-1

在注册页面我有错误

“C# .net ExecuteNonQuery:CommandText 属性尚未初始化”

但是,如果我在注册页面上对“cmd.ExecuteNonQuery”发表评论,则此错误会转到登录页面。我无法在此注册和登录。

登录页面:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Security;
using System.Web.Security;

public partial class Login : System.Web.UI.Page
{
    //SqlConnection con = new SqlConnection("Data Source=LENOVO;Initial Catalog=Onl9Shopping;Persist Security Info=True;User ID=sa;Password=123"); 
    SqlConnection con = new SqlConnection("Data Source=localhost;Initial Catalog=Onl9Shopping;Trusted_Connection=Yes;;Pooling=False");

    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void ImageButton4_Click(object sender, ImageClickEventArgs e)
    {
        SqlCommand cmd = new SqlCommand();
        cmd.CommandText="checksecurity ";
        cmd.CommandType = CommandType.StoredProcedure;
        cmd.Connection = con;
        con.Open();

        cmd.Parameters.AddWithValue("@username", Txtusername.Text);
        cmd.Parameters.AddWithValue("@password", Txtpassword.Text);

        SqlParameter p1 = new SqlParameter("@ret", SqlDbType.Int);
        p1.Direction = ParameterDirection.ReturnValue;
        cmd.Parameters.Add(p1);

        SqlParameter p2 = new SqlParameter("@status", SqlDbType.VarChar, 50);
        p2.Direction = ParameterDirection.Output;
        cmd.Parameters.Add(p2);

        SqlParameter p3 = new SqlParameter("@name", SqlDbType.VarChar, 50);
        p3.Direction = ParameterDirection.Output;
        cmd.Parameters.Add(p3);

        cmd.ExecuteNonQuery();

        int r = Convert.ToInt16(cmd.Parameters["@ret"].Value);
        string status = cmd.Parameters["@status"].Value.ToString();
        string loggedname = cmd.Parameters["@name"].Value.ToString();

        if (r == -1)
        {
            Label1.Text = "Wrong Username";
        }
        else if (r == -2)
        {
            Label1.Text = "wrong Password";
        }
        else
        {
            Session["name"] = loggedname;
            FormsAuthenticationTicket tk = new FormsAuthenticationTicket(1, Txtusername.Text, DateTime.Now, DateTime.Now.AddHours(2), false, status);
            string s = FormsAuthentication.Encrypt(tk);
            HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName,s);
            Response.Cookies.Add(ck);
            Response.Redirect("Welcome.aspx");
        }
        Label1.Visible = true;
    }
    }

注册页面:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;

public partial class Registartion : System.Web.UI.Page
{
    SqlConnection con = new SqlConnection("Data Source=localhost;Initial Catalog=Onl9Shopping;Trusted_Connection=Yes");

    protected void Page_Load(object sender, EventArgs e)
    {

    }
    private void getregno()
    {
        string query = "select max (registrationno) from register";
        SqlDataAdapter adp = new SqlDataAdapter(query, con);
        DataSet ds = new DataSet();
        adp.Fill(ds);
        Txtreg.Text = (Convert.ToInt16(ds.Tables[0].Rows[0][0]) + Convert.ToInt16(1)).ToString();
    }
    protected void btncheck_Click(object sender, EventArgs e)
    {
        string query = "select username from register";
        SqlDataAdapter adp = new SqlDataAdapter(query, con);
        DataSet ds = new DataSet();
        adp.Fill(ds);
        int b = 0;
        int c = 0;
        int a = 0;
        a = ds.Tables[0].Rows.Count;
        while (a > b)
        {
            if (ds.Tables[0].Rows[b][0].ToString().Equals(TxtUserName.Text))
            {
                c = 1;

            }
            b++;
        }
        if (c == 1)
        {
            Label1.Text = "Name already exist !!..";
        }
        else
        {
            Label1.Text = "Name available";
        }
        Label1.Visible=true;
    }

    protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
    {
        string query = "select username from register";
        SqlDataAdapter adp = new SqlDataAdapter(query, con);
        DataSet ds = new DataSet();
        adp.Fill(ds);
        int b = 0;
        int c = 0;
        int a = 0;
        a = ds.Tables[0].Rows.Count;
        while (a > b)
        {
            if (ds.Tables[0].Rows[b][0].ToString().Equals(TxtUserName.Text))
            {
                c = 1;
            }
            b++;
        }
        if (c == 1)
        {
            Label1.Text = "Name already exist !!..";
        }
        else
        {
            SqlCommand cmd = new SqlCommand();            
            string query1 = "Insert into register(Name,FatherName,Gender,Address,Country,State,City,Pin,Phn,Email,Username,Password,SecurityQuestion,Hint)values(@Name,@Fathername,@Gender,@Address,@Country,@State,@City,@Pin,@Phn,@Email,@Username,@Password,@SecurityQuestion,@Hint)";
            cmd.CommandText = query1;
            cmd.Connection = con;
            con.Open();

            cmd.Parameters.AddWithValue("@Name", Txtname.Text);
            cmd.Parameters.AddWithValue("@FatherName", Txtfname.Text);
            cmd.Parameters.AddWithValue("@Gender", DropDownList1.Text);
            cmd.Parameters.AddWithValue("@Address", Txtaddress.Text);
            cmd.Parameters.AddWithValue("@Country", Txtcountry.Text);
            cmd.Parameters.AddWithValue("@State", Txtstate.Text);
            cmd.Parameters.AddWithValue("@City", Txtcity.Text);
            cmd.Parameters.AddWithValue("@Pin", Txtpin.Text);
            cmd.Parameters.AddWithValue("@Phn", Txtphn.Text);
            cmd.Parameters.AddWithValue("@Email", Txtemail.Text);
            cmd.Parameters.AddWithValue("@Username", TxtUserName.Text);
            cmd.Parameters.AddWithValue("@Password", Txtpassword.Text);
            cmd.Parameters.AddWithValue("@SecurityQuestion", DropDownList2.Text);
            cmd.Parameters.AddWithValue("@Hint", Txthint.Text);
            cmd.ExecuteNonQuery();
            cmd.Dispose();
            con.Close();

            Txtname.Text = string.Empty;
            Txtfname.Text = string.Empty;

            Txtaddress.Text = string.Empty;
            Txtcountry.Text = string.Empty;
            Txtstate.Text = string.Empty;
            Txtcity.Text = string.Empty;
            Txtpin.Text = string.Empty;
            Txtphn.Text = string.Empty;
            Txtemail.Text = string.Empty;
            TxtUserName.Text = string.Empty;
            Txtpassword.Text = string.Empty;

            Txtaddress.Text = string.Empty;
            Txthint.Text = string.Empty;
            Label2.Text = "Data sumitted ";
            Label2.Visible = true;
        }
    }
}
4

2 回答 2

0

今天有同样的问题。当您使用的用户没有使用数据库的权限时,您会收到此异常。为了测试它,您可以使用 MS SQL Management Studio 以用户身份登录,并尝试执行查询。检查用户分配到哪些组,使其成为db_owner fe,并检查它是否不属于db_denydatareaderdb_denydatawriter

于 2014-06-02T10:07:42.867 回答
0

ImageButton1 的单击事件没有命令类型:

    SqlCommand cmd = new SqlCommand();            
            string query1 = "Insert intoregister(Name,FatherName,Gender,Address,Country,State,City,Pin,Phn,Email,Username,Password,SecurityQuestion,Hint)values(@Name,@Fathername,@Gender,@Address,@Country,@State,@City,@Pin,@Phn,@Email,@Username,@Password,@SecurityQuestion,@Hint)";
            cmd.CommandText = query1;
cmd.CommandType=CommandType.Text;
            cmd.Connection = con;
            con.Open();
于 2013-09-22T12:54:34.527 回答