编辑,更新代码错误 [英] Edit,Update Error in code
本文介绍了编辑,更新代码错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
<asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" DataKeyNames="id,Name"
onrowediting="edit" onrowupdating="update"
onrowcancelingedit="cancel" onrowdeleting="delete">
<Columns>
<asp:TemplateField HeaderText="Name">
<EditItemTemplate>
<asp:Label ID="lbleditname" runat="server" Text='<%#Eval("name") %>'/>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="lblitemname" runat="server" Text='<%#Eval("Name") %>'/>
</ItemTemplate>
<FooterTemplate>
<asp:TextBox ID="txtftrname" runat="server"/>
<asp:RequiredFieldValidator ID="rfvname" runat="server" ControlToValidate="txtftrname" Text="*" ValidationGroup="validaiton"/>
</FooterTemplate>
</asp:TemplateField>
<asp:TemplateField HeaderText="Address1">
<EditItemTemplate>
<asp:TextBox ID="txtAddress1" runat="server" Text='<%#Eval("Address1") %>'/>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="lblitemAddress1" runat="server" Text='<%#Eval("Address1") %>'/>
</ItemTemplate>
<FooterTemplate>
<asp:TextBox ID="txtftrAddress1" runat="server"/>
<asp:RequiredFieldValidator ID="rfvAddress1" runat="server" ControlToValidate="txtftrAddress1" Text="*" ValidationGroup="validaiton"/>
</FooterTemplate>
</asp:TemplateField>
<asp:TemplateField HeaderText="Address2">
<EditItemTemplate>
<asp:TextBox ID="txtAddress2" runat="server" Text='<%#Eval("Address2") %>'/>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="lblitemAddress2" runat="server" Text='<%#Eval("Address2") %>'/>
</ItemTemplate>
<FooterTemplate>
<asp:TextBox ID="txtftrAddress2" runat="server"/>
<asp:RequiredFieldValidator ID="rfvAddress2" runat="server" ControlToValidate="txtftrAddress2" Text="*" ValidationGroup="validaiton"/>
</FooterTemplate>
</asp:TemplateField>
<asp:TemplateField HeaderText="Country">
<EditItemTemplate>
<asp:TextBox ID="txtCountry" runat="server" Text='<%#Eval("Country") %>'/>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="lblitemCountry" runat="server" Text='<%#Eval("Country") %>'/>
</ItemTemplate>
<FooterTemplate>
<asp:TextBox ID="txtftrCountry" runat="server"/>
<asp:RequiredFieldValidator ID="rfvCountry" runat="server" ControlToValidate="txtftrCountry" Text="*" ValidationGroup="validaiton"/>
</FooterTemplate>
</asp:TemplateField>
<asp:TemplateField HeaderText="Pincode">
<EditItemTemplate>
<asp:TextBox ID="txtPincode" runat="server" Text='<%#Eval("Pincode") %>'/>
</EditItemTemplate>
<ItemTemplate>
<asp:Label ID="lblitemPincode" runat="server" Text='<%#Eval("Pincode") %>'/>
</ItemTemplate>
<FooterTemplate>
<asp:TextBox ID="txtftrPincode" runat="server"/>
<asp:RequiredFieldValidator ID="rfvPincode" runat="server" ControlToValidate="txtftrPincode" Text="*" ValidationGroup="validaiton"/>
</FooterTemplate>
</asp:TemplateField>
<asp:CommandField ShowEditButton="True" />
<asp:CommandField ShowDeleteButton="True" />
</Columns>
</asp:GridView>
/////////////////////////////////////////////////////
//////////////////////////////////////////////////
public void gridload()
{
con.Open();
SqlCommand cmd = new SqlCommand("select *from tbladminreg",con);
SqlDataAdapter ada = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
ada.Fill(ds);
GridView1.DataSource = ds;
GridView1.DataBind();
cmd.ExecuteNonQuery();
con.Close();
}
protected void update(object sender, GridViewUpdateEventArgs e)
{
int id = Convert.ToInt32(GridView1.DataKeys[e.RowIndex].Value.ToString());
string name = GridView1.DataKeys[e.RowIndex].Values["Name"].ToString();
TextBox txtAddress1 = (TextBox)GridView1.Rows[e.RowIndex].FindControl("txtAddress1");
TextBox txtAddress2 = (TextBox)GridView1.Rows[e.RowIndex].FindControl("txtAddress2");
TextBox txtCountry = (TextBox)GridView1.Rows[e.RowIndex].FindControl("txtCountry");
TextBox txtPincode = (TextBox)GridView1.Rows[e.RowIndex].FindControl("txtPincode");
con.Open();
SqlCommand cmd = new SqlCommand("update tbladminreg set Address1='" + txtAddress1.Text + "',Address2='" + txtAddress2.Text + "',Country='" + txtCountry.Text + "',Pincode='" + txtPincode.Text + "' where id=" + id, con);
cmd.ExecuteNonQuery();
con.Close();
Label1.Text = name + " Details Updated successfully";
GridView1.EditIndex = -1;
gridload();
}
protected void edit(object sender, GridViewEditEventArgs e)
{
GridView1.EditIndex = e.NewEditIndex;
gridload();
}
protected void delete(object sender, GridViewDeleteEventArgs e)
{
int id = Convert.ToInt32(GridView1.DataKeys[e.RowIndex].Value.ToString());
string name = GridView1.DataKeys[e.RowIndex].Values["Name"].ToString();
con.Open();
SqlCommand cmd = new SqlCommand("delete from tbladminreg where id=" + id, con);
int result = cmd.ExecuteNonQuery();
con.Close();
if (result == 1)
{
gridload();
Label1.Text = name + " details deleted successfully";
}
}
推荐答案
第一个问题:
GridView1.DataSource = ds;
将
will be
GridView1.DataSource = ds.Tables[0];
第二个问题:
有不需要的行:cmd.ExecuteNonQuery();
这样您的更新代码就可以了,因此请验证所形成的命令查询是否正确-复制它并直接在SQL中执行以进行验证.可以接受int中的executenonquery返回值,并查看返回的内容.
最后,按照您的编码方式,您的应用已打开以进行SQL注入.使用参数化查询.
在此处查找参数化查询及其用法:
MSDN:配置参数和参数数据类型(ADO.NET) [ MSDN:DataAdapter参数(ADO.NET) [ MSDN:SqlCommand.Parameters属性 [
Second issue:
There is line which is not needed: cmd.ExecuteNonQuery();
Your update code as such looks ok, so do verify if the command query formed is correct - copy it and directly execute in SQL to verify it. May be accept the executenonquery return value in an int and see what was returned.
Lastly, the way you have coded, your app is open for SQL Injection. Use paramterized query.
Look here for parameterized query and it''s usage:
MSDN: Configuring Parameters and Parameter Data Types (ADO.NET)[^]
MSDN: DataAdapter Parameters (ADO.NET)[^]
MSDN: SqlCommand.Parameters Property [^]
这篇关于编辑,更新代码错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
