Form值

Form值

关注
发信
关注(28)粉丝(399)

从客户端检测到潜在危险的Request.Form值(txtAnsDesc =“"”)。

本文介绍了从客户端检测到潜在危险的Request.Form值(txtAnsDesc =“&quot;”)。的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧! 问题描述 从客户端检测到潜在危险的Request.Form值(txtAnsDesc =< br>)。 描述:请求验证检测到潜在危险的客户端输入值,并且请求的处理已中止。此值可能表示尝试破坏应用程序的安全性,例如跨站点脚本攻击。要允许页面覆盖应用程序请求验证设置,请将httpRuntime配置部分中的requestValidationMode属性设置为requestValidationMode =2.0。示例:< httpRuntime requestValidationMode =2.0/>。设置此值后,您可以通过在Page指令或< pages>中设置validateRequest =false来禁用请求验证。配置部分。但是,强烈建议您的应用程序在这种情况下明确检查所有输入。有关详细信息,请参阅http://go.microsoft.com/fwlink/?LinkId=153133。 我的代码如下: <%@ 页 语言 = C# AutoEventWireup = true ValidateRequest = false 调试 = true %> < !DOCTYPE html PUBLIC - // W3C // DTD XHTML 1.0 Transitional // EN http://www.w3.org/ TR / xhtml1 / DTD / xhtml1-transitional.dtd > <%@ 导入 命名空间 = System.Data %> <%@ 导入 命名空间 = System.Data.Sql %> <% @ 导入 命名空间 = System.Data.SqlClient %> < script runat = server 语言 = c# > ; 受保护 void Button2_Click( object sender,EventArgs e) { } protected void Button1_Click( object sender,EventArgs e) { SqlDataAdapter da ; DataSet ds; SqlConnection CON = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings [ ApplicationServices]。ConnectionString); SqlTransaction tr = null ; CON.Open(); ds = new DataSet(); string sql = select * from answer ; da = new SqlDataAdapter(sql,CON); da.Fill(ds, answer); int r = 0 ; DataRow [] rs; rs = ds.Tables [ answer]。选择( ansid =' + txtAnsID.Text.Trim()+ '); r = rs.Length; if (r > 0 ) { System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label(); lbl1.ForeColor = System.Drawing.Color.Yellow; lbl1.BackColor = System.Drawing.Color.Blue; lbl1.Text = 此答案ID + txtAnsID.Text.Trim()+ 已存在; ph1.Controls.Add(lbl1); } else { tr = CON.BeginTransaction(); 尝试 { SqlCommand cmd = new SqlCommand( 插入答案(sid,aid,cid,qid,ansid,ansdesc,class)值(@ sid,@ aid,@ CID,@ QID,@ ansid,@ ansdesc,@类)); cmd.Transaction = tr; cmd.Parameters.AddWithValue( @ sid,ddSid.SelectedItem.Text.Trim ()); cmd.Parameters.AddWithValue( @ aid,ddAid.SelectedItem.Text.Trim ()); cmd.Parameters.AddWithValue( @ cid,ddCid.SelectedItem.Text.Trim ()); cmd.Parameters.AddWithValue( @ qid,ddQid.SelectedItem.Text.Trim ()); cmd.Parameters.AddWithValue( @ ansid,txtAnsID.Text.Trim() ); cmd.Parameters.AddWithValue( @ qname,txtAnsDesc.Text.Trim() ); cmd.Parameters.AddWithValue( @ class,ddClass.SelectedItem.Text.Trim ()); cmd.Connection = CON; cmd.ExecuteNonQuery(); tr.Commit(); try { System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label(); lbl1.ForeColor = System.Drawing.Color.Yellow; lbl1.BackColor = System.Drawing.Color.Blue; lbl1.Text = 答案是成功的; ph1.Controls.Add(lbl1); } catch (例外情况) { // Response.Write(ex.Message); } } catch (Exception ex) { // 响应。写(+ ex); // tr.Rollback(); } finally { CON.Close(); } } } 受保护 void Page_Load( object sender,EventArgs e) { } < / script > < html xmlns = http://www.w3.org/1999/xhtml > < head id = Head1 runat = server > < title > < / title > < style type = text / css > 。 style1 { width : 100%; border : 50px solid#008000; } 。 style2 { width : 100%; border : 25px solid#FF00FF ; } # ta1 { width : 947px; height : 386px; } 。 style3 {} 。 style4 { height : 23px; } 。 style5 { height : 23px; } < / style > < / head > < 正文 > < script src = nicEdit.js 类型 = text / javascript > < / script > < script type = text / javascript > bkLib.onDomLoaded( function (){ // new nicEditor()。panelInstance('area1'); // new nicEditor({fullPanel:true})。panelInstance('area2'); // new nicEditor({iconsPath:'.. / nicEditorIcons.gif'})。panelInstance('area3'); // new nicEditor({buttonList:['fontSize','bold','italic ','强调','strikeThrough','下标','上标','html','image']})。panelInstance('area4'); new nicEditor({maxHeight: 400 })。