个人中心
gpt4 book ai didi

c# - Angular JS 应用程序因多发布请求而失败

转载 作者:行者123 更新时间:2023-11-30 17:31:17 25 4
gpt4 key购买 nike

我正在使用来自 AngularJs 应用程序的 WCF 服务。我正在向该服务发布多个请求。有了这个请求,我正在检查用户信息。

这是抛出错误的服务:

public bool cheekCreditScore(Credit_Crad credit)
{

    int i = 600;
    int j = 700;

    SqlConnection cn = new SqlConnection(ConnectionString);

    SqlCommand cmd = new SqlCommand("SELECT Credit_Score FROM Credit_Score WHERE Account_Number = '" + credit.account_number + "'", cn);
    cn.Open();
    cmd.Parameters.AddWithValue("Account_Number", credit.account_number);
    var value = cmd.ExecuteScalar();
    var da = new SqlDataAdapter(cmd);
    DataTable tbl = new DataTable();
    da.Fill(tbl);

    if (tbl.Rows.Count == 0)
    {
        //message = ("Account  is not exist Under this Name");
        return true;

    }
    else if ((Convert.ToDouble(i) < Convert.ToDouble(value)) && (Convert.ToDouble(value) <= Convert.ToDouble(j)))
    {

        // message = "Application Successful We can offer you " + Value1 + "Pound";
        return true;

    }

    else
    {
        // message = "Your application is unsuccessfull ";
        return false;

    }
    //return false;

}

这些是我遇到的错误: enter image description here

这是 Angular JS Web 应用程序中的脚本代码,这是我向 Wcf Rest 服务发布多请求。 

var app = angular.module("WebClientModule", [])
    .controller('Web_Client_Controller', ["$scope", 'myService', function ($scope, myService) {

        $scope.OperType = 1;

        //1 Mean New Entry  

        //To Clear all input controls.  
        function ClearModels() {
            $scope.OperType = 1;
            $scope.Tittle = "";
            $scope.First_Name = "";
            $scope.Last_Name = "";
            $scope.Gender = "";
            $scope.DOB = "";
            $scope.Mobile = "";
            $scope.House_No = "";

            $scope.Streent_Name = "";
            $scope.Country = "";
            $scope.Post_Code = "";
            $scope.Occupation = "";

            $scope.Account_Number = "";
        }
        $scope.CeditCardApplication = function () {
            var ApplicationDeatils = {
                Tittle: $scope.Tittle,
                First_Name: $scope.First_Name,
                Last_Name: $scope.Last_Name,
                Gender: $scope.Gender,
                DOB: $scope.DOB,
                Mobile: $scope.Mobile,
                House_No: $scope.House_No,
                Streent_Name: $scope.Streent_Name,
                Country: $scope.Country,
                Post_Code: $scope.Post_Code,
                Occupation: $scope.Occupation,
                Account_Number: $scope.Account_Number
            };
            myService.ApplicationDeatilsCheck(ApplicationDeatils).then(function (pl) {
                console.log(pl.data)
                if (pl.data) {

                    //$scope.Account_Number = pl.data.Account_Number;

                    $scope.msg = "User information is correct  !";                    

                        };

            }); 


            myService.ApplicationCreditScoreCheck(ApplicationDeatils).then(function (p2) {
                console.log(p2.data)

                if (p2.data) {

                    //$scope.Account_Number = p2.data.Account_Number;

                    $scope.msg = "We can offer you £6000";

                } else {
                    $scope.msg = "Application failed !";
                    console.log("Some error Occured" + err);
                }
            }, function (err) {
                $scope.msg = "Application failed!";
                console.log("Some error Occured" + err);
            });


        } // <-- missing }
    }]);



app.service("myService", function ($http) {

    this.ApplicationDeatilsCheck = function (ApplicationDeatils) {
        return $http.post("http://localhost:52098/HalifaxIISService.svc/CreateCurrentAccountCheck", JSON.stringify(ApplicationDeatils));
    }
    this.ApplicationCreditScoreCheck = function (ApplicationDeatils) {
        return $http.post("http://localhost:52098/HalifaxIISService.svc/cheekCreditScore", JSON.stringify(ApplicationDeatils));
    }

});

enter image description here

最佳答案

使用参数的全部目的是避免字符串连接并防止 SQL 注入(inject)。您的代码既传递参数又连接:

SqlCommand cmd = new SqlCommand("SELECT Credit_Score FROM Credit_Score WHERE Account_Number = '" + credit.account_number + "'", cn);
cn.Open();
cmd.Parameters.AddWithValue("Account_Number", credit.account_number);

这显然是错误的,因为您正在传递一个您的查询甚至不知道的参数。

只需将您的代码更改为:

SqlCommand cmd = new SqlCommand("SELECT Credit_Score FROM Credit_Score WHERE Account_Number = @Account_Number", cn);
cn.Open();
cmd.Parameters.AddWithValue("Account_Number", credit.account_number);

关于c# - Angular JS 应用程序因多发布请求而失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48160034/

25 4 0
文章推荐: javascript - 母版页和内容页上的多个 ScriptManager
文章推荐: c - 如何获得一个数的有符号补码?
文章推荐: javascript - Casper JS 运行方法提前触发
文章推荐: c - 在多进程系统中使用 SQLAllocHandle(SQL_HANDLE_ENV, ...)
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com