【发布时间】:2016-05-28 16:42:33
【问题描述】:
在下面的代码中,我得到了以下错误。
“System.ArgumentOutOfRangeException”类型的异常发生在 mscorlib.dll 但未在用户代码中处理
附加信息:索引超出范围。必须是非负数 并且小于集合的大小。
代码:
protected void Page_Load(object sender, EventArgs e)
{
Prid.Text = Request.QueryString[0];
using (SqlConnection connection = ConnectionManager.GetConnection())
{
string cmd = "SELECT ImageColor, Quantity, ProductName, Price, ScreenSize, ScreenType, Processor, Internal_Memory, Ram, SD_Card, Camera, Bettery From Mobtabspecifications WHERE Mobtabspecifications.Prid ='" + Prid.Text+"'";
SqlCommand command = new SqlCommand(cmd, connection);
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
img.ImageUrl = "../image/"+ reader[0] as string;
Quantity.Text = reader[1] as string;
PrName.Text = reader[2] as string;
PrPrice.Text = reader[3] as string;
SSize.Text = reader[4] as string;
SType.Text = reader[5] as string;
Prpower.Text = reader[6] as string;
Intmemory.Text = reader[7] as string;
Ram.Text = reader[8] as string;
sdcard.Text = reader[9] as string;
Camera.Text = reader[10] as string;
Bettery.Text = reader[11] as string;
break;
}
}
}
如果我想在那之后激活产品并且我需要通过 id 将产品设置在购物篮中如果有人对此有任何想法,请在评论中告诉我
【问题讨论】:
-
Request.QueryString 不包含元素
-
请删除不相关的 SQL 注入样本,因为它会使帖子看起来很糟糕。
-
您传递给此页面的查询字符串是什么?通过避免字符串连接来防止 SQL 注入,使用参数化查询。参考bobby-tables.com