Fatal编程技术网
  • csharp/
  • C# OnClick事件未运行

C# OnClick事件未运行

c# mysql asp.net

C# OnClick事件未运行,c#,mysql,asp.net,C#,Mysql,Asp.net,我有这个功能: protected void register(object sender, EventArgs e) { db_connection(); try { string emailAddress = emailReg.Text.ToString(); string passwordR = passwordReg.Text.ToString(); string firstName = forename.Text.

我有这个功能:

protected void register(object sender, EventArgs e)
{
    db_connection();
    try
    {
        string emailAddress = emailReg.Text.ToString();
        string passwordR = passwordReg.Text.ToString();
        string firstName = forename.Text.ToString();
        string lastName = surname.Text.ToString();
        string telephoneV = telephone.Text.ToString();
        string addressV = address.Text.ToString();
        string address2V = address2.Text.ToString();
        string countyV = county.Text.ToString();
        string postcodeV = postcode.Text.ToString();
        string countryV = country.Text.ToString();
        //converts data submitted to form into variables

        var cmd = new MySqlCommand();

        cmd.CommandText = "insert into mydb1.address values(null,'" + addressV.ToString() + "','" + address2V + "','" + countyV + "','" + postcodeV + "','" + countryV + "')";
        cmd.ExecuteNonQuery(); //above sql statements insert variables into the database

        long id1 = cmd.LastInsertedId;

        cmd.CommandText = "insert into mydb1.person values(null,'" + firstName.ToString() + "','" + lastName + "','" + telephoneV + "','" + emailAddress + "','" + id1 + "','" + passwordR + "')";
        cmd.ExecuteNonQuery();

        connect.Dispose(); //removes any stored data that is no longer needed
        connect.Close(); //closes the connection to the database

        Response.Redirect("myAccount.aspx");
    }
这应该是用用户输入表单的详细信息更新我的数据库,但是当单击按钮时,页面只是刷新,似乎没有添加到数据库中。我用试一试是错的吗

编辑:这是.aspx代码

<div class="registerWrapper">

    <asp:TextBox CssClass="form-control" ID ="emailReg" runat="server" placeholder="Email"></asp:TextBox><br/>
    <asp:TextBox CssClass="form-control" ID="passwordReg" TextMode="Password" runat="server" placeholder="Password"></asp:TextBox><br />
    <asp:TextBox CssClass="form-control" ID="forename" runat="server" placeholder="First Name"></asp:TextBox><br />
    <asp:TextBox CssClass="form-control" ID="surname" runat="server" placeholder="Surname"></asp:TextBox><br />
    <asp:TextBox CssClass="form-control" ID="telephone" runat="server" placeholder="Telephone"></asp:TextBox><br />

    <div class="nextButton btn btn-primary">
            Next 
    </div>
</div><!-- /addressWrapper -->



<div class="addressWrapper">
    <asp:TextBox CssClass="form-control" ID ="address" runat="server" placeholder="Address - Line 1"></asp:TextBox><br/>
    <asp:TextBox CssClass="form-control" ID="address2" runat="server" placeholder="Line 2"></asp:TextBox><br />
    <asp:TextBox CssClass="form-control" ID="county" runat="server" placeholder="County"></asp:TextBox><br />
    <asp:TextBox CssClass="form-control" ID="postcode" runat="server" placeholder="Postcode"></asp:TextBox><br />
    <asp:TextBox CssClass="form-control" ID="country" runat="server" placeholder="Country"></asp:TextBox><br />
    <asp:Button CssClass="btn btn-primary" ID="loginButton" runat="server" text="Submit" OnCLick="register"></asp:Button>
</div>












下一个
您的代码对sql注入攻击是开放的。不要使用单引号。始终使用参数共享客户端代码。顺便说一句,不参数化代码对SQL注入非常开放。请看:例如。@Kumar_Vikas您所说的客户端代码是什么意思?我的asp表单?连接已打开,但您没有设置cmd的连接属性。通过cmd.connection=con将连接对象设置为cmd