方法中出现错误,无法计算表达式
本文关键字:计算 表达式 错误 方法 | 更新日期: 2023-09-27 18:10:51
我得到这个错误,
无法计算表达式,因为代码已优化或本机帧位于调用堆栈的顶部。
我不知道是什么引起的。
有登录和会话选择两种方法。登录会话只匹配电子邮件和密码;会话选择用GUID查询数据库,该GUID将用作会话ID。当我在登录
中调用SessionSelection()时抛出错误private void SessionSelection( )
{
string connectstr = "data source=.''SQLEXPRESS;Integrated Security=True; Initial Catalog= NewApp";
try
{
string query = @"SELECT UserIDkey FROM Registration WHERE Email='" + txtEmail.Text.Trim() + "'";
SqlConnection con = new SqlConnection(connectstr);
SqlCommand cmd = new SqlCommand(query, con);
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
string SessionResult = reader["UserIDkey"].ToString();
Session["PrivateKey"] = SessionResult;
//SessionResult = SpecialKey;
}
reader.Close();
con.Close();
}
catch
{
}
}
private void Login()
{
string passwordEncryption = txtPassword.Text.Trim();
System.Security.Cryptography.MD5CryptoServiceProvider x2 = new System.Security.Cryptography.MD5CryptoServiceProvider();
byte[] bs2 = System.Text.Encoding.UTF8.GetBytes(passwordEncryption);
bs2 = x2.ComputeHash(bs2);
System.Text.StringBuilder s2 = new System.Text.StringBuilder();
foreach (byte b in bs2)
{
s2.Append(b.ToString("x2").ToLower());
}
string EncryptedPassword = s2.ToString();
if (!string.IsNullOrEmpty(txtEmail.Text))
{
string connectstr = "data source=.''SQLEXPRESS;Integrated Security=True; Initial Catalog= NewApp";
// (ConfigurationManager.AppSettings["connectionString"]);
try
{
string query = @"SELECT * FROM Registration WHERE Email='" + txtEmail.Text.Trim() + "'and Password='" + EncryptedPassword + "'";
SqlConnection con = new SqlConnection(connectstr);
SqlCommand cmd = new SqlCommand(query, con);
con.Open();
var Results = (int)cmd.ExecuteScalar();
//string sqlRead = cmd.ExecuteReader().ToString();
if (Results > 0)
{
SessionSelection();
txtEmail.Text = "";
txtPassword.Text = "";
Response.Redirect("~/Home.aspx");
}
else
{
Response.Write("Incorrect UserName/Password");
}
con.Close();
}
catch (Exception ex)
{
Response.Write("Incorrect UserName/Password");
}
}
问题:您没有在Login()方法的命令字符串中给出Email string和and关键字之间的空间:
string query = @"SELECT * FROM Registration WHERE Email=
'" + txtEmail.Text.Trim() + "'and Password='" + EncryptedPassword + "'";
^^^
解决方案:您需要在Login()方法的命令字符串中Email string和and关键字之间有空间:
试试这个:
string query = @"SELECT * FROM Registration WHERE Email=
'" + txtEmail.Text.Trim() + "' and Password='" + EncryptedPassword + "'";
建议:您的查询是对SQL Injection attacks开放的,所以我强烈建议您使用Parameterised queries来避免使用SQL Injection attacks。
方案二:与Parameterised queries
try
{
string query = @"SELECT * FROM Registration WHERE Email=@Email
and Password=@Password";
SqlConnection con = new SqlConnection(connectstr);
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@Email",txtEmail.Text.Trim());
cmd.Parameters.AddWithValue("@Password",EncryptedPassword);
con.Open();
var Results = (int)cmd.ExecuteScalar();
//string sqlRead = cmd.ExecuteReader().ToString();
if (Results > 0)
{
SessionSelection();
txtEmail.Text = "";
txtPassword.Text = "";
Response.Redirect("~/Home.aspx");
}
else
{
Response.Write("Incorrect UserName/Password");
}
con.Close();
}
问题是Response.Redirect("~/Home. redirect ")。aspx",假);
要解决这个问题,可以使用以下方法之一:为响应。最后,调用HttpContext.Current.ApplicationInstance.CompleteRequest方法而不是Response。结束绕过代码执行到Application_EndRequest事件。为响应。重定向,使用重载,响应。重定向(String url, bool endResponse),为endResponse参数传递false以抑制内部调用Response.End。例如:响应。重定向("全心全意。aspx",假);
如果您使用此解决方法,则响应之后的代码。执行重定向。为服务器。传输,使用服务器。
修复Response.Redirect("~/回家。aspx",假);