panelInstance(' txtAnsDesc'); }); < / script > < 表格 id = form1 runat = server > < div align = center > < table class = style1 > < tr > < td > < / td > < / tr > < tr > < td > < / td > < / tr > < tr > < td > < / td > < / tr > < tr > < td > < table class = style2 > < tr > < td > < / td > < td > < / td > < td class = style3 > < / td > < td > < / td > < td > < / td > < td > < / td > < td > < / td > < / tr > < tr > < td > < / td > < td > 主题ID < / td > ; < td class = style3 > 作者ID < / td > < td > 章节ID < / td > < td > 问题ID < / td > < td > 类< / td > < td > < / td > < / tr > < tr > < td > < / td > < td > < asp:DropDownList ID = ddSid runat = server AutoPostBack = True DataSourceID = SqlDataSource1 DataTextField = sid DataValueField = sid > < / asp:DropDownList > < asp:SqlDataSource ID = SqlDataSource1 runat = server ConnectionString = <% $ ConnectionStrings:ApplicationServices %> SelectCommand = SELECT * FROM [subject] > < / asp:SqlDataSource > < / td > < td class = style3 > < asp:DropDownList ID = ddAid runat = server AutoPostBack=\"True\" DataSourceID=\"SqlDataSource2\" DataTextField=\"aid\" DataValueField=\"aid\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource2\" runat=\"server\" ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SELECT * FROM [author] WHERE ([sid] = @sid)\"> <SelectParameters> <asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\" PropertyName=\"SelectedValue\" Type=\"String\" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID=\"ddCid\" runat=\"server\" AutoPostBack=\"True\" DataSourceID=\"SqlDataSource3\" DataTextField=\"cid\" Da taValueField=\"cid\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource3\" runat=\"server\" ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))\"> <SelectParameters> <asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\" PropertyName=\"SelectedValue\" Type=\"String\" /> <asp:ControlParameter ControlID=\"ddAid\" DefaultValue=\"-99\" Name=\"aid\" PropertyName=\"SelectedValue\" Type=\"String\" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID=\"ddQid\" runat=\"server\" AutoPostBack=\"True\" DataSourceID=\"SqlDataSource4\" DataTextField=\"qid\" DataValueField=\"qid\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource4\" runat=\"server\" ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SELECT * FROM [question] WHERE (([sid] = @sid) AND ([aid] = @aid) AND ([cid] = @cid))\"> <SelectParameters> <asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\" PropertyName=\"SelectedValue\" Type=\"String\" /> <asp:ControlParameter ControlID=\"ddAid\" DefaultValue=\"-99\" Name=\"aid\" PropertyName=\"SelectedValue\" Type=\"String\" /> <asp:ControlParameter ControlID=\"ddCid\" DefaultValue=\"-99\" Name=\"cid\" PropertyName=\"SelectedValue\" Type=\"String\" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID=\"ddClass\" runat=\"server\" AutoPostBack=\"True\" DataSourceID=\"SqlDataSource5\" DataTextField=\"class_name\" DataValueField=\"class_name\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource5\" runat=\"server\" ConnectionString=\"<%$ ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SE LECT * FROM [class]\"></asp:SqlDataSource> </td> <td>  </td> </tr> <tr> <td class=\"style4\"> </td> <td class=\"style4\"> </td> <td class=\"style5\"> </td> <td class=\"style4\"> </td> <td clas s=\"style4\"> </td> <td class=\"style4\"> </td> <td class=\"s tyle4\"> </td> </tr> <tr> <td class=\"style4\">  </td> <td class=\"style4\">  </td> <td class=\"style5\" colspan=\"3\"> <asp:PlaceHolder ID=\"ph1\" runat=\"server\"></asp:PlaceHolder> </td> <td class=\"style4\"> </td> <td class=\"style4\">  </td> </tr> <tr> <td class=\"style4\"> </td> <td class=\"style4\"> </td> <td class=\"style4\"> </td> <td class=\"style4\"> </td> <td class=\"style4 \"> </td> <td class=\"style4\"> </td> <td class=\"style4\"> </td> </tr> <tr> <td>  </td> <td> Answer ID</td> <td class=\"style3\"> <asp:TextBox ID=\"txtAnsID\" runat=\"server\" Width=\"151px\"></asp:TextBox> </td> <td>  </td> <td>  </td> < td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td align=\"left\" colspan=\"6\"> <asp:TextBox