Z_LABEL_USER where USERNAME=({0}) and PASSWORD=({1})", ad,sifre);
            OracleCommand cmd = new OracleCommand(query, con);
            con.Open();
            OracleDataReader dr = cmd.ExecuteReader();
          
            if (dr.HasRows)
            {
                kAdi = ad;
                con.Close();
                return true;
            }
            else
                con.Close();
                return false;
        }
    }

The table I use for the select query.我用于 select 查询的表。

在此处输入图像描述

Oracle.ManagedDataAccess.Client.OracleException: 'ORA-01722: invalid number' Oracle.ManagedDataAccess.Client.OracleException: 'ORA-01722: 无效号码'

1 个解决方案

解决方案1
 1 已采纳  2020-07-08 08:35:33

Please, don't hardcode parameters in SQL;请不要在 SQL 中硬编码参数; parametrize it instead:改为参数化它:

public bool GirisKontrol(string ad, string sifre) {
  //DONE: validate public methods' input
  if (string.IsNullOrEmpty(ad))
    return false; // or throw exception
  else if (string.IsNullOrEmpty(sifre))
    return false; // or throw exception

  using (OracleConnection con = new OracleConnection(connectionString)) {
    con.Open();

    //DONE: no need to count all the entires, just check if there's at least one 
    //DONE: keep query readable
    //DONE: paramterize queries   
    string query = 
      @"select 1 
          from Z_LABEL_USER 
         where USERNAME = :prm_UserName 
           and PASSWORD = :prm_Password";
    
    using (OracleCommand cmd = new OracleCommand(query, con)) {
      //TODO: this syntax can vary from library to library you use to work with Oracle
      cmd.Parameters.Add(":prm_UserName", OracleType.VarChar).Value = ad;
      cmd.Parameters.Add(":prm_Password", OracleType.VarChar).Value = sifre;

      using (OracleDataReader dr = cmd.ExecuteReader()) {
        if (dr.Read()) {
          //TODO: Side effect : it changes instance's state. Do you really want it?
          kAdi = ad;

          return true;
        }  
      }
    } 
  }
 
  return false;
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 来自C#的Oracle无效数字错误 - Oracle Invalid number error from C# 无效的查询C# - Invalid Query C# 在C#中执行包含子选择的Oracle查询 - Executing oracle query which contains sub-select in c# C#和Oracle Number数据类型 - C# and the Oracle Number Datatype Oracle编号为C#decimal - Oracle number to C# decimal C# - SELECT 查询受影响的行数始终为 -1 - C# - SELECT Query number of rows affected is always -1 C# Mongodb select 行在一次查询中按序号排列 - C# Mongodb select rows by their sequence number in one query C#Oracle试图传递字符串参数-ORA-01722:无效的数字 - C# oracle trying to pass string parameter - ORA-01722: invalid number ORA-01722:C#中INSERT上的无效数字 - Oracle 11g - ORA-01722: invalid number on INSERT in C# - Oracle 11g C#中的Oracle参数化查询 - Oracle Parameterized query in c#
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM