0

当我在文本框中写入时,有时程序会崩溃。我找不到解决方案。这是非常奇怪的情况。为什么程序有时会崩溃。这里代码:

 Private Sub CreateProductNameAutoCompleteSource(ByVal tamamlamaturu As Byte)
    Dim sql_ProductName As String
    Dim gorkemDAL As New Aktuel.Data.SqlClient(cns_ScalaConnectionString)
    Dim dtbl_ProductName As DataTable
    Dim X As New AutoCompleteStringCollection

    Dim parcakodu
    If tamamlamaturu = tamamlamatipi.talepedilenparca Then parcakodu = txt_talepedilenparca.Text
    If tamamlamaturu = tamamlamatipi.gonderilenparca Then parcakodu = txt_gonderilenparca.Text

    sql_ProductName = "select distinct urunkodu from urunler where urunkodu like '" & parcakodu & "%' order by urunkodu asc"

    gorkemDAL.OpenDbConnection()
    dtbl_ProductName = gorkemDAL.ExecuteTable(sql_ProductName)
    gorkemDAL.CloseDbConnection()

    For Each row As DataRow In dtbl_ProductName.Rows
        X.Add(row(0).ToString)
    Next
    If tamamlamaturu = tamamlamatipi.talepedilenparca Then
        txt_talepedilenparca.AutoCompleteSource = AutoCompleteSource.CustomSource
        txt_talepedilenparca.AutoCompleteCustomSource = X
        txt_talepedilenparca.AutoCompleteMode = AutoCompleteMode.Suggest
    End If

    If tamamlamaturu = tamamlamatipi.gonderilenparca Then
        txt_gonderilenparca.AutoCompleteSource = AutoCompleteSource.CustomSource
        txt_gonderilenparca.AutoCompleteCustomSource = X
        txt_gonderilenparca.AutoCompleteMode = AutoCompleteMode.Suggest

    End If

End Sub

和 Textchange 事件:

Private Sub txt_talepedilenparca_TextChanged(sender As Object, e As EventArgs) Handles txt_talepedilenparca.TextChanged
    CreateProductNameAutoCompleteSource(tamamlamatipi.talepedilenparca)
End Sub

我在事件查看器中发现错误消息: 错误消息

错误信息

4

3 回答 3

0

代码看起来很干净,我看不到任何明显的东西,但我会确保 parcakodu 不包含任何 sql 终止语音标记:

IE

sql_ProductName = "select distinct urunkodu from urunler where urunkodu like '" & parcakodu & "%' order by urunkodu asc"

变成:

sql_ProductName = "select distinct urunkodu from urunler where urunkodu like '" & parcakodu.Replace("'", "''") & "%' order by urunkodu asc"

(你可能想复制和粘贴很难看到我在那里做了什么)

我还将您的 ForEach 语句包装在一个空检查中 - 您是否正在尝试访问 dtbl_ProductName 当它为空时?如果对象为空,则访问属性 .Rows 将引发异常,它本身就是 Nothing。

尝试类似:

If (dtbl_ProductName IsNot Nothing)
    For Each row As DataRow In dtbl_ProductName.Rows
        X.Add(row(0).ToString)
    Next
End If

失败 - 检查您是否可以通过使用过去导致其崩溃的已知搜索字符串使其每次崩溃。字符串 sql 中是否存在不喜欢的字符,或者您的 sql 查询的结果集是否为空?

