需要帮助更新带有复选框的多个记录 [英] need help updating mulitple records w/ Checkboxes
问题描述
你好,
我真的很乐意帮忙! =)
我想要做的是能够使用下拉菜单和复选框更改多个记录的状态
。
我有一个名为ChangeStatus的下拉列表。使用值将
状态更改为待定,已接受,已拒绝,已取消,已完成。
在状态字段中,我旁边有一个复选框当前状态
在。
如果勾选复选框,我希望记录更新为特定的
记录从下拉状态获取新状态,并保持所有其他状态处于当前状态。
目前,我的工作方式是,如果你选中任何一个复选框,
它会将所有记录更新为新状态。
以下是我目前的代码,我会很感激
建议!
------------------------------ -------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------------------------
< form method = QUOT;交" action =" EditMainPageStat.asp?UpdateStat = 1">
<%
如果request.querystring(" UpdateStat")=" 1 QUOT;然后
Response.write"< font color =''red''face =''arial''
size ='''''' >< center>< b>状态已更新。< / b>< / font>< / center>"
ChangeStat = request.form( ChangeStatus)
Dim MyString,MyArray
MyString = request.form(" ChangeStatus")
MyArray =拆分(MyString,",")''分隔符是逗号
对于i = 0到UBound(MyArray)
Dim MyString2,MyArray2
MyString2 = Request.form(" iReqID")
MyArray2 = Split(MyString2,",")''分隔符是逗号
对于x = 0到UBound(MyArray2)
set conn = server.createobject(" adodb.connection")
conn.open data source = xxx; User ID = xxx; Password = xxx;"
sqlstmt =" UPDATE MediaDetail"
sqlstmt = sqlstmt& " SET"'',"
sqlstmt = sqlstmt& " iStatusID =" &安培; MyArray(i)& "''"
sqlstmt = sqlstmt& "在哪里iReqID =" &安培; MyArray2(x)
设置RS = conn.execute(SQLstmt)
下一页
下一页>
否则
结束如果
%>
Response.write"< td class = tx BGCOLOR = QUOT; &安培; clr& ">< font
size =''1''>< center>& nbsp;< input type =''hidden''value =''" &安培; rs1(" iReqID")&
"''name =''iReqId''>< / center>< / td>"
Response.Write"< td class = tx bgColor =" &安培; clr& ">< center>& nbsp;"&
rs1(" StatusDesc")& &&;& nbsp;& nbsp;"
Response.write"< input type =''复选框''name =''s''value =''1''如果
instr(s,''1'')然后Response.Write(''checked'')结束如果>< / center>< / td>"
-------------------------------------------- -------------------------------------------------- -----------------------------------------------
非常感谢你!
Ray
Hello,
I really would apprciate help! =)
What I want to do is be able to change the status of mulitple records
using a drop down and a checkbox.
I have a drop down called "ChangeStatus" with the values to change the
status to Pending, Accepted, Declined, Cancelled, Completed.
In the status field, I have a checkbox next to the current status it
is in.
If I check the checkbox, I want the record to update to that specific
record with the new status from the drop down and keep all other
status in their current state.
Currently, the way I have it working is, if you check any check box,
it will update ALL records to the new status.
Below is what my current code looks like, I would appreciate any
advice!
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
<form method="post" action="EditMainPageStat.asp?UpdateStat=1">
<%
If request.querystring("UpdateStat") = "1" then
Response.write "<font color=''red'' face=''arial''
size=''2''><center><b>Status has been updated.</b></font></center>"
ChangeStat = request.form("ChangeStatus")
Dim MyString, MyArray
MyString = request.form("ChangeStatus")
MyArray = Split(MyString,",") ''the delimiter is the comma
For i = 0 to UBound(MyArray)
Dim MyString2, MyArray2
MyString2 = Request.form("iReqID")
MyArray2 = Split(MyString2,",") ''the delimiter is the comma
For x = 0 to UBound(MyArray2)
set conn=server.createobject("adodb.connection")
conn.open "data Source=xxx;User ID=xxx;Password=xxx;"
sqlstmt = "UPDATE MediaDetail"
sqlstmt = sqlstmt & " SET "'',"
sqlstmt = sqlstmt & "iStatusID=''" & MyArray(i) & "''"
sqlstmt = sqlstmt & " WHERE iReqID=" & MyArray2(x)
Set RS = conn.execute(SQLstmt)
Next
Next
Else
End If
%>
Response.write "<td class=tx bgColor=" & clr & "><font
size=''1''><center> <input type=''hidden'' value=''" & rs1("iReqID") &
"'' name=''iReqId''></center></td>"
Response.Write "<td class=tx bgColor=" & clr & "><center> "&
rs1("StatusDesc") & " "
Response.write "<input type=''checkbox'' name=''s'' value=''1'' if
instr(s,''1'') then Response.Write(''checked'') End If></center></td>"
---------------------------------------------------------------------------------------------------------------------------------------------
Thank you very much!
