vim*_*van 2 sql vb.net sql-server winforms
这是我的代码,它给出了错误,查询返回特定项的值.
同样在数据库端查询返回行,即使我已经设置条件,如果读者有行然后只将它分配给一个变量,但仍然会抛出一个错误,例如.
dqty = sqlreader("qty")
码:
Private Function checkquantity(ByVal code As String, ByVal quan As Integer) As Boolean
sqlcommand.CommandText = "select sum(qty) as qty from pos_stock_balance where item_code='" & code & "'"
sqlcommand.Connection = AppsCon
sqlreader = sqlcommand.ExecuteReader
If sqlreader.HasRows Then
dqty = sqlreader("qty")
sqlreader.Close()
Else
sqlreader.Close()
End If
If quan > dqty Then
Return False
Else
Return True
End If
End Function
这是因为你在没有阅读的情况下直接访问数据,试试这个,
If sqlreader.HasRows Then
If sqlreader.read()
dqty = sqlreader("qty")
sqlreader.Close()
End If
Else
sqlreader.Close()
End If
清理过的代码版本,
Private Function checkquantity _
(ByVal code As String, ByVal quan As Integer) As Boolean
try
sqlcommand.CommandText = "select" _
& "sum(qty) as qty from pos_stock_balance where item_code='" & code & "'"
sqlcommand.Connection = AppsCon
sqlreader = sqlcommand.ExecuteReader
If sqlreader.read() Then
dqty = sqlreader("qty")
End If
If quan > dqty Then
Return False
Else
Return True
End If
Finally
sqlreader.Close()
End try
End Function
虽然我清理了你的代码,你的代码仍然容易受到sql注入.尝试使用参数化查询来避免这种情况