于 2018-06-21T15:19:06.180 回答
0

尝试使用这个技巧:

    Private Sub txt_talepedilenparca_TextChanged(sender As Object, e As EventArgs) Handles txt_talepedilenparca.TextChanged

Dim sql_ProductName As String
    Dim gorkemDAL As New Aktuel.Data.SqlClient(cns_ScalaConnectionString)
    Dim dtbl_ProductName As DataTable
    Dim X As New AutoCompleteStringCollection

sql_ProductName = "select distinct urunkodu from urunler where urunkodu order by urunkodu asc"

    gorkemDAL.OpenDbConnection()
    dtbl_ProductName = gorkemDAL.ExecuteTable(sql_ProductName)
    gorkemDAL.CloseDbConnection()

try
        If txt_talepedilenparca.lenght >= 3 and txt_talepedilenparca.lenght mod 3 = 0 then 
                    For Each row As DataRow In dtbl_ProductName.select("urunkodu like '*" & parcakodu & "*'")
            X.Add(row(0).ToString)
        Next
if x.count > 0
txt_talepedilenparca.AutoCompleteSource = AutoCompleteSource.CustomSource
        txt_talepedilenparca.AutoCompleteCustomSource = X
        txt_talepedilenparca.AutoCompleteMode = AutoCompleteMode.Suggest
end if
    End If
catch ex as exception
msgbox(ex.tostring)
end try
    End Sub
于 2018-06-22T04:18:22.513 回答
0

在您回答有关您收到的错误的问题时,您说该程序刚刚关闭。因此,第一步是将代码包装在 Try...Catch 块中,以便在不关闭程序的情况下获得有意义的错误消息。

Private Sub CreateProductNameAutoCompleteSource(ByVal tamamlamaturu As Byte)
    Try
        Dim sql_ProductName As String
        Dim gorkemDAL As New Aktuel.Data.SqlClient(cns_ScalaConnectionString)
        Dim dtbl_ProductName As DataTable
        Dim X As New AutoCompleteStringCollection

        Dim parcakodu
        If tamamlamaturu = tamamlamatipi.talepedilenparca Then
            parcakodu = txt_talepedilenparca.Text
        ElseIf tamamlamaturu = tamamlamatipi.gonderilenparca Then
            parcakodu = txt_gonderilenparca.Text
        Else
            Exit Sub
        End If

        sql_ProductName = "select distinct urunkodu from urunler where urunkodu like '" & parcakodu.Replace("'", "''") & "%' order by urunkodu asc"

        gorkemDAL.OpenDbConnection()
        dtbl_ProductName = gorkemDAL.ExecuteTable(sql_ProductName)
        gorkemDAL.CloseDbConnection()

        If (dtbl_ProductName IsNot Nothing) Then
            For Each row As DataRow In dtbl_ProductName.Rows
                X.Add(row(0).ToString)
            Next
        End If

        If tamamlamaturu = tamamlamatipi.talepedilenparca Then
            txt_talepedilenparca.AutoCompleteSource = AutoCompleteSource.CustomSource
            txt_talepedilenparca.AutoCompleteCustomSource = X
            txt_talepedilenparca.AutoCompleteMode = AutoCompleteMode.Suggest
        End If

        If tamamlamaturu = tamamlamatipi.gonderilenparca Then
            txt_gonderilenparca.AutoCompleteSource = AutoCompleteSource.CustomSource
            txt_gonderilenparca.AutoCompleteCustomSource = X
            txt_gonderilenparca.AutoCompleteMode = AutoCompleteMode.Suggest

        End If
    Catch ex As Exception
        MessageBox.Show(String.Format("The following error has occured:{0}{1}", vbCrLf, ex.Message), "An error has occured")
    End Try
End Sub

Private Sub txt_talepedilenparca_TextChanged(sender As Object, e As EventArgs) Handles txt_talepedilenparca.TextChanged
    If txt_talepedilenparca.Text.Length >= 3 Then
        CreateProductNameAutoCompleteSource(tamamlamatipi.talepedilenparca)
    End If
End Sub

这将在解决主要问题之前清楚地了解正在发生的事情。

我还转义了传递给查询的字符串值,因此如果用户在文本框中输入单引号,它就不会创建 SQL 注入。我还限制了函数不触发,但直到文本框至少有 3 个字母。

如果程序仍然在没有错误消息的情况下关闭,则问题出在其他地方,但如果您收到错误消息,那么我们可以从那里解决。

于 2018-06-22T07:51:49.703 回答