如何将LinkButton CommandArgument值插入Sql数据库 [英] How to Insert LinkButton CommandArgument value into Sql Database
本文介绍了如何将LinkButton CommandArgument值插入Sql数据库的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
这是我的代码,如果您输入的是代码,则d列中的数字将为零,而不是ID号.但是我想显示fm_id号.任何帮助将不胜感激.
Here is my code and if you it, you will get zero in d column instead of id number. But I want fm_id number to be displayed. Any help would be gratefully received.
<itemtemplate>
<asp:LinkButton ID="lnbtn_thrd" runat="server" Font-Underline="true" OnClick="lbtn_topic_Click" Text=''<%#Bind("fm_Topic")%>'' CommandArgument=''<%#Bind("fm_Id")%>''
</itemtemplate>
objsql.CommandText = "Insert Into tbl_Forums(fm_Discription,fm_Views,fm_CreatedBy,fm_Parent)Values (''" + txt_reply.Text +"'',0,''" + Session["sUserId"] +"'',''"+ e.CommandArgument+"'');
objsql.ExecuteNonQuery();
推荐答案
第一件事:永远不要那样做.插入数据库的方式使您很容易受到SQL Injection攻击的影响,尤其是使用基于Web的文本框时.请改用SqlCommand.AddWithValue.它还有助于使代码更具可读性...
其次,从您的问题出发,不清楚您到底在遇到什么问题:"d"列是哪一列?为什么ID进入fm_CreatedBy字段?
首先检查您的输入:提交时,使用您输出到数据库的确切字符串更新网页上的字段-可能会立即指出您的问题.
First things first: Don''t do it like that, ever. The way you insert into your database leaves you wide open for an SQL Injection attack, particularly with a web based textbox. Use SqlCommand.AddWithValue instead. It also helps to make the code more readable...
Secondly, From yiour question it is not clear exactly what you are having a problem with: Which is the "d" column? Why is the ID going into the fm_CreatedBy field?
Check your inputs first: When you submit, update a field on your web page with the exact string you are outputting to the database - that may point out your problem immediately.
这篇关于如何将LinkButton CommandArgument值插入Sql数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
