C# 变量名“@VarName”已声明为问题
我根据下拉列表中的选择将多个项目插入表中。当我从下拉列表中选择一个项目时,一切正常,但当我选择多个项目时,会出现此错误C# 变量名“@VarName”已声明为问题,c#,asp.net,C#,Asp.net,我根据下拉列表中的选择将多个项目插入表中。当我从下拉列表中选择一个项目时,一切正常,但当我选择多个项目时,会出现此错误 The variable name '@CompName' has already been declared. Variable names must be unique within a query batch or stored procedure. 我做错了什么?谢谢 这是我的密码 protected void DV_Test_ItemInserting(object
The variable name '@CompName' has already been declared. Variable names must be unique within a query batch or stored procedure.
protected void DV_Test_ItemInserting(object sender, DetailsViewInsertEventArgs e)
{
foreach (ListItem listItem in cblCustomerList.Items)
{
if (listItem.Selected)
{
string Name= listItem.Value;
sqlcon.Open();
string CompName= ((TextBox)DV_Test.FindControl("txtCompName")).Text.ToString();
string Num = ((TextBox)DV_Test.FindControl("txtNum")).Text.ToString();
SqlCommand cmd = new SqlCommand("select CompNamefrom MyTable where CompName= '" + CompName+ "' and Num = '" + Num + "' and Name= '" + Name+ "' ", sqlcon);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
lblmsg.Text = "Not Valid";
}
else
{
dr.Close();
sqlcmd.CommandText = "INSERT INTO MyTable(CompName, Num, Name) VALUES(@CompName, @Num, @Name)";
sqlcmd.Parameters.Add("@CompName", SqlDbType.VarChar).Value = CompName;
sqlcmd.Parameters.Add("@Num", SqlDbType.VarChar).Value = Num;
sqlcmd.Connection = sqlcon;
sqlcmd.ExecuteNonQuery();
DV_Test.ChangeMode(DetailsViewMode.Insert);
sqlcon.Close();
}
sqlcon.Close();
}
}
}
每次通过循环时,您都会将参数@CompName和@Num添加到查询中 您需要将要添加的调用移动到循环外部,并使用以下命令更新它们:
sqlcmd.Parameters["@CompName"].Value = CompName;
sqlcmd.Parameters["@Num"].Value = Num;
sqlcmd.CommandText = "INSERT INTO MyTable(CompName, Num, Name) VALUES(@CompName, @Num, @Name)";
sqlcmd.Parameters.Add("@CompName", SqlDbType.VarChar);
sqlcmd.Parameters.Add("@Num", SqlDbType.VarChar);
foreach (ListItem listItem in cblCustomerList.Items)
{
if (....)
{
....
}
else
{
dr.Close();
sqlcmd.Parameters["@CompName"].Value = CompName;
sqlcmd.Parameters["@Num"].Value = Num;
sqlcmd.Connection = sqlcon;
sqlcmd.ExecuteNonQuery();
DV_Test.ChangeMode(DetailsViewMode.Insert);
sqlcon.Close();
}
}
每次通过循环时,您都会将参数@CompName和@Num添加到查询中 您需要将要添加的调用移动到循环外部,并使用以下命令更新它们:
sqlcmd.Parameters["@CompName"].Value = CompName;
sqlcmd.Parameters["@Num"].Value = Num;
sqlcmd.CommandText = "INSERT INTO MyTable(CompName, Num, Name) VALUES(@CompName, @Num, @Name)";
sqlcmd.Parameters.Add("@CompName", SqlDbType.VarChar);
sqlcmd.Parameters.Add("@Num", SqlDbType.VarChar);
foreach (ListItem listItem in cblCustomerList.Items)
{
if (....)
{
....
}
else
{
dr.Close();
sqlcmd.Parameters["@CompName"].Value = CompName;
sqlcmd.Parameters["@Num"].Value = Num;
sqlcmd.Connection = sqlcon;
sqlcmd.ExecuteNonQuery();
DV_Test.ChangeMode(DetailsViewMode.Insert);
sqlcon.Close();
}
}
我在这里的假设是因为您已经在循环范围之外声明了sqlcmd;因此,当您对它进行迭代时,可能会多次添加相同的参数名
请修复这一行:SqlCommand cmd=newsqlcommandselectcompnamefrommytable,其中CompName='+CompName+'和Num='+Num+'和Name='+Name+',sqlcon;因为SQL注入正在等待发生。我在这里的假设是,您已经在循环范围之外声明了sqlcmd;因此,当您对它进行迭代时,可能会多次添加相同的参数名 请修复这一行:SqlCommand cmd=newsqlcommandselectcompnamefrommytable,其中CompName='+CompName+'和Num='+Num+'和Name='+Name+',sqlcon;因为SQL注入正在等待发生。添加sqlcmd.Parameters.Clear;最后。这样,每个参数将不存在于每个循环的末尾 例如:
// ...
sqlcmd.CommandText = "INSERT INTO MyTable(CompName, Num, Name) VALUES(@CompName, @Num, @Name)";
sqlcmd.Parameters.Add("@CompName", SqlDbType.VarChar).Value = CompName;
sqlcmd.Parameters.Add("@Num", SqlDbType.VarChar).Value = Num;
sqlcmd.Connection = sqlcon;
sqlcmd.ExecuteNonQuery();
DV_Test.ChangeMode(DetailsViewMode.Insert);
sqlcon.Close();
sqlcmd.Parameters.Clear();
//...
// ...
sqlcmd.CommandText = "INSERT INTO MyTable(CompName, Num, Name) VALUES(@CompName, @Num, @Name)";
sqlcmd.Parameters.Add("@CompName", SqlDbType.VarChar).Value = CompName;
sqlcmd.Parameters.Add("@Num", SqlDbType.VarChar).Value = Num;
sqlcmd.Connection = sqlcon;
sqlcmd.ExecuteNonQuery();
DV_Test.ChangeMode(DetailsViewMode.Insert);
sqlcon.Close();
sqlcmd.Parameters.Clear();
//...
SqlCmd.Parameters.Clear();
SqlCmd.Parameters.Clear();
在代码中,在添加参数之前。它将清除已经添加的参数列表,并将参数视为新的。您还应该清理输入并使用SELECT语句中的参数。还应该清理输入并使用该SELECT语句中的参数。谢谢。我使用如下清除功能修复了它:DS.SelectParameters.clear;谢谢我使用如下清除功能修复了它:DS.SelectParameters.clear;