gpt4 book ai didi

c# - Angular JS 应用程序因多发布请求而失败

转载 作者:行者123 更新时间:2023-11-30 17:31:17 25 4
gpt4 key购买 nike

我正在使用来自 AngularJs 应用程序的 WCF 服务。我正在向该服务发布多个请求。有了这个请求,我正在检查用户信息。

这是抛出错误的服务:

public bool cheekCreditScore(Credit_Crad credit)
{

int i = 600;
int j = 700;

SqlConnection cn = new SqlConnection(ConnectionString);

SqlCommand cmd = new SqlCommand("SELECT Credit_Score FROM Credit_Score WHERE Account_Number = '" + credit.account_number + "'", cn);
cn.Open();
cmd.Parameters.AddWithValue("Account_Number", credit.account_number);
var value = cmd.ExecuteScalar();
var da = new SqlDataAdapter(cmd);
DataTable tbl = new DataTable();
da.Fill(tbl);

if (tbl.Rows.Count == 0)
{
//message = ("Account is not exist Under this Name");
return true;

}
else if ((Convert.ToDouble(i) < Convert.ToDouble(value)) && (Convert.ToDouble(value) <= Convert.ToDouble(j)))
{

// message = "Application Successful We can offer you " + Value1 + "Pound";
return true;

}

else
{
// message = "Your application is unsuccessfull ";
return false;

}
//return false;

}

这些是我遇到的错误: enter image description here

这是 Angular JS Web 应用程序中的脚本代码,这是我向 Wcf Rest 服务发布多请求。

var app = angular.module("WebClientModule", [])
.controller('Web_Client_Controller', ["$scope", 'myService', function ($scope, myService) {

$scope.OperType = 1;

//1 Mean New Entry

//To Clear all input controls.
function ClearModels() {
$scope.OperType = 1;
$scope.Tittle = "";
$scope.First_Name = "";
$scope.Last_Name = "";
$scope.Gender = "";
$scope.DOB = "";
$scope.Mobile = "";
$scope.House_No = "";

$scope.Streent_Name = "";
$scope.Country = "";
$scope.Post_Code = "";
$scope.Occupation = "";

$scope.Account_Number = "";
}
$scope.CeditCardApplication = function () {
var ApplicationDeatils = {
Tittle: $scope.Tittle,
First_Name: $scope.First_Name,
Last_Name: $scope.Last_Name,
Gender: $scope.Gender,
DOB: $scope.DOB,
Mobile: $scope.Mobile,
House_No: $scope.House_No,
Streent_Name: $scope.Streent_Name,
Country: $scope.Country,
Post_Code: $scope.Post_Code,
Occupation: $scope.Occupation,
Account_Number: $scope.Account_Number
};
myService.ApplicationDeatilsCheck(ApplicationDeatils).then(function (pl) {
console.log(pl.data)
if (pl.data) {

//$scope.Account_Number = pl.data.Account_Number;

$scope.msg = "User information is correct !";

};

});


myService.ApplicationCreditScoreCheck(ApplicationDeatils).then(function (p2) {
console.log(p2.data)

if (p2.data) {

//$scope.Account_Number = p2.data.Account_Number;

$scope.msg = "We can offer you £6000";

} else {
$scope.msg = "Application failed !";
console.log("Some error Occured" + err);
}
}, function (err) {
$scope.msg = "Application failed!";
console.log("Some error Occured" + err);
});


} // <-- missing }
}]);



app.service("myService", function ($http) {

this.ApplicationDeatilsCheck = function (ApplicationDeatils) {
return $http.post("http://localhost:52098/HalifaxIISService.svc/CreateCurrentAccountCheck", JSON.stringify(ApplicationDeatils));
}
this.ApplicationCreditScoreCheck = function (ApplicationDeatils) {
return $http.post("http://localhost:52098/HalifaxIISService.svc/cheekCreditScore", JSON.stringify(ApplicationDeatils));
}

});

enter image description here

最佳答案

使用参数的全部目的是避免字符串连接并防止 SQL 注入(inject)。您的代码既传递参数又连接:

SqlCommand cmd = new SqlCommand("SELECT Credit_Score FROM Credit_Score WHERE Account_Number = '" + credit.account_number + "'", cn);
cn.Open();
cmd.Parameters.AddWithValue("Account_Number", credit.account_number);

这显然是错误的,因为您正在传递一个您的查询甚至不知道的参数。

只需将您的代码更改为:

SqlCommand cmd = new SqlCommand("SELECT Credit_Score FROM Credit_Score WHERE Account_Number = @Account_Number", cn);
cn.Open();
cmd.Parameters.AddWithValue("Account_Number", credit.account_number);

关于c# - Angular JS 应用程序因多发布请求而失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48160034/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com