ASP.NET:将外部变量传递到中 标签 ASP.NET 2.0
我正在设计一些基于 VB 的 ASP.NET 2.0,并且我试图更多地利用 Visual Studio 提供的各种 ASP 标签,而不是在代码隐藏中手动编写所有内容。 我想从会话中传递一个外部变量来识别查询的用户是谁。
<asp:sqldatasource id="DataStores" runat="server" connectionstring="<%$ ConnectionStrings:MY_CONNECTION %>"
providername="<%$ ConnectionStrings:MY_CONNECTION.ProviderName %>"
selectcommand="SELECT THING1, THING2 FROM DATA_TABLE WHERE (THING2 IN (SELECT THING2 FROM RELATED_DATA_TABLE WHERE (USERNAME = @user)))"
onselecting="Data_Stores_Selecting">
<SelectParameters>
<asp:parameter name="user" defaultvalue ="" />
</SelectParameters>
</asp:sqldatasource>
在我后面的代码中,我有:
Protected Sub Data_Stores_Selecting(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.SqlDataSourceSelectingEventArgs) Handles Data_Stores.Selecting
e.Command.Parameters("user").Value = Session("userid")
End Sub
Oracle 用 ORA-01036,非法变量名向我发出警告。 我在查询中声明的变量是错误的吗?
我认为外部变量与 @ 前缀共享相同的名称。 据我了解,这应该在执行选择时将我想要的值放入查询中。
编辑:好的,感谢到目前为止的建议,第一个错误已得到纠正,我需要使用 : 而不是 @ 作为查询中的变量声明。 现在它生成一个 ORA-01745 无效的主机/绑定变量名。
再次编辑:好的,看起来 user 是一个保留字。 现在可以了! 感谢您对此问题的其他观点。 我没有想到这种方法。
I'm designing some VB based ASP.NET 2.0, and I am trying to make more use of the various ASP tags that visual studio provides, rather than hand writing everything in the code-behind. I want to pass in an outside variable from the Session to identify who the user is for the query.
<asp:sqldatasource id="DataStores" runat="server" connectionstring="<%$ ConnectionStrings:MY_CONNECTION %>"
providername="<%$ ConnectionStrings:MY_CONNECTION.ProviderName %>"
selectcommand="SELECT THING1, THING2 FROM DATA_TABLE WHERE (THING2 IN (SELECT THING2 FROM RELATED_DATA_TABLE WHERE (USERNAME = @user)))"
onselecting="Data_Stores_Selecting">
<SelectParameters>
<asp:parameter name="user" defaultvalue ="" />
</SelectParameters>
</asp:sqldatasource>
And on my code behind I have:
Protected Sub Data_Stores_Selecting(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.SqlDataSourceSelectingEventArgs) Handles Data_Stores.Selecting
e.Command.Parameters("user").Value = Session("userid")
End Sub
Oracle squaks at me with ORA-01036, illegal variable name. Am I declaring the variable wrong in the query?
I thought external variables share the same name with a @ prefixed. from what I understand, this should be placing the value I want into the query when it executes the select.
EDIT: Okay, thanks for the advice so far, first error was corrected, I need to use : and not @ for the variable declaration in the query. Now it generates an ORA-01745 invalid host/bind variable name.
EDIT AGAIN: Okay, looks like user was a reserved word. It works now! Thanks for other points of view on this one. I hadn't thought of that approach.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
我相信 Oracle 使用冒号“:”,而不是 at 符号“@”。
"user" is probably a reserved word. Change it to "userID", or something similar.
I believe Oracle uses the colon ":", not the at-symbol "@".
"user" is probably a reserved word. Change it to "userID", or something similar.
您可能需要考虑使用 SessionParameter 而不仅仅是参数,让 SqlDataSource 直接从会话中提取用户 ID,无需您进行任何干预。 另外,上面链接的页面上的示例似乎暗示您应该使用 ? 而不是 @user 来替换 ODBC 连接的参数。 我认为参数替换将由 SqlDataSource 完成,而不是传递给 Oracle,也就是说,在将查询发送到数据库之前,它将用用户 id 的实际值代替参数(当然正确引用)。
You may want to consider using a SessionParameter instead of just a Parameter and let the SqlDataSource extract the user id directly from the session without any intervention on your part. Also, the example on the page linked above seems to imply that you should use ? instead of @user for parameter replacement for an ODBC connection. I think the parameter replacement would be done by the SqlDataSource and not passed to Oracle, that is it would substitute the actual value of the user id in place of the parameter (properly quoted of course) before sending the query to the database.
使用 ASP.NET 的 SessionParameter 绝对是正确的选择 - 这就是我们拥有它的原因 :)
使用 ASP.NET 参数,您可以轻松地将来自静态源、会话状态、查询字符串、控制属性值、表单发布数据的值包含在查询中、cookie 和用户配置文件。
Using ASP.NET's SessionParameter is definitely the way to go here - that's why we have it :)
Using ASP.NET parameters you can easily include in your queries values from static sources, session state, query string, control property values, form post data, cookies, and user profile.