如何将图像放入sql server 2005

发布于 2024-09-27 05:28:25 字数 3024 浏览 0 评论 0原文

我编写了以下代码来将图像路径放入 sql server 2005，但它不起作用是他们从客户端应用程序将图像放入 sql server 的任何替代方法。

example.html

<form id="addresslistingform">
                  <fieldset id="fieldset1"><legend>Address for listing</legend>
                Zipcode:<br/>
                  <input size="30" type="text" id="zipcode"/><br/>
                Street No:<br/>
                  <input size="30" type="text" id="addstreetno" class="number" name="streetno"/><br/>
                Street Name:<br/> 
                  <input size="30" type="text" id="addstreetname" class="required" name="streetname"/><br/>                            
                Upload a couple of pictures:<br>
              <input size="30" type="file" id="addpicture"/> <br>                 
              </fieldset>

             <input id="Addresslisting" type="image" src="images/Submit.png" align="left"  />                   
 </form>

example.js

    $("#Addresslisting").click(function() {
       var zipcode = ($("#addzipcode").val());
        var streetno = ($("#addstreetno").val());
        var streetname = ($("#addstreetname").val());
        var image = ($("#addpicture").val());
         var submitaddress = "{\"zipcode\":\"" + zipcode + "\",\"streetnumber\":\"" + streetno + "\",\"streetname\":\"" + streetname + "\",\"streetname\":\"" + streetname + "\",\"Imagelocation\":\"" + image + "\"}";
            $.ajax({
                type: "POST",
                url: "/exampleproject/Afterlogin.asmx/addresslisting",
                data: submitaddress,
                contentType: "application/json; charset=utf-8",
                success: ajaxSucceed,
                dataType: "json",
                failure: ajaxFailed
            });

});

asmx webservices 文件

[WebMethod(EnableSession = true)]
    [ScriptMethod(ResponseFormat = ResponseFormat.Json)]
    public bool addresslisting(string zipcode, string streetnumber, string streetname,  string Imagelocation)
    {
        SqlConnection con = new SqlConnection();
        con.ConnectionString = "";
        con.Open();

        SqlCommand sqlcom = new SqlCommand();//declaring a new command
        sqlcom.CommandText = "insert into Address_Listing(Zip_Code,Street_Number,Street_Name,Image_Location) values ('" + zipcode + "','" + streetnumber + "','" + streetname + "',  '" + Imagelocation + "')"; //query for inserting data into contact table
        sqlcom.Connection = con;//connecting to database

        try
        {
            int success = sqlcom.ExecuteNonQuery();
            con.Close();

            if (success > 0)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
        catch (Exception e)
        {
            con.Close();
            return false;
        }


    }

原文

I have written the following code to place the image path into sql server 2005 but its not working is their any alternate way to place images into sql server from clientside application.

example.html

<form id="addresslistingform">
                  <fieldset id="fieldset1"><legend>Address for listing</legend>
                Zipcode:<br/>
                  <input size="30" type="text" id="zipcode"/><br/>
                Street No:<br/>
                  <input size="30" type="text" id="addstreetno" class="number" name="streetno"/><br/>
                Street Name:<br/> 
                  <input size="30" type="text" id="addstreetname" class="required" name="streetname"/><br/>                            
                Upload a couple of pictures:<br>
              <input size="30" type="file" id="addpicture"/> <br>                 
              </fieldset>

             <input id="Addresslisting" type="image" src="images/Submit.png" align="left"  />                   
 </form>

example.js

    $("#Addresslisting").click(function() {
       var zipcode = ($("#addzipcode").val());
        var streetno = ($("#addstreetno").val());
        var streetname = ($("#addstreetname").val());
        var image = ($("#addpicture").val());
         var submitaddress = "{\"zipcode\":\"" + zipcode + "\",\"streetnumber\":\"" + streetno + "\",\"streetname\":\"" + streetname + "\",\"streetname\":\"" + streetname + "\",\"Imagelocation\":\"" + image + "\"}";
            $.ajax({
                type: "POST",
                url: "/exampleproject/Afterlogin.asmx/addresslisting",
                data: submitaddress,
                contentType: "application/json; charset=utf-8",
                success: ajaxSucceed,
                dataType: "json",
                failure: ajaxFailed
            });

});

asmx webservices file

[WebMethod(EnableSession = true)]
    [ScriptMethod(ResponseFormat = ResponseFormat.Json)]
    public bool addresslisting(string zipcode, string streetnumber, string streetname,  string Imagelocation)
    {
        SqlConnection con = new SqlConnection();
        con.ConnectionString = "";
        con.Open();

        SqlCommand sqlcom = new SqlCommand();//declaring a new command
        sqlcom.CommandText = "insert into Address_Listing(Zip_Code,Street_Number,Street_Name,Image_Location) values ('" + zipcode + "','" + streetnumber + "','" + streetname + "',  '" + Imagelocation + "')"; //query for inserting data into contact table
        sqlcom.Connection = con;//connecting to database

        try
        {
            int success = sqlcom.ExecuteNonQuery();
            con.Close();

            if (success > 0)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
        catch (Exception e)
        {
            con.Close();
            return false;
        }


    }

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

自控 2024-10-04 05:28:25

仅供参考，您的代码存在许多问题。应该更像是这样：

public bool addresslisting(string zipcode, string streetnumber, string streetname, string Imagelocation)
{
    using (SqlConnection con = new SqlConnection())
    {
        con.ConnectionString = "";
        con.Open();

        using (SqlCommand sqlcom = new SqlCommand())
        {
            sqlcom.CommandText =
                string.Format(
                    "insert into Address_Listing(Zip_Code,Street_Number,Street_Name,Image_Location) " +
                    "values ('{0}','{1}','{2}',  '{3}')",
                    zipcode, streetnumber, streetname, Imagelocation);
            sqlcom.Connection = con;

            int success = sqlcom.ExecuteNonQuery();

            return success > 0;
        }
    }
}

using 块将确保资源被释放，即使抛出异常
也绝不隐藏异常。通过返回“false”，您将隐藏导致抛出异常的任何问题。
我当然希望您已经清理了邮政编码、街道号码等，否则您的代码可能容易受到 SQL 注入攻击。

FYI, there are a number of problems with your code. It should be more like this:

public bool addresslisting(string zipcode, string streetnumber, string streetname, string Imagelocation)
{
    using (SqlConnection con = new SqlConnection())
    {
        con.ConnectionString = "";
        con.Open();

        using (SqlCommand sqlcom = new SqlCommand())
        {
            sqlcom.CommandText =
                string.Format(
                    "insert into Address_Listing(Zip_Code,Street_Number,Street_Name,Image_Location) " +
                    "values ('{0}','{1}','{2}',  '{3}')",
                    zipcode, streetnumber, streetname, Imagelocation);
            sqlcom.Connection = con;

            int success = sqlcom.ExecuteNonQuery();

            return success > 0;
        }
    }
}

using blocks will ensure that resources are released, even if an exception is thrown
Never hide exceptions. By returning "false" you are hiding whatever problem caused the exception to be thrown.
I certainly hope you have sanitized zipcode, streetnumber, etc., otherwise your code is potentially vulnerable to a SQL Injection Attack.

回复收藏 0 原文

~没有更多了~