0

我的代码是.......

  string PName = Request.QueryString["ProductName"] as string;
  string myDate = Request.QueryString["period"];

 string sql = "select FileName from tblProduct Where ProductName=" + PName;



    DateTime dt1 = Convert.ToDateTime(myDate);
    DateTime dt2 = DateTime.Now;
    TimeSpan variable = dt2 - dt1;
    if (variable.TotalMinutes > 5)
    {
        //Response.Write("Download time is expired now");
        lblmsg.Visible = true;
        lblmsg.Text = "Download time is expired now";
    }
    else
    {
        //string url1 = " http://www.shreehans.co.in/files/" + PName +"";
        //Response .Redirect ()
        lblmsg.Visible = true;
        lblmsg.Text = "U can Still Download";
    }

我的 URl 带有查询字符串参数......

mail.Body += string.Format("http://www.abc.co.in/Download.aspx?period=" + DateTime.Now + "&ProductName=" + productName + "\">演示下载");

4

3 回答 3

0

这将解决您的问题 

mail.Body += 
   string.Format("http://www.abc.co.in/Download.aspx?period=" + 
   DateTime.Now.ToString("dd-MMM-yyyy") + 
   "&ProductName=" + productName + "\">Demo Download");
于 2013-04-11T09:38:22.460 回答
0

如果您在 url(查询字符串)中包含日期,则应将其编码为Server.UrlEncode(DateTime.Now).

于 2013-04-11T08:36:55.533 回答
0

此外:

  1. \"构建 URI 时缺少 a 。
  2. 您的 SQL 代码容易受到 SQL 注入攻击。
于 2013-04-11T08:38:51.247 回答