C# 将SQL查询结果分配给会话变量
我正在尝试基于登录者运行SQL查询,该查询获取C# 将SQL查询结果分配给会话变量,c#,sql,asp.net,sql-server,C#,Sql,Asp.net,Sql Server,我正在尝试基于登录者运行SQL查询,该查询获取团队ID,并将其分配给会话变量。我无法将结果分配给变量 protected void ButtonLogin_Click(object sender, EventArgs e) { //check what user category was selected and login to appropriate page if (DropDownListUserType.SelectedIndex == 1) {
团队ID
,并将其分配给会话变量。我无法将结果分配给变量
protected void ButtonLogin_Click(object sender, EventArgs e)
{
//check what user category was selected and login to appropriate page
if (DropDownListUserType.SelectedIndex == 1)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["Web_FussConnectionString"].ConnectionString);
con.Open();
SqlCommand cmd = new SqlCommand("select * from Team_User where Email = @username and Password_1 = @password", con);
cmd.Parameters.AddWithValue("@username", UserName.Text);
cmd.Parameters.AddWithValue("@password", Password.Text);
SqlCommand cmdID = new SqlCommand("select Team_ID from Team_User where Email = @username and Password_1 = @password", con);
cmdID.Parameters.AddWithValue("@username", UserName.Text);
cmdID.Parameters.AddWithValue("@password", Password.Text);
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataTable dt = new DataTable();
da.Fill(dt);
if (dt.Rows.Count > 0)
{
SqlDataReader reader = cmdID.ExecuteReader();
int Team_ID = reader.GetInt32(1);
Session["Team_ID"] = Team_ID;
Response.Redirect("AddPlayer.aspx");
}
else
{
ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password')</script>");
}
}
}
protectedvoid按钮登录单击(对象发送者,事件参数e)
{
//检查选择的用户类别并登录到相应页面
如果(DropDownListUserType.SelectedIndex==1)
{
SqlConnection con=新的SqlConnection(ConfigurationManager.ConnectionString[“Web\u FusConnectionString”].ConnectionString);
con.Open();
SqlCommand cmd=newsqlcommand(“从团队用户中选择*,其中Email=@username和Password\u 1=@Password”,con);
cmd.Parameters.AddWithValue(“@username”,username.Text);
cmd.Parameters.AddWithValue(“@password”,password.Text);
SqlCommand cmdID=new SqlCommand(“从Team_User中选择Team_ID,其中Email=@username和Password_1=@Password”,con);
cmdID.Parameters.AddWithValue(“@username”,username.Text);
cmdID.Parameters.AddWithValue(“@password”,password.Text);
SqlDataAdapter da=新的SqlDataAdapter(cmd);
DataTable dt=新的DataTable();
da.填充(dt);
如果(dt.Rows.Count>0)
{
SqlDataReader=cmdID.ExecuteReader();
int Team_ID=reader.GetInt32(1);
会话[“团队ID”]=团队ID;
重定向(“AddPlayer.aspx”);
}
其他的
{
RegisterStartupScript(Page.GetType(),“验证”,“警报('无效用户名和密码'));
}
}
}
你的代码没有什么意义
如果您只想要团队ID
-为什么要先加载整行,然后再次调用数据库,只获取团队ID
我试图将您的代码简化一点:
protected void ButtonLogin_Click(object sender, EventArgs e)
{
// check what user category was selected and login to appropriate page
if (DropDownListUserType.SelectedIndex == 1)
{
// define connection string and SQL query as strings
string connectionString = ConfigurationManager.ConnectionStrings["Web_FussConnectionString"].ConnectionString;
string query = "SELECT Team_ID FROM dbo.Team_User WHERE Email = @username AND Password_1 = @password";
// set up SqlConnection and SqlCommand in "using" blocks
using (SqlConnection con = new SqlConnection(connectionString))
using (SqlCommand cmd = new SqlCommand(query, con))
{
// define and fill parameters - DO NOT use .AddWithValue!
cmd.Parameters.Add("@username", SqlDbType.VarChar, 100).Value = UserName.Text;
cmd.Parameters.Add("@password", SqlDbType.VarChar, 100).Value = Password.Text;
// open connection, execute scalar, close connection
con.Open();
object result = cmd.ExecuteScalar();
// if we got back a result ....
if(result != null)
{
int teamID = Convert.ToInt32(result.ToString());
Session["Team_ID"] = teamID;
Response.Redirect("AddPlayer.aspx");
}
else
{
// if result is NULL, then the username+password
// were NOT found - do what needs to be done in that case here
}
}
}
}
有问题-有什么问题?为什么要执行第二个查询,而第一个查询已经返回了您感兴趣的所有数据?只需获取数据表中的行,并检查
Team\u ID
列。。。。。。绝对不需要第二次数据库调用…我还需要它来检查登录系统时是否存在用户名和密码。这就是为什么这个问题被否决了there@Haldamir:如果用户名+密码不存在,您将从单个查询返回NULL
,并且您还知道-不需要第二个查询