Je suis confronté à l'erreur de blocage lorsque je mets mes données à jour à partir du logiciel.Processus de transaction - Erreur de blocage
Voici mon code:
private void btn_upd_Click(object sender, EventArgs e)
{
try
{
SqlConnection con = new SqlConnection(Constr);
con.Open();
string myquery = "Select Reg,Rank,Trade,Name,Wing,Father_name,Dob,Gender,Cast,Sect,Serial,Qualification,Tehseel,District,Cnic_No,Blood_Group,Height,Weight,Identification_Mark,Permanent_Add,Nameof_Spouse,Relation,Nameof_MaleKids,image1 from PersonalInfo where Reg='" + txt_srch.Text + "'";
SqlCommand c = new SqlCommand(myquery, con);
SqlDataReader rd = c.ExecuteReader();
if (!(rd.HasRows))
{
MessageBox.Show("No such data to delete");
}
else
{
string query;
query = "update PersonalInfo set Rank='" + textBox2.Text + "', Serial='" + SN.Text + "', Trade='" + textBox3.Text + "',Name='" + textBox4.Text + "',Wing='" + textBox5.Text + "',Father_name='" + textBox6.Text + "',Dob='" + textBox7.Text + "',Gender='" + textBox8.Text + "',Cast='" + textBox9.Text + "',Sect='" + textBox23.Text + "',Qualification='" + textBox10.Text + "',Tehseel='" + textBox24.Text + "',District='" + textBox21.Text + "',Cnic_No='" + textBox11.Text + "',Blood_Group='" + textBox12.Text + "',Height='" + textBox13.Text + "',Weight='" + textBox14.Text + "',Identification_Mark='" + textBox15.Text + "',Permanent_Add='" + textBox16.Text + "',Nameof_Spouse='" + textBox18.Text + "',Relation='" + textBox19.Text + "',Nameof_MaleKids='" + textBox20.Text + "',image1='" + ImageToBase64(pictureBox1.Image, System.Drawing.Imaging.ImageFormat.Jpeg) + "' where Reg='" + txt_srch.Text + "'";
SqlCommand cmd = new SqlCommand(query, con);
cmd.ExecuteNonQuery();
MessageBox.Show("Data Updated");
}
con.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
[SQL alerte d'injection] (http://msdn.microsoft.com/en-us/library/ms161953%28v= sql.105% 29.aspx) - vous ne devez pas ** concaténer ensemble vos instructions SQL - utilisez ** des requêtes paramétrées ** à la place pour éviter l'injection SQL - consultez [Little Bobby Tables] (https://xkcd.com/327 /) –