code

code

关注
发信
Bash变量分配无法正常工作
在故事板中定制uitableviewcells
编码 D 触发器的更好方法
如何从我的 xml 文件中删除 BOM 字符
iVars,有和没有自我?
ngFor中使用管道和索引的角度
在前端使用丑陋的 mongodb _ids
我应该使用哪种校验和算法?
Python 2.7中的断言不适用于我的示例assertIn
美丽的汤抛出`IndexError`
typedef NS_ENUM与typedef枚举
为什么不能(完全)应用一个使用其他类型同义词的参数的类型同义词?
使用XQuery的Concat XML节点
理性近似
EasyMock深存根

代码问题VB.NET

扫码查看
本文介绍了代码问题VB.NET的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有问题吗?有时app会显示此短信错误。



谢谢





Where I have a problem please? Sometimes app show me error with this text message.

Thank you


************** Text výjimky **************
System.Data.OleDb.OleDbException (0x80004005): Nespecifikovaná chyba
   v System.Data.OleDb.OleDbConnectionInternal..ctor(OleDbConnectionString constr, OleDbConnection connection)
   v System.Data.OleDb.OleDbConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningObject)
   v System.Data.ProviderBase.DbConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
   v System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
   v System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
   v System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   v System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   v System.Data.ProviderBase.DbConnectionInternal.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
   v System.Data.OleDb.OleDbConnection.Open()
   v LSiMontix.Log.updatelog() v C:\Users\cahafi\Desktop\V2-Solution2\WindowsApplication17\WindowsApplication17\Log.vb:řádek 102
   v LSiMontix.iMontix.Button1_Click(Object sender, EventArgs e) v C:\Users\cahafi\Desktop\V2-Solution2\WindowsApplication17\WindowsApplication17\Form.vb:řádek 537
   v System.Windows.Forms.Control.OnClick(EventArgs e)
   v System.Windows.Forms.Button.OnClick(EventArgs e)
   v System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
   v System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
   v System.Windows.Forms.Control.WndProc(Message& m)
   v System.Windows.Forms.ButtonBase.WndProc(Message& m)
   v System.Windows.Forms.Button.WndProc(Message& m)
   v System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
   v System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
   v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


************** Načtená sestavení **************
mscorlib
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
----------------------------------------
iMontix
    Verze sestavení: 1.0.0.0
    Verze Win32: 1.0.0.0
    Základ kódu (CodeBase): file:///C:/Users/Balen%C3%AD%20NH/Desktop/Debug/iMontix.exe
----------------------------------------
Microsoft.VisualBasic
    Verze sestavení: 10.0.0.0
    Verze Win32: 14.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualBasic/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll
----------------------------------------
System
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Core
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System.Windows.Forms
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Configuration
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
System.Runtime.Remoting
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Runtime.Remoting/v4.0_4.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll
----------------------------------------
System.Data
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_32/System.Data/v4.0_4.0.0.0__b77a5c561934e089/System.Data.dll
----------------------------------------
System.Data.resources
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Data.resources/v4.0_4.0.0.0_cs_b77a5c561934e089/System.Data.resources.dll
----------------------------------------
System.Windows.Forms.resources
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms.resources/v4.0_4.0.0.0_cs_b77a5c561934e089/System.Windows.Forms.resources.dll
----------------------------------------
System.Data.DataSetExtensions
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Data.DataSetExtensions/v4.0_4.0.0.0__b77a5c561934e089/System.Data.DataSetExtensions.dll
----------------------------------------
System.Numerics
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Numerics/v4.0_4.0.0.0__b77a5c561934e089/System.Numerics.dll
----------------------------------------
mscorlib.resources
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/mscorlib.resources/v4.0_4.0.0.0_cs_b77a5c561934e089/mscorlib.resources.dll
----------------------------------------
Accessibility
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Accessibility/v4.0_4.0.0.0__b03f5f7f11d50a3a/Accessibility.dll
----------------------------------------
System.Transactions
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3163.0 built by: NET472REL1LAST_C
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_32/System.Transactions/v4.0_4.0.0.0__b77a5c561934e089/System.Transactions.dll
----------------------------------------
System.EnterpriseServices
    Verze sestavení: 4.0.0.0
    Verze Win32: 4.7.3062.0 built by: NET472REL1
    Základ kódu (CodeBase): file:///C:/Windows/Microsoft.Net/assembly/GAC_32/System.EnterpriseServices/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.EnterpriseServices.dll
----------------------------------------

************** Ladění JIT **************
Aby bylo povoleno ladění JIT, musí konfigurační soubor
pro tuto aplikaci nebo počítač (machine.config) mít
v oddílu system.windows.forms nastavenou hodnotu njitDebugging.
Aplikace rovněž musí být kompilována s povoleným
laděním.