ID=\"txtAnsDesc\" runat=\"server\" Height=\"120px\" TextMode=\"MultiLine\" Width=\"937px\"></asp:TextBox> </td> </tr> <tr> <td>  </td> <td>  </td> <td class=\"style3\">  </td> <td>  </td> <td>  </td> <td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td class=\"style3\" colspan=\"3\"> <asp:Button ID=\"Button1\" runat=\"server\" Text=\"Submit\" Width=\"156px\" onclick=\"Button1_Click\" />           <asp:Button ID=\"Button2\" runat=\"server\" Text=\"Search\" Width=\"156px\" onclick=\"Button2_Click\" />           <asp:Button ID=\"Button3\" runat=\"server\" Text=\"Update\" Width=\"156px\" /> <asp:Button ID=\"Button4\" runat=\"server\" Text=\"Delete\" Width=\"156px\" />          <asp:Button ID=\"Button5\" runat=\"server\" Text=\"Clear\" Width=\"156px\" /> </td> <td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td>  </td> <td class=\"style3\">   </td> <td>  </td> <td>  </td> <td>  </td> <td>  </td> </tr> </table> </td> </tr> <tr> <td>  </td> </tr> <tr> <td>  </td> </tr> <tr> <td>  </td> </tr> </table> </div> </form> </body> </html> 解决方案 ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SELECT * FROM [subject]\"></asp:SqlDataSource> </td> <td class=\"style3\"> <asp:DropDownList ID=\"ddAid\" runat=\"server\" AutoPostBack=\"True\" DataSourceID=\"SqlDataSource2\" DataTextField=\"aid\" DataValueField=\"aid\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource2\" runat=\"server\" ConnectionString=\"<%ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SELECT * FROM [author] WHERE ([sid] = @sid)\"> <SelectParameters> <asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\" PropertyName=\"SelectedValue\" Type=\"String\" /> </SelectParameters> </asp:SqlDataSource> &l t;/td> <td> <asp:DropDownList ID=\"ddCid\" runat=\"server\" AutoPostBack=\"True\" DataSourceID=\"SqlDataSource3\" DataTextField=\"cid\" DataValueField=\"cid\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource3\" runat=\"server\" ConnectionString=\"<%ConnectionStrings:ApplicationServices %>\" SelectCommand=\"SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))\"> <SelectParameters> <asp:ControlParameter ControlID=\"ddSid\" DefaultValue=\"-99\" Name=\"sid\" PropertyName=\"SelectedValue\" Type=\"String\" /> <asp:ControlParameter ControlID=\" ddAid\" DefaultValue=\"-99\" Name=\"aid\" PropertyName=\"SelectedValue\" Type=\"String\" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID=\"ddQid\" runat=\"server\" AutoPostBack=\"True\" DataSourceID=\"SqlDataSource4\" DataTextField=\"qid\" DataValueField=\"qid\"> </asp:DropDownList> <asp:SqlDataSource ID=\"SqlDataSource4\" runat=\"server\" ConnectionString=\"<%A potentially dangerous Request.Form value was detected from the client (txtAnsDesc="<br>"). Description: Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode="2.0". Example: <httpRuntime requestValidationMode="2.0" />. After setting this value, you can then disable request validation by setting validateRequest="false" in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133. My Code is given below<%@ Page Language="C#" AutoEventWireup="true" ValidateRequest="false" Debug="true" %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><%@Import Namespace="System.Data"%><%@Import Namespace="System.Data.Sql"%><%@Import Namespace="System.Data.SqlClient"%><script runat="server" language="c#"> protected void Button2_Click(object sender, EventArgs e) { } protected void Button1_Click(object sender, EventArgs e) { SqlDataAdapter da; DataSet ds; SqlConnection CON = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString); SqlTransaction tr = null; CON.Open(); ds = new DataSet(); string sql = "select * from answer"; da = new SqlDataAdapter(sql, CON); da.Fill(ds, "answer"); int r = 0; DataRow[] rs; rs = ds.Tables["answer"].Select("ansid='" + txtAnsID.Text.Trim() + "'"); r = rs.Length; if (r > 0) { System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label(); lbl1.ForeColor = System.Drawing.Color.Yellow; lbl1.BackColor = System.Drawing.Color.Blue; lbl1.Text = "This Answer ID " + txtAnsID.Text.Trim() + " Already Exist"; ph1.Controls.Add(lbl1); } else { tr = CON.BeginTransaction(); try { SqlCommand cmd = new SqlCommand("insert into answer (sid,aid,cid,qid,ansid,ansdesc,class) values (@sid,@aid,@cid,@qid,@ansid,@ansdesc,@class)"); cmd.Transaction = tr; cmd.Parameters.AddWithValue("@sid", ddSid.SelectedItem.Text.Trim()); cmd.Parameters.AddWithValue("@aid", ddAid.SelectedItem.Text.Trim()); cmd.Parameters.AddWithValue("@cid", ddCid.SelectedItem.Text.Trim()); cmd.Parameters.AddWithValue("@qid", ddQid.SelectedItem.Text.Trim()); cmd.Parameters.AddWithValue("@ansid", txtAnsID.Text.Trim()); cmd.Parameters.AddWithValue("@qname", txtAnsDesc.Text.Trim()); cmd.Parameters.AddWithValue("@class", ddClass.SelectedItem.Text.Trim()); cmd.Connection = CON; cmd.ExecuteNonQuery(); tr.Commit(); try { System.Web.UI.WebControls.Label lbl1 = new System.Web.UI.WebControls.Label(); lbl1.ForeColor = System.Drawing.Color.Yellow; lbl1.BackColor = System.Drawing.Color.Blue; lbl1.Text = "The Answer is entred SUCCESSFULLY"; ph1.Controls.Add(lbl1); } catch (Exception ex) { //Response.Write(ex.Message); } } catch (Exception ex) { //Response.Write("" + ex); //tr.Rollback(); } finally { CON.Close(); } } } protected void Page_Load(object sender, EventArgs e) { }</script><html xmlns="http://www.w3.org/1999/xhtml"><head id="Head1" runat="server"> <title></title> <style type="text/css"> .style1 { width: 100%; border: 50px solid #008000; } .style2 { width: 100%; border: 25px solid #FF00FF; } #ta1 { width: 947px; height: 386px; } .style3 { } .style4 { height: 23px; } .style5 { height: 23px; } </style></head><body><script src="nicEdit.js" type="text/javascript"></script><script type="text/javascript"> bkLib.onDomLoaded(function () { //new nicEditor().panelInstance('area1'); //new nicEditor({fullPanel : true}).panelInstance('area2'); //new nicEditor({iconsPath : '../nicEditorIcons.gif'}).panelInstance('area3'); //new nicEditor({buttonList : ['fontSize','bold','italic','underline','strikeThrough','subscript','superscript','html','image']}).panelInstance('area4'); new nicEditor({ maxHeight: 400 }).panelInstance('txtAnsDesc'); });</script> <form id="form1" runat="server"> <div align="center"> <table class="style1"> <tr> <td>  </td> </tr> <tr> <td>  </td> </tr> <tr> <td>  </td> </tr> <tr> <td> <table class="style2"> <tr> <td>  </td> <td>  </td> <td class="style3">  </td> <td>  </td> <td>  </td> <td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td> Subject ID</td> <td class="style3"> Author ID</td> <td> Chapter ID</td> <td> Question ID</td> <td> Class</td> <td>  </td> </tr> <tr> <td>  </td> <td> <asp:DropDownList ID="ddSid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource1" DataTextField="sid" DataValueField="sid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [subject]"></asp:SqlDataSource> </td> <td class="style3"> <asp:DropDownList ID="ddAid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource2" DataTextField="aid" DataValueField="aid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource2" runat="server" ConnectionString="<%$ ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [author] WHERE ([sid] = @sid)"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddCid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource3" DataTextField="cid" DataValueField="cid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource3" runat="server" ConnectionString="<%$ ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> <asp:ControlParameter ControlID="ddAid" DefaultValue="-99" Name="aid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddQid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource4" DataTextField="qid" DataValueField="qid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource4" runat="server" ConnectionString="<%$ ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [question] WHERE (([sid] = @sid) AND ([aid] = @aid) AND ([cid] = @cid))"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> <asp:ControlParameter ControlID="ddAid" DefaultValue="-99" Name="aid" PropertyName="SelectedValue" Type="String" /> <asp:ControlParameter ControlID="ddCid" DefaultValue="-99" Name="cid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddClass" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource5" DataTextField="class_name" DataValueField="class_name"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource5" runat="server" ConnectionString="<%$ ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [class]"></asp:SqlDataSource> </td> <td>  </td> </tr> <tr> <td class="style4"> </td> <td class="style4"> </td> <td class="style5"> </td> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> </tr> <tr> <td class="style4">  </td> <td class="style4">  </td> <td class="style5" colspan="3"> <asp:PlaceHolder ID="ph1" runat="server"></asp:PlaceHolder> </td> <td class="style4">  </td> <td class="style4">  </td> </tr> <tr> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> <td class="style4"> </td> </tr> <tr> <td>  </td> <td> Answer ID</td> <td class="style3"> <asp:TextBox ID="txtAnsID" runat="server" Width="151px"></asp:TextBox> </td> <td>  </td> <td>  </td> <td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td align="left" colspan="6"> <asp:TextBox ID="txtAnsDesc" runat="server" Height="120px" TextMode="MultiLine" Width="937px"></asp:TextBox> </td> </tr> <tr> <td>  </td> <td>  </td> <td class="style3">  </td> <td>  </td> <td>  </td> <td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td class="style3" colspan="3"> <asp:Button ID="Button1" runat="server" Text="Submit" Width="156px" onclick="Button1_Click" />          <asp:Button ID="Button2" runat="server" Text="Search" Width="156px" onclick="Button2_Click" />          <asp:Button ID="Button3" runat="server" Text="Update" Width="156px" /> <asp:Button ID="Button4" runat="server" Text="Delete" Width="156px" />         <asp:Button ID="Button5" runat="server" Text="Clear" Width="156px" /> </td> <td>  </td> <td>  </td> </tr> <tr> <td>  </td> <td>  </td> <td class="style3">   </td> <td>  </td> <td>  </td> <td>  </td> <td>  </td> </tr> </table> </td> </tr> <tr> <td>  </td> </tr> <tr> <td>  </td> </tr> <tr> <td>  </td> </tr> </table> </div> </form></body></html> 解决方案 ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [subject]"></asp:SqlDataSource> </td> <td class="style3"> <asp:DropDownList ID="ddAid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource2" DataTextField="aid" DataValueField="aid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource2" runat="server" ConnectionString="<%ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [author] WHERE ([sid] = @sid)"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddCid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource3" DataTextField="cid" DataValueField="cid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource3" runat="server" ConnectionString="<%ConnectionStrings:ApplicationServices %>" SelectCommand="SELECT * FROM [chapter] WHERE (([sid] = @sid) AND ([aid] = @aid))"> <SelectParameters> <asp:ControlParameter ControlID="ddSid" DefaultValue="-99" Name="sid" PropertyName="SelectedValue" Type="String" /> <asp:ControlParameter ControlID="ddAid" DefaultValue="-99" Name="aid" PropertyName="SelectedValue" Type="String" /> </SelectParameters> </asp:SqlDataSource> </td> <td> <asp:DropDownList ID="ddQid" runat="server" AutoPostBack="True" DataSourceID="SqlDataSource4" DataTextField="qid" DataValueField="qid"> </asp:DropDownList> <asp:SqlDataSource ID="SqlDataSource4" runat="server" ConnectionString="<% 这篇关于从客户端检测到潜在危险的Request.Form值(txtAnsDesc =“&quot;”)。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!
09-26 01:45
Powered by LMLPHP ©2024 Form值 0.002482