Lawrence Blog

由於使用NET FTP 會出現中文檔名下載回來後變亂碼的問題，因此改用WIN32的API來完成檔案的上傳下載及查詢

利用參數傳遞來執行SQL可有效的阻絕 SQL injection string strSQL = "select * from AdminSystem Where AdminID=@AdminID and AdminPwd=@AdminPwd"; string ConnString = ConfigurationManager.ConnectionStrings["SQLConnectionString"].ToString(); conn = new SqlConnection(ConnString); cmd = new SqlCommand(); conn.Open(); cmd.Connection = conn; cmd.Parameters.Add("@AdminID", SqlDbType.NVarChar, 50); cmd.Parameters.Add("@AdminPwd", SqlDbType.NVarChar, 50); cmd.Parameters[0].Value = txtID.Text; cmd.Parameters[1].Value = txtPwd.Text; cmd.CommandText = strSQL; SqlDataReader dr = cmd.ExecuteReader();

當DataSource寫在 .aspx 時顯示分頁功能一切正常，但將DataSource寫到 .CS程式端的時候就發生分頁錯亂的問題，追究原因出在PageLoad階段反應太慢，必須改到Page_PreRender即可解決此怪異問題 protected void Page_PreRender(object sender, EventArgs e) { //if (!IsPostBack)//不可以加這句 { SqlDataSource sqlDataSource1 = new SqlDataSource(); sqlDataSource1.ConnectionString = ConfigurationManager.ConnectionStrings["SQLConnectionString1"].ToString(); sqlDataSource1.SelectCommand = "select * from 預存程序 "; ListView1.DataSource = sqlDataSource1; ListView1.DataBind(); } }

後端網頁代碼.cs protected System.Web.UI.WebControls.Button bt; protected System.Web.UI.WebControls.FileUpload fu; private void Page_Load(object sender, System.EventArgs e) { //根據網址列參數產生上傳檔案物件 if (Request["Type"] != null && Information.IsNumeric(Request["Type"]) && Convert.ToInt32(Request["Type"]) >= 1 && Convert.ToInt32(Request["Type"]) <= 3) { for (int i = 1; i <= Convert.ToInt32(Request["Type"]); i++) { System.Web.UI.WebControls.PlaceHolder objPlaceHolder = (System.Web.UI.WebControls.PlaceHolder)this.FindControl(string.Format("PlaceHolder{0}", i)); fu = new FileUpload(); fu.ID = string.Format("FileUpload{0}", i); objPlaceHolder.Controls.Add(fu); } //產生按鈕及宣告按鈕事件 bt = new Button(); bt.Click += new System.EventHandler(this.Button_Click); PlaceHolder1.Controls.Add(bt);

Access對於SQL的語法較為嚴謹， Num1 && Amt9 兩個欄位型態為數值，請注意以下差別 --使用Access Num1 & Amt9 兩個欄位型態為數值 select [name],dept,a.* from GDEPTF d right join ( select left(dept,2) as SQ1, sum(num1) as N1 from GPRSNF where yy='097' and (num1<>0 or amt9<>0) group by left(dept,2) ) a on a.SQ1=left(d.dept,2) where right(d.dept,3)='000' --使用SQL Server 型態方式寫成字串一樣可以執行 select [name],dept,a.* from GDEPTF d right join ( select left(dept,2) as SQ1, sum(num1) as N1 from GPRSNF where yy='097' and (num1<>'0' or amt9<>'0') group by left(dept,2) ) a on SQ1=left(d.dept,2) and right(dept,3)='000'

Request.Url.PathAndQuery; //取得虛擬路徑包含參數 /Home/test.aspx?para=1&2=b Request.FilePath; //取得虛擬路徑不包含參數 /Home/test.aspx Request.ServerVariables.Get("INSTANCE_ID") //取得IIS網站索引值 Request.ServerVariables["PATH_INFO"] ==> //取得目前頁面路徑，如：/Exam/main.asp 不含參數 Request.ServerVariables["HTTP_URL"] ==> //取得目前頁面路徑，如：/Exam/main.asp?d=1 含參數 Request.Servervariables["Script_Name"] ==> //取得目前頁面路徑，如：/Exam/main.asp Request.Servervariables["PATH_TRANSLATED"] ==> //取得實體路徑，如：D:/sss/exa/main.asp Request.Servervariables["SERVER_NAME"] ==> //取得Server主機名稱 Request.Servervariables["SERVER_PORT"] ==> //取得目前網頁通訊Port Resqest.ServerVariables["Http_Accept_Language"] ==> //IE瀏覽器語系，如en-US,zh-tw;q=0.5 Resqest.ServerVariables["APPL_PHYSICAL_PATH"] ==> //網站跟目錄D:\My\HomeResqest.ServerVariables["HTTP_COOKIE"] ==> //取得所有Cookies Request.ServerVariables["REMOTE_ADDR"] ==> //取得Clie

使用Dundas Mail套件發送郵件，此處以中華電信SMTP為例 '建立元件 Set objMail = Server.CreateObject("Dundas.Mailer") objMail.SMTPRelayServers.Add "msa.hinet.net" 'SMTP server objmail.HtmlBodyCharSet = "big5" objMail.Subject = "信件主旨" objMail.FromName = "寄件者姓名" objMail.FromAddress = "寄件者地址" strTo = my15 '收件者地址,可add多組 objMail.TOs.Add strTo objMail.CCs.add "副本收件者地址" '可add多組. objMail.htmlBody = "以HTML格式發送內容" On Error Resume Next '錯誤處理error objMail.SendMail '寄出sending '-check sending email is success or failure--------- If Err.Number <> 0 Then errmail = "寄送郵件發生錯誤 : "& Err.Description Else errmail = "確認郵件已成功寄送到 : "& strTo End If

過濾重複值得SQL語法為 Distinct ，但必須為全部欄位都相符才會過濾出，要是遇到如下圖有一欄位值不同則會全部的資料都過顯示出來，因此必須採用別種方法將資料過濾出來，主要我要將Class欄位內重複值且Show值為 Y 的值過濾出來