user_update_info.aspx.cs

本程序基于 asp.net 2.0 +sql server 2

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data .SqlClient;

public partial class user_update_info : System.Web.UI.Page
{
    int userid;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["userid"] == null)
            Response.Redirect("~/user/userLogin.aspx?url="+Server .HtmlEncode(Request .RawUrl ));
        else
            userid = Convert.ToInt32(Session["userid"].ToString());

        if (!IsPostBack) lb_message .Text = setValue();
    }

    private string   setValue()
    { 

        string strconn = ConfigurationManager.ConnectionStrings["dsn"].ToString();
        SqlConnection cn = new SqlConnection(strconn);
        string sql = "select  username,question,answer,email,nickname,birthday,qq,msn from users  where userid="+userid;

        try
        {
            cn.Open();
            SqlCommand cm = new SqlCommand(sql, cn);
            SqlDataReader dr = cm.ExecuteReader();

            //如果读到记录，根据用户id取得用户信息
            if (dr.Read())
            {
                lb_username .Text =dr["username"].ToString() ;
                tb_question .Text =dr["question"].ToString();
                tb_answer.Text =dr["answer"].ToString();
                tb_email .Text =dr["email"].ToString();
                tb_nickname .Text =dr["nickname"].ToString();
                tb_qq.Text =dr["qq"].ToString();
                tb_msn .Text =dr["msn"].ToString();
                if(dr["birthday"].ToString ()!="")
               birthday .setDate (Convert .ToDateTime ( dr["birthday"].ToString ()));
                return "";
            }
            else
                return "无信息";

        }
        catch (Exception ex)
        {
            return ex.Message ;
        }
        finally
        {
            cn.Close();
        }
    }

    protected   void   btn_update_Click(object sender, EventArgs e)
    {
        lb_message.Text = updateValue ();
    
    }

    private string updateValue()
    {
        string strconn = ConfigurationManager.ConnectionStrings["dsn"].ToString();
        SqlConnection cn = new SqlConnection(strconn);

        string email = Server.HtmlEncode(tb_email.Text.ToString());
        string question = Server.HtmlEncode(tb_question.Text.ToString());
        string answer = Server.HtmlEncode(tb_answer.Text.ToString());
        string nickname = Server.HtmlEncode(tb_nickname.Text.ToString());
        string qq = Server.HtmlEncode(tb_qq.Text.ToString());
        string msn = Server.HtmlEncode(tb_msn.Text.ToString());
        DateTime shengri = Convert.ToDateTime(birthday.getDate());

        string sql = "update users set email='" + email + "',question='" + question +"', answer='" + answer + "',nickname=N'" + nickname + "',qq='" + qq + "',msn='" + msn + "',birthday='" + shengri + "' where userid= " + userid;
        try
        {
            cn.Open();
            SqlCommand cm = new SqlCommand(sql, cn);
            cm.ExecuteNonQuery();
            return "更新资料成功！";
        }
        catch (SqlException ex)
        {
            return ex.Message;
        }
        finally
        {
            cn.Close();
        }
    
    }
}