Příklad:

<configuration>
    <system.windows.forms jitDebugging="true" />
</configuration>

Je-li ladění JIT povoleno, budou všechny neošetřené výjimky
odeslány ladicímu programu JIT, který je registrován v počítači,
a nebudou zpracovány tímto dialogovým oknem.





我尝试过的事情:



我不知道是什么错误。 ..........................



这是我的代码:





What I have tried:

I dont known what is wrong. ..........................

here is my code:

Public Shared Sub updatelog()

        Dim formattedDate As String = Date.Today.ToString("dd/MM/yyyy")
        Dim OnlyTime As String = DateTime.Now.ToString("HH:mm:ss")
        Dim cislod As String
        Dim zakazc As String
        Dim stav As String
        Dim ID = iMontix.TextBox6.Text
        Dim kod_operace = iMontix.TextBox8.Text
        Dim smena = iMontix.TextBox5.Text
        Dim provider As String
        Dim dataFile As String
        Dim connString As String
        Dim myConnection As OleDbConnection = New OleDbConnection

        cislod = iMontix.TextBox1.Text
        zakazc = iMontix.TextBox2.Text
        stav = "OK"

        provider = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source ="
        dataFile = "sdf.accdb" ' Change it to your Access Database location
        connString = provider & dataFile
        myConnection.ConnectionString = connString

        myConnection.Open()
        Dim str As String
        str = "INSERT INTO Log ([Číslo dílu], [Zákaznické číslo], [Výsledek], [Datum], [Čas], [ID], [Směna], [Kód operace]) values('" & cislod & "','" & zakazc & "','" & stav & "','" & formattedDate & "','" & OnlyTime & "','" & ID & "','" & smena & "','" & kod_operace & "')"
        Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
        cmd.Parameters.Add(New OleDbParameter("Číslo dílu", CType(cislod, String)))
        cmd.Parameters.Add(New OleDbParameter("Zákaznické číslo", CType(zakazc, String)))
        cmd.Parameters.Add(New OleDbParameter("Výsledek", CType(stav, String)))
        cmd.Parameters.Add(New OleDbParameter("Datum", CType(formattedDate, String)))
        cmd.Parameters.Add(New OleDbParameter("Čas", CType(OnlyTime, String)))
        cmd.Parameters.Add(New OleDbParameter("ID", CType(ID, String)))
        cmd.Parameters.Add(New OleDbParameter("Směna", CType(smena, String)))
        cmd.Parameters.Add(New OleDbParameter("Kód operace", CType(kod_operace, String)))

        cmd.ExecuteNonQuery()
        cmd.Dispose()
        myConnection.Close()
    End Sub

推荐答案

str = "INSERT INTO Log ([Číslo dílu], [Zákaznické číslo], [Výsledek], [Datum], [Čas], [ID], [Směna], [Kód operace]) values('" & cislod & "','" & zakazc & "','" & stav & "','" & formattedDate & "','" & OnlyTime & "','" & ID & "','" & smena & "','" & kod_operace & "')"
Dim cmd As OleDbCommand = New OleDbCommand(str, myConnection)
cmd.Parameters.Add(New OleDbParameter("Číslo dílu", CType(cislod, String)))
cmd.Parameters.Add(New OleDbParameter("Zákaznické číslo", CType(zakazc, String)))
cmd.Parameters.Add(New OleDbParameter("Výsledek", CType(stav, String)))
cmd.Parameters.Add(New OleDbParameter("Datum", CType(formattedDate, String)))
cmd.Parameters.Add(New OleDbParameter("Čas", CType(OnlyTime, String)))
cmd.Parameters.Add(New OleDbParameter("ID", CType(ID, String)))
cmd.Parameters.Add(New OleDbParameter("Směna", CType(smena, String)))
cmd.Parameters.Add(New OleDbParameter("Kód operace", CType(kod_operace, String)))



这不是参数的工作原理。您仍然将参数值直接连接到查询中,这使您的代码容易受到SQL注入。



您的查询应该包含参数占位符。对于MS Access,这是字符:


That's not how parameters work. You're still concatenating the parameter values directly into the query, which leaves your code vulnerable to SQL Injection.

Your query should contain parameter placeholders instead. For MS Access, that's the ? character:

str = "INSERT INTO Log ([Číslo dílu], [Zákaznické číslo], [Výsledek], [Datum], [Čas], [ID], [Směna], [Kód operace]) values(?, ?, ?, ?, ?, ?, ?, ?)"



其余代码保持不变。参数名称无关紧要;你只需要确保按照它们在命令文本中出现的顺序添加它们。



一旦你修复了它,你可能会发现它它也修复了你的未指明的错误。

[]

[]

[]


The rest of the code remains the same. The parameter names don't matter; you just need to make sure you add them in the same order as they appear in the command text.

Once you've fixed that, you'll probably find that it fixes your "unspecified error" too.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]



这篇关于代码问题VB.NET的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-22 21:04
查看更多
Powered by LMLPHP ©2025 code 0.050917