C# 保存列表<;CartItem>;到ASP.NET中的会话
CartItems保存在SQL数据库中 我想将所有CartItems放在一个列表中并转移到Instance.Items 实例变量正在保存到会话中C# 保存列表<;CartItem>;到ASP.NET中的会话,c#,asp.net,sql,session,httpcontext,C#,Asp.net,Sql,Session,Httpcontext,CartItems保存在SQL数据库中 我想将所有CartItems放在一个列表中并转移到Instance.Items 实例变量正在保存到会话中 public static List<CartItem> loadCart(String CustomerId) { String sql = "Select * from Cart where CustomerId='" + CustomerId + "'"; SqlCommand cmd
public static List<CartItem> loadCart(String CustomerId)
{
String sql = "Select * from Cart where CustomerId='" + CustomerId + "'";
SqlCommand cmd = new SqlCommand(sql, conn);
List<CartItem> lstCart = new List<CartItem>();
try
{
conn.Open();
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
CartItem itm = new CartItem(Convert.ToInt32(reader["ProductId"].ToString()));
itm.Quantity = Convert.ToInt32(reader["Quantity"].ToString());
lstCart.Add(itm);
}
}
catch (Exception ex)
{ }
finally
{
conn.Close();
}
return lstCart;
}
代码如下
public class ShoppingCart
{
public List<CartItem> Items { get; private set; }
public static SqlConnection conn = new SqlConnection(connStr.connString);
public static readonly ShoppingCart Instance;
static ShoppingCart()
{
if (HttpContext.Current.Session["ASPNETShoppingCart"] == null)
{
Instance = new ShoppingCart();
Instance.Items = new List<CartItem>();
HttpContext.Current.Session["ASPNETShoppingCart"] = Instance;
}
else
{
Instance = (ShoppingCart)HttpContext.Current.Session["ASPNETShoppingCart"];
}
}
公共类购物车
{
公共列表项{get;private set;}
public static SqlConnection conn=新的SqlConnection(connStr.connString);
公共静态只读ShoppingCart实例;
静态ShoppingCart()
{
if(HttpContext.Current.Session[“ASPNETShoppingCart”]==null)
{
实例=新ShoppingCart();
Instance.Items=newlist();
HttpContext.Current.Session[“ASPNETShoppingCart”]=实例;
}
其他的
{
Instance=(ShoppingCart)HttpContext.Current.Session[“ASPNETShoppingCart”];
}
}
返回列表的代码。我想将此函数返回的列表保存到Instance.Items。以便将其保存到会话中
public static List<CartItem> loadCart(String CustomerId)
{
String sql = "Select * from Cart where CustomerId='" + CustomerId + "'";
SqlCommand cmd = new SqlCommand(sql, conn);
List<CartItem> lstCart = new List<CartItem>();
try
{
conn.Open();
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
CartItem itm = new CartItem(Convert.ToInt32(reader["ProductId"].ToString()));
itm.Quantity = Convert.ToInt32(reader["Quantity"].ToString());
lstCart.Add(itm);
}
}
catch (Exception ex)
{ }
finally
{
conn.Close();
}
return lstCart;
}
公共静态列表loadCart(字符串CustomerId)
{
String sql=“从购物车中选择*,其中CustomerId=”+CustomerId+”;
SqlCommand cmd=新的SqlCommand(sql,conn);
List lstCart=新列表();
尝试
{
conn.Open();
SqlDataReader=cmd.ExecuteReader();
while(reader.Read())
{
CartItem itm=新的CartItem(Convert.ToInt32(reader[“ProductId”].ToString());
itm.Quantity=Convert.ToInt32(读卡器[“Quantity”].ToString());
lstCart.Add(itm);
}
}
捕获(例外情况除外)
{ }
最后
{
康涅狄格州关闭();
}
返回购物车;
}
如果要将整个对象提交到会话,则项目应存储在与该对象的会话中
为什么不这样做呢
public class ShoppingCart
{
public List<CartItem> Items { get; private set; }
public static SqlConnection conn = new SqlConnection(connStr.connString);
public static readonly ShoppingCart Instance;
static ShoppingCart RetrieveShoppingCart()
{
if (HttpContext.Current.Session["ASPNETShoppingCart"] == null)
{
Instance = new ShoppingCart();
Instance.Items = new List<CartItem>();
HttpContext.Current.Session["ASPNETShoppingCart"] = Instance;
}
else
{
Instance = (ShoppingCart)HttpContext.Current.Session["ASPNETShoppingCart"];
}
return Instance;
}
}
公共类购物车
{
公共列表项{get;private set;}
public static SqlConnection conn=新的SqlConnection(connStr.connString);
公共静态只读ShoppingCart实例;
静态ShoppingCart检索ShoppingCart()
{
if(HttpContext.Current.Session[“ASPNETShoppingCart”]==null)
{
实例=新ShoppingCart();
Instance.Items=newlist();
HttpContext.Current.Session[“ASPNETShoppingCart”]=实例;
}
其他的
{
Instance=(ShoppingCart)HttpContext.Current.Session[“ASPNETShoppingCart”];
}
返回实例;
}
}
是的,那么您遇到了什么问题?如果您的代码与发布的代码完全相同,那么静态构造函数会调用自身(Instance=new ShoppingCart();)哦,顺便说一句,这行-String sql=“Select*from Cart where CustomerId=”“+CustomerId+”;-请求sql注入攻击