无法获得多个列表框选择的记录。 [英] Unable to get record on multiple selection of listbox.

查看:71
本文介绍了无法获得多个列表框选择的记录。的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

i have a listbox and gridview,if i made multple selection of item of listbox , data of last item show only ..i want to  show record of all selected item of listbox





我的尝试:





What I have tried:

protected void searchname_date()
{

    if (ListBox1.Items.Count > 0)
    {
        for (int i = 0; i < ListBox1.Items.Count; i++)
        {
            if (ListBox1.Items[i].Selected)
            {
                string selectedItem = ListBox1.Items[i].Text;

                SqlConnection cnn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
                string Query = "SELECT *  FROM [dsr_data] where (date_time between '" + TextBox1.Text + "'  and    '" + TextBox4.Text + "') And  session_name='" + selectedItem + "'";
                DataTable dtAdmin = new DataTable();
                SqlDataAdapter da;
                da = new SqlDataAdapter(Query, cnn);
                da.Fill(dtAdmin);
                if (dtAdmin.Rows.Count > 0)
                {
                    GVmydsr.DataSource = dtAdmin;
                    GVmydsr.DataBind();

                }
                else
                {
                    GVmydsr.DataSource = null;
                    GVmydsr.DataBind();
                }


            }

        }
    }
}

推荐答案

尝试



try

protected void searchname_date()
      {
          List<string> lstSelectedItems = new List<string>();

          if (ListBox1.Items.Count > 0)
              for (int i = 0; i < ListBox1.Items.Count; i++)
                  if (ListBox1.Items[i].Selected)
                      lstSelectedItems.Add(ListBox1.Items[i].Text);


          string inQuery = string.Join("','", lstSelectedItems);
          inQuery = "'" + inQuery + "'";

          SqlConnection cnn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
          string Query = "SELECT *  FROM [dsr_data] where (date_time between @from  and    @to ) And  session_name in ({0})";
          Query = string.Format(Query, inQuery);
          SqlCommand cmd = new SqlCommand(Query, cnn);
          cmd.Parameters.AddWithValue("@from", TextBox1.Text);
          cmd.Parameters.AddWithValue("@to", TextBox4.Text);

          DataTable dtAdmin = new DataTable();
          SqlDataAdapter da;
          da = new SqlDataAdapter(Query, cnn);
          da.Fill(dtAdmin);
          if (dtAdmin.Rows.Count > 0)
              GVmydsr.DataSource = dtAdmin;
          else
              GVmydsr.DataSource = null;
          GVmydsr.DataBind();


      }







注意:格式化sql查询字符串是易受攻击 SQL注入 [ ^ ]攻击

始终使用参数化查询以防止SQL Server中的SQL注入攻击 [ ^ ]




Note:Formatting the sql Query string is vulnerable to SQL Injection[^] attacks
always use Parameterized queries to prevent SQL Injection Attacks in SQL Server[^]


这篇关于无法获得多个列表框选择的记录。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