0

我正在尝试使我的更新功能正常工作。我已经包含了 txtPassword 和 txtConfirmPassword 文本框。这两个文本框必须在更新之前匹配,但是我收到此错误:

ExecuteNonQuery: CommandText property has not been initialized

我怎样才能让它工作?这是我的代码:

protected void btnUpdateAccount_Click(object sender, EventArgs e)
{
    con.Open();
    SqlCommand cmd = new SqlCommand();
    cmd.Connection = con;
    if (txtPassword.Text == "")
    {
        cmd.CommandText = "UPDATE Users SET EmailAddress=@EmailAddress, FirstName=@FirstName, " +
            "LastName=@LastName, Street=@Street, Municipality=@Municipality, City=@City, ZipCode=@ZipCode, ContactNo=@ContactNo, Image=@Image " +
            "WHERE UserID=@UserID";
    }
    else
    {
        if (txtConfirmPassword != txtPassword)
        {
            pnlInconsistent.Visible = true;
        }
        else
        {
            cmd.CommandText = "UPDATE Users SET Password=@Password, EmailAddress=@EmailAddress, FirstName=@FirstName, " +
                "LastName=@LastName, Street=@Street, Municipality=@Municipality, City=@City, ZipCode=@ZipCode, ContactNo=@ContactNo, Image=@Image " +
                "WHERE UserID=@UserID";
        }
        cmd.Parameters.Add("@EmailAddress", SqlDbType.NVarChar).Value = txtEmail.Text;
        cmd.Parameters.Add("@Password", SqlDbType.NVarChar).Value = Helper.CreateSHAHash(txtPassword.Text);
        cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = txtFN.Text;
        cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = txtLN.Text;
        //cmd.Parameters.Add("@Address", SqlDbType.NVarChar).Value = txtAddress.Text;
        cmd.Parameters.Add("@Street", SqlDbType.NVarChar).Value = txtStreet.Text;
        cmd.Parameters.Add("@Municipality", SqlDbType.NVarChar).Value = txtMunicipality.Text;
        cmd.Parameters.Add("@City", SqlDbType.NVarChar).Value = txtCity.Text;
        cmd.Parameters.Add("@ZipCode", SqlDbType.NVarChar).Value = txtZipCode.Text;
        cmd.Parameters.Add("@ContactNo", SqlDbType.NVarChar).Value = txtContact.Text;
        cmd.Parameters.Add("@UserID", SqlDbType.Int).Value = Session["UserID"].ToString();
        if (fuImage.HasFile)
        {
            cmd.Parameters.Add("@Image", SqlDbType.Text).Value = "~/images/" + fuImage.FileName;
            fuImage.SaveAs(Server.MapPath("~/images/" + fuImage.FileName));
        }
        else
        {
            cmd.Parameters.Add("@Image", SqlDbType.Text).Value = imgAvatar.ImageUrl;
        }


        if (txtPassword.Text != "")
        {
            cmd.Parameters.Add("@Password", SqlDbType.NVarChar).Value =
                Helper.CreateSHAHash(txtPassword.Text);
        }


        cmd.ExecuteNonQuery();
        con.Close();
        GetProfileInfo();

        pnlUpdated.Visible = true;
        Helper.AddLog(Session["userid"].ToString(), "Update", "Updated Profile Information");
        GetProfileInfo();
    }

}

4

2 回答 2

0

看起来如果这if (txtConfirmPassword != txtPassword)是真的,更新查询将始终执行,并且commandText参数不会被设置为cmd.ExecuteNonQuery();不是else语句的一部分,它可能应该是。我猜如果密码和 txtPassword 和 txtConfirmPassword 不匹配,您想停止执行查询,但我没有看到这种情况发生。

此外,此 if-check 似乎是多余的,因为它仅在 txtPassword 不为空时执行:

if (txtPassword.Text != "")
        {
            cmd.Parameters.Add("@Password", SqlDbType.NVarChar).Value =
                Helper.CreateSHAHash(txtPassword.Text);
        }
于 2013-07-07T08:35:32.360 回答
0

您的代码还会在where未初始化cmd.ExecuteNonQuery();的情况下执行 line 。txtConfirmPassword != txtPasswordCommandText

return;在以下情况下添加一个pnlInconsistent.Visible = true;

if (txtConfirmPassword != txtPassword)
{
    pnlInconsistent.Visible = true;
    return;
}

或将所有这些包装在您cmd.Parameters.Add()cmd.ExecuteNonQuery();嵌套中else

else
{
    cmd.CommandText = "UPDATE Users SET Password=@Password, EmailAddress=@EmailAddress, FirstName=@FirstName, " + "LastName=@LastName, Street=@Street, Municipality=@Municipality, City=@City, ZipCode=@ZipCode, ContactNo=@ContactNo, Image=@Image " + "WHERE UserID=@UserID";
    cmd.Parameters.Add("@EmailAddress", SqlDbType.NVarChar).Value = txtEmail.Text;
    cmd.Parameters.Add("@Password", SqlDbType.NVarChar).Value = Helper.CreateSHAHash(txtPassword.Text);
    cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = txtFN.Text;
    cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = txtLN.Text;
    //cmd.Parameters.Add("@Address", SqlDbType.NVarChar).Value = txtAddress.Text;
    cmd.Parameters.Add("@Street", SqlDbType.NVarChar).Value = txtStreet.Text;
    cmd.Parameters.Add("@Municipality", SqlDbType.NVarChar).Value = txtMunicipality.Text;
    cmd.Parameters.Add("@City", SqlDbType.NVarChar).Value = txtCity.Text;
    cmd.Parameters.Add("@ZipCode", SqlDbType.NVarChar).Value = txtZipCode.Text;
    cmd.Parameters.Add("@ContactNo", SqlDbType.NVarChar).Value = txtContact.Text;
    cmd.Parameters.Add("@UserID", SqlDbType.Int).Value = Session["UserID"].ToString();
    if (fuImage.HasFile)
    {
        cmd.Parameters.Add("@Image", SqlDbType.Text).Value = "~/images/" + fuImage.FileName;
        fuImage.SaveAs(Server.MapPath("~/images/" + fuImage.FileName));
    }
    else
    {
        cmd.Parameters.Add("@Image", SqlDbType.Text).Value = imgAvatar.ImageUrl;
    }


    if (txtPassword.Text != "")
    {
        cmd.Parameters.Add("@Password", SqlDbType.NVarChar).Value =
            Helper.CreateSHAHash(txtPassword.Text);
    }


    cmd.ExecuteNonQuery();
    con.Close();
    GetProfileInfo();

    pnlUpdated.Visible = true;
    Helper.AddLog(Session["userid"].ToString(), "Update", "Updated Profile Information");
    GetProfileInfo();
}
于 2013-07-07T08:41:11.937 回答