使用c#和JavaScript查看数据

本文关键字：数据 JavaScript 使用 | 更新日期: 2023-09-27 18:18:27

我使用以下JavaScript:

jQuery(document).ready(function ($) {
    $(function () {
        $.ajax({
            type: "POST",
            url: "candidate-job-alert.aspx/GetJobalerts",
            data: '{}',
            contentType: "application/json; charset=utf-8",
            dataType: "json",
            success: OnSuccess
        });
    });
});
function OnSuccess(response) {
    var xmlDoc = $.parseXML(response.d);
    var xml = $(xmlDoc);
    console.log(xml);
    var customers = xml.find("Table");
    console.log(customers);
    var row = $("[id*=CandidateAlerts] tr:last-child").clone(true);
    $("[id*=CandidateAlerts] tr").not($("[id*=CandidateAlerts] tr:first-child")).remove();
    $.each(customers, function () {
        var customer = $(this);
        AppendRow(row, $(this).find("alert_name").text(), $(this).find("keywords").text(), $(this).find("job_location").text(), $(this).find("job_category").text(), $(this).find("job_type").text(), $(this).find("email_frequency").text())
        row = $("[id*=CandidateAlerts] tr:last-child").clone(true);
    });
}
function AppendRow(row, alertname, keyword, joblocation, jobcategory, jobtype, emailfrequency) {
    //Bind alert_name.
    $(".alert_name", row).find("span").html(alertname);
    $(".alert_name", row).find("input").val(alertname);
    //Bind keywords.
    $(".keywords", row).find("span").html(keyword);
    $(".keywords", row).find("input").val(keyword);
    //Bind job_location.
    $(".job_location", row).find("span").html(joblocation);
    $(".job_location", row).find("input").val(joblocation);
    //Bind job_category.
    $(".job_category", row).find("span").html(jobcategory);
    $(".job_category", row).find("input").val(jobcategory);
    //Bind job_type.
    $(".job_type", row).find("span").html(jobtype);
    $(".job_type", row).find("input").val(jobtype);
    //Bind email_frequency.
    $(".email_frequency", row).find("span").html(emailfrequency);
    $(".email_frequency", row).find("input").val(joblocation);
    $("[id*=CandidateAlerts]").append(row);
}

这是我的c#代码:

using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Services;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class candidate_job_alert : System.Web.UI.Page
{
    string connectionString = ConfigurationManager.ConnectionStrings["JobMonsterConnectionString1"].ConnectionString;
    string strg;
    SqlCommand cms;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["Email"] != null)
        {
            try
            {
                this.BindDummyRow();
                //memberimg();
                //lblRows.Text = getjobalerts();
            }
            catch (Exception ex)
            {
                string script = "<script>alert('" + ex.Message + "');</script>";
            }
        }
    }
    private void BindDummyRow()
    {
        DataTable dummy = new DataTable();
        dummy.Columns.Add("alert_name");
        dummy.Columns.Add("keywords");
        dummy.Columns.Add("job_location");
        dummy.Columns.Add("job_category");
        dummy.Columns.Add("job_type");
        dummy.Columns.Add("email_frequency");
        dummy.Rows.Add();
        CandidateAlerts.DataSource = dummy;
        CandidateAlerts.DataBind();
    }
    [WebMethod]
public static string GetJobalerts()
{
    string query = "SELECT alert_name, keywords, job_location, job_category, job_type, email_frequency FROM candidate_job_alerts where candidate_id = @CandidateId";
    SqlCommand cmd = new SqlCommand(query);
    cmd.Parameters.AddWithValue("@CandidateId", Session["candidate_id"]);
    string constr = ConfigurationManager.ConnectionStrings["JobMonsterConnectionString1"].ConnectionString;
    using (SqlConnection con = new SqlConnection(constr))
    {
        using (SqlDataAdapter sda = new SqlDataAdapter())
        {
            cmd.Connection = con;
            sda.SelectCommand = cmd;
            using (DataSet ds = new DataSet())
            {
                sda.Fill(ds);
                return ds.GetXml();
            }
        }
    }
}
}

我得到以下错误:

编译器错误消息:CS0120:非静态字段、方法或属性'System.Web.UI.Page.Session.get'需要对象引用
第55行:string query = "SELECT alert_name, keywords, job_location, job_category, job_type, email_frequency FROM candidate_job_alerts where candidate_id='" + Session["candidate_id"] + "'";

使用c#和JavaScript查看数据

正如我在评论中提到的，你需要使用查询参数化而不是连接，否则你会受到过多的SQL注入攻击。

你引用Session的问题是你的方法是静态的，所以你不能访问System.Web.UI.Page的实例成员(如Session和其他任何东西)。使它成为一个实例成员而不是静态的应该使你的代码工作得很好，我看不出它是静态的，也不是POST请求的任何理由。

[WebMethod]
public string GetJobalerts()
{
    string query = "SELECT alert_name, keywords, job_location, job_category, job_type, email_frequency FROM candidate_job_alerts where candidate_id = @CandidateId";
    SqlCommand cmd = new SqlCommand(query);
    cmd.Parameters.AddWithValue("@CandidateId", Session["candidate_id"]);
    // ..
}