1,979
社区成员
发帖
与我相关
我的任务
分享oracle 防sql注入问题!!!
strGetUser="SELECT * FROM M_USER WHERE USERNAME=:USERNAME";
DataTable dtlogin = GetDataTable(GetCommand(strGetUser),AppendParameters(":USERNAME",
new object[] { strUserName }));
protected DataTable GetDataTable(OracleCommand cmd, OracleParameter[] cmdParms)
{
using (OracleConnection con = GetConnection())
{
PrepareCommand(cmd, con, null, null, cmdParms);
cmd.Connection = con;
//con.Open();
DataTable dt = new DataTable();
GetAdapter(cmd.CommandText).Fill(dt);
//return后,此处提示ORA-22806: not an object or REF异常
return dt;
}
}
protected OracleDataAdapter GetAdapter(String cmdtext)
{
OracleDataAdapter adp = new OracleDataAdapter(GetCommand(cmdtext).CommandText, GetConnection());
return adp;
}
ORA-22806: not an object or REF是什么情况!!!
DataTable dtlogin = GetDataTable(GetCommand(strGetUser),AppendParameters(":USERNAME",
new object[] { strUserName }));
protected DataTable GetDataTable(OracleCommand cmd, OracleParameter[] cmdParms)
{
using (OracleConnection con = GetConnection())
{
PrepareCommand(cmd, con, null, null, cmdParms);
cmd.Connection = con;
//con.Open();
DataTable dt = new DataTable();
GetAdapter(cmd.CommandText).Fill(dt);
//return后,此处提示ORA-22806: not an object or REF异常
return dt;
}
}
protected OracleDataAdapter GetAdapter(String cmdtext)
{
OracleDataAdapter adp = new OracleDataAdapter(GetCommand(cmdtext).CommandText, GetConnection());
return adp;
}
ORA-22806: not an object or REF是什么情况!!!
...全文
请发表友善的回复…
发表回复
ycproc 2012-11-15
- 打赏
- 举报
YD_xl 2012-11-15
- 打赏
- 举报
仍然不明白,是不是OracleDataAdapter的结果不能填充到DataTable里。。。。。。。。。。
hujiiori 2012-11-15
- 打赏
- 举报
ORA-22806:
not an object or REF
Cause: An attempt was made to extract an attribute from an item that is neither an object nor a REF.
Action: Use an object type or REF type item and retry the operation.
