Datalist没有显示任何数据 [英] Datalist not showing any data
问题描述
我正在尝试在数据列表中显示数据,我的空白页面没有错误
这里是我的代码背后
i am trying to display data in data list , i am getting no error with blank page
here is my code behind
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not Page.IsPostBack Then
BindDataList()
End If
End Sub
Protected Sub BindDataList()
Dim ptype As String = Request.QueryString("Propert_Type")
Dim wantsto As String = Request.QueryString("wantsto")
Dim Category As String = Request.QueryString("Category")
Dim SearchKeyword As String = Request.QueryString("SearchKeyword")
Dim postedby As String
If Request.QueryString("Postedby") = "All" Then
postedby = "%%"
Else : postedby = Request.QueryString("postedby")
End If
'Dim Postedby As String = Request.QueryString("Postedby")
Dim MinBudget As String = Request.QueryString("MinBudget")
Dim MaxBudget As String = Request.QueryString("MaxBudget")
Dim Bedrooms As String = Request.QueryString("Bedrooms")
Dim Bathrooms As String = Request.QueryString("Bathrooms")
Dim State As String = Request.QueryString("State")
Dim City As String = Request.QueryString("City")
Dim Location As String = Request.QueryString("Location")
Dim dt As New DataTable()
con.Open()
Try
Dim s As String = "select date, Property_Id,Category,PropertyType,BedRooms,BathRooms,Area,Size,Price,Photo_path ,Posted_By,Subject,Description FROM Properties where Category=" & ptype & " and PropertyType=" & Category & " and PropertyFor =" & wantsto & " and Posted_By=" & postedby & "and bedrooms=" & Bedrooms & " and State=" & State & "and City=" & City & " and Location=" & Location & "and Keyword like '% & SearchKeyword & %' and Price between " & MinBudget & " and " & MaxBudget & " "
Dim adp As New SqlDataAdapter(s, con)
adp.Fill(dt)
dlResidentional.DataSource = dt
dlResidentional.DataBind()
lblfr.Text = dlResidentional.Items.Count.ToString
Catch ex As Exception
Response.Write("Error occured: " & ex.Message.ToString())
Finally
dt.Clear()
dt.Dispose()
con.Close()
End Try
End Sub
来自评论的其他OP代码...
Other OP code from comment ...
<fieldset style="width: 500px;">
<asp:datalist id="dlResidentional" runat="server" cellpadding="4" forecolor="#333333"
repeatcolumns="1" backcolor="Olive" bordercolor="Olive" borderstyle="Groove"
borderwidth="2px" height="170px" width="150px">
<HeaderStyle BackColor="#5D7B9D" Font-Bold="True" ForeColor="White" />
<table width="650" style="border: thin groove #87a310; border="2" >
<tr>
<td colspan="3" height="30"
style="font-family: 'Times New Roman', Times, serif; font-size: x-large; font-weight: bold; font-style: normal; color: #87a310"><img src="images/rupee.png" height="22" width="22" /> <%#DataBinder.Eval(Container.DataItem, "Price")%> <%# DataBinder.Eval(Container.DataItem, "Subject")%></td>
</tr>
<tr>
<td colspan="3" height="10" align="right">Property ID :<%#DataBinder.Eval(Container.DataItem, "Property_Id")%></td>
</tr>
<tr>
<td rowspan="4" style="width: 154px">
<asp:image runat="server" BorderColor="Olive" BorderStyle="Groove" BorderWidth="2px"
Height="170px" Width="150px" ImageUrl='<%#DataBinder.Eval(Container.DataItem, "Photo_path") %>'
GenerateEmptyAlternateText="True">
</td>
<td style="width: 217px" class="style2"> Size :<%# DataBinder.Eval(Container.DataItem, "Size")%></td>
<td> Covered Area :<%#DataBinder.Eval(Container.DataItem, "Area")%></td>
</tr>
<tr>
<td style="width: 217px" class="style2"> Property Type :<%# DataBinder.Eval(Container.DataItem, "Category")%></td>
<td> Category : <%# DataBinder.Eval(Container.DataItem, "PropertyType")%></td>
</tr>
<tr>
<td style="width: 217px" class="style2"> Type :<%# DataBinder.Eval(Container.DataItem, "BedRooms")%></td>
<td> Bathrooms : <%#DataBinder.Eval(Container.DataItem, "Bathrooms")%></td>
</tr>
<tr>
<td class="style2" colspan="2"> Description :<%#DataBinder.Eval(Container.DataItem, "Description")%></td>
</tr>
<tr>
<td colspan="3" height="10" align="right"></td>
</tr>
<tr>
<td style="width: 154px">Posted By : <%#DataBinder.Eval(Container.DataItem, "Posted_By")%> </td>
<td style="width: 217px" class="style2">View Details
</td>
<td align="right">Posted on :<%#DataBinder.Eval(Container.DataItem, "Date")%></td>
</tr>
</table>
<SelectedItemStyle BackColor="#E2DED6" Font-Bold="True" ForeColor="#333333" />
</fieldset>
推荐答案
在行上放置一个断点
Dim adp As New SqlDataAdapter(s, con)
并检查 s
中的SQL ...看到问题?你在varchar列上缺少单引号。
通过连接用户输入的字符串来创建sql绝对不是一个好主意。你让自己受到sql注入的支配。
使用参数化查询 - 参见 DataAdapter参数的参考 [ ^ ]
它不仅有助于防止数据库被被恶意用户摧毁,它也会为你处理所有那些讨厌的单引号。
发现潜在问题也容易得多
and examine the SQL in s
... see the problem? You are missing single quotation marks on the varchar columns.
Creating sql by concatenating strings that can be entered by a user is never a good idea. You leave yourself at the mercy of sql injection.
Use a parameterised query - see reference for DataAdapter Parameters[^]
Not only will it help prevent your database from being destroyed by a malicious user, it will also handle all those pesky single quotes for you.
It is also a lot easier to spot potential problems
这篇关于Datalist没有显示任何数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!