Ray
推荐答案
bcap写道:
< snip>
我们需要查看服务器正在执行的实际sql语句,而不是
只是用于生成的代码那些陈述。在你的循环中这样做:
Response.Write sqlstmt
并注释掉
设置RS = conn.execute(SQLstmt)
行。
很明显,为什么你要打开一个记录集来执行一个sql
不反复记录的声明?!?将该声明更改为:
conn.execute SQLstmt ,, 129
''129 = 1(adCmdText)+ 128(adExecuteNoRecords)
-
Microsoft MVP - ASP / ASP.NET
请回复新闻组。这个电子邮件帐户是我的垃圾邮件陷阱所以我
不经常检查它。如果您必须离线回复,请删除
无垃圾邮件
bcap wrote:
<snip>
We need to see the actual sql statements being executed by the server, not
just the code used to generate those statements. In your loop do this:
Response.Write sqlstmt
and comment out the
Set RS = conn.execute(SQLstmt)
line.
Incidently, why on earth are you opening a recordset to execute a sql
statement that does not retrive records?!? Change that statement to:
conn.execute SQLstmt,,129
''129 = 1 (adCmdText) + 128 (adExecuteNoRecords)
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don''t check it very often. If you must reply off-line, then remove the
"NO SPAM"
您好,
以下是SQLStmt上的结果:
conn.execute SQLstmt ,, 129
''129 = 1(adCmdText)+ 128(adExecuteNoRecords )
UPDATE MediaDetail SET iStatusID =''99''HEREREID = 34378UPDATE
MediaDetail SET iStatusID =''99''WHERI iReqID = 34371UPDATE MediaDetail
SET iStatusID =''99''在哪里iReqID = 34373UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34375UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34376UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34377UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34372
Hi,
Here is the reults on teh SQLStmt:
conn.execute SQLstmt,,129
''129 = 1 (adCmdText) + 128 (adExecuteNoRecords)
UPDATE MediaDetail SET iStatusID=''99'' WHERE iReqID=34378UPDATE
MediaDetail SET iStatusID=''99'' WHERE iReqID= 34371UPDATE MediaDetail
SET iStatusID=''99'' WHERE iReqID= 34373UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34375UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34376UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34377UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34372
bcap写道:
bcap wrote:
>
以下是SQLStmt上的结果:
conn.execute SQLstmt ,, 129
''129 = 1(adCmdText)+ 128(adExecuteNoRecords)
UPDATE MediaDetail SET iStatusID ='' 99''在哪里iReqID = 34378UPDATE
MediaDetail SET iStatusID =''99''在哪里iReqID = 34371UPDATE MediaDetail
SET iStatusID =''99''WHERE iReqID = 34373UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34375UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34376UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34377UPDATE MediaDetail SET
iStatusID =''99''在哪里iReqID = 34372
Hi,
Here is the reults on teh SQLStmt:
conn.execute SQLstmt,,129
''129 = 1 (adCmdText) + 128 (adExecuteNoRecords)
UPDATE MediaDetail SET iStatusID=''99'' WHERE iReqID=34378UPDATE
MediaDetail SET iStatusID=''99'' WHERE iReqID= 34371UPDATE MediaDetail
SET iStatusID=''99'' WHERE iReqID= 34373UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34375UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34376UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34377UPDATE MediaDetail SET
iStatusID=''99'' WHERE iReqID= 34372
Hmm 。这看起来它正常工作(我本应该在response.writes的末尾放一个
< BR>")。是吗?那些
记录中的所有七个都应该将iStatusIS字段设置为99吗?
我没有看到任何这些语句可以更新数据库表中的所有
记录,除非它只包含那7条记录...
您如何确定所有记录都在更新?
PS。需要考虑的其他要点:
你使用动态sql会让你容易受到使用sql的黑客攻击
注入:
http://mvp.unixwiz.net/techtips/sql-injection.html
< a rel =nofollowhref =http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23target =_ blank> http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
请点击此处查看使用
参数标记执行查询的更好,更安全的方法:
http://groups-beta.google。 com / group / ... e36562fee7804e
就个人而言,我更喜欢使用存储过程,或保存参数查询
as
他们在Access中已知
-
Microsoft MVP - ASP / ASP.NET
请回复新闻组。这个电子邮件帐户是我的垃圾邮件陷阱所以我
不经常检查它。如果您必须离线回复,请删除
无垃圾邮件
Hmm. This looks like it''s working correctly (I should have had you put a
"<BR>" on the end of the response.writes). Is it? Should all seven of those
records be having the iStatusIS field set to ''99''?
I don''t see any way any of these statements could be updating ALL the
records in your database table, unless it contains only those 7 records ...
How are you determining that all the records are getting updated?
PS. Further points to consider:
Your use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/...e36562fee7804e
Personally, I prefer using stored procedures, or saved parameter queries
as
they are known in Access
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don''t check it very often. If you must reply off-line, then remove the
"NO SPAM"
这篇关于需要帮助更新带有复选框的多个记录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!