0

我试图更新我的个人资料,但它在更新时不断捕获旧数​​据。可以做些什么来解决这个问题。请帮我解决这个问题谢谢!

protected void Page_Load(object sender, EventArgs e)
{

    String nric = (String)Session["nric"];

    SqlConnection con = new SqlConnection("Data Source = localhost; Initial Catalog = MajorProject; Integrated Security= SSPI");
    con.Open();
    SqlCommand cm = new SqlCommand("Select * from MemberAccount where nric = '" + nric + "'", con);
    SqlDataReader dr;
    dr = cm.ExecuteReader();
    if (dr.Read())
    {
        txtFullName.Text = dr["fullname"].ToString();
        txtAddress.Text = dr["address"].ToString();
        txtContact.Text = dr["contact"].ToString();
        txtEmail.Text = dr["email"].ToString();
    }

    con.Close();

}

protected void btnUpdate_Click(object sender, EventArgs e)
{
    String nric = (String)Session["nric"];

    if (txtContact.Text.Equals("") || txtEmail.Text.Equals(""))
    {
        lblMessage.Text = "Do not leave blank fill to update your profile!";
    }
    else
    {    
        string strQuery = "Update MemberAccount Set address = '" + txtAddress.Text + "', contact = '" + txtContact.Text + "', email = '" + txtEmail.Text + "' Where nric = '" + nric + "'";
        SqlCommand cmd = new SqlCommand(strQuery);
        InsertUpdateData(cmd);
        lblMessage.ForeColor = System.Drawing.Color.Green;
        lblMessage.Text = "Profile Updated.";
    }
}
4

1 回答 1

5

听起来你可以在你的方法中应用一个IsPostBack检查。http://msdn.microsoft.com/en-us/library/system.web.ui.page.ispostback.aspxPage_Load

protected void Page_Load(object sender, EventArgs e)
{

    if (!IsPostBack) {
        // Load data
    }
}

注意:您的代码看起来容易受到 SQL 注入的影响。

于 2013-08-15T02:17:03.377 回答