更新没有用查询字符串执行?

时间:2022-11-25 10:23:28

I'm using an edit page for my user to view and change their data in textboxes, which they access from the gridview on the homepage. I use a datakey on an autoincremented column, ProductId, and the row data displays perfectly. Unfortunately, when I fire the click button event to update the row with the changes made in these textboxes, they don't register. I've included the code below, but as a note, this is a training project and I was expressly forbidden to paramaterize in the interest of learning the basics first. I realize this is a security imperative, but for now, no paramaters. To clarify and restate my question, when I click the submit button, the row data is not affected by changes entered into the textboxes ,but instead reverts to the original values. I know it's probably something to do with the query string, but I've no idea what. Ideas?

我正在使用我的用户的编辑页面来查看和更改文本框中的数据,他们可以从主页上的gridview访问这些数据。我在自动增量列ProductId上使用datakey,行数据显示完美。不幸的是,当我触发单击按钮事件以使用这些文本框中所做的更改来更新行时,它们不会注册。我已经包含了下面的代码,但作为一个注释,这是一个培训项目,我明确禁止为了学习基础知识而优先考虑。我意识到这是一项安全措施,但就目前而言,没有参与者。为了澄清和重述我的问题,当我单击“提交”按钮时,行数据不会受到输入到文本框中的更改的影响,而是会恢复为原始值。我知道这可能与查询字符串有关,但我不知道是什么。想法?

 using System;
using System.Collections.Generic;
using System.Linq;
using System.Data;
using System.Data.Sql;
using System.Data.SqlClient;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class ViewEdit : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string x = Request.QueryString["ProductId"];
        string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString;
        string editQuery = "SELECT CustId, CustName, SicNaic, CustCity, CustAdd, CustState, CustZip, BroName, BroId, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments, ProductId FROM ProductInstance WHERE ProductId =" + x;



    using (SqlConnection editConn = new SqlConnection(connectionString))
    {
        editConn.Open();

        using (SqlCommand command = new SqlCommand(editQuery, editConn))
        {

            SqlDataReader dr = command.ExecuteReader();
            dr.Read();
            TextBox1.Text = dr.GetInt32(0).ToString();
            TextBox2.Text = dr.GetString(1);
            TextBox3.Text = dr.GetString(2);
            TextBox4.Text = dr.GetString(3);
            TextBox5.Text = dr.GetString(4);
            TextBox6.Text = dr.GetString(5);
            TextBox7.Text = dr.GetInt32(6).ToString();
            TextBox8.Text = dr.GetString(7);
            TextBox9.Text = dr.GetInt32(8).ToString();
            TextBox10.Text = dr.GetString(9);
            TextBox11.Text = dr.GetString(10);
            TextBox12.Text = dr.GetString(11);
            TextBox13.Text = dr.GetInt32(12).ToString();
            TextBox14.Text = dr.GetString(13);
            TextBox15.Text = dr.GetInt32(14).ToString();
            TextBox16.Text = dr.GetInt32(15).ToString();
            TextBox17.Text = dr.GetInt32(16).ToString();
            TextBox18.Text = dr.GetInt32(17).ToString();
            TextBox19.Text = dr.GetDateTime(18).ToString();
            TextBox20.Text = dr.GetInt32(19).ToString();
            TextBox21.Text = dr.GetInt32(20).ToString();
            TextBox22.Text = dr.GetString(21);



        }
        editConn.Close();
    }   
}

protected void Button1_Click(object sender, EventArgs e)
{
    string x = Request.QueryString["ProductId"];
    string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString;
    using (SqlConnection updateConn = new SqlConnection(connectionString))
    {
        updateConn.Open();
        {
            string updateQuery = "UPDATE ProductInstance SET CustId = '" + TextBox1.Text + "', CustName = '" + TextBox2.Text + "', SicNaic = '" + TextBox3.Text + "', CustCity =  '" + TextBox4.Text + "', CustAdd = '" + TextBox5.Text + "', CustState =  '" + TextBox6.Text + "', CustZip =  '" + TextBox7.Text + "', BroName = '" + TextBox8.Text + "', BroId =  '" + TextBox9.Text + "', BroAdd =  '" + TextBox10.Text + "', BroCity = '" + TextBox11.Text + "', BroState =  '" + TextBox12.Text + "', BroZip =  '" + TextBox13.Text + "', EntityType =  '" + TextBox14.Text + "', Coverage =  '" + TextBox15.Text + "', CurrentCoverage =  '" + TextBox16.Text + "', PrimEx = '" + TextBox17.Text + "', Retention = '" + TextBox18.Text + "', EffectiveDate =  '" + TextBox19.Text + "', Commission = '" + TextBox20.Text + "', Premium =  '" + TextBox21.Text + "', Comments = '" + TextBox22.Text + "' WHERE ProductId =" + x;



            using (SqlCommand command = new SqlCommand(updateQuery, updateConn))
            {
                command.ExecuteNonQuery();
            }
        }
    }
}

}

3 个解决方案

#1


4  

Brazos,

This occurs because when a change is made and posted back to the page, Page_Load is executing again before you are able to save the values collected from the form back to the database. Instead, the text boxes are loaded with the values from the database and any changes are overridden. Later, when the Button1_Click event occurs and you do save the data to the database, you update the row with the values from the textboxes which now reflect what was in the database in the first place and not what was submitted in the form.

这是因为当进行更改并将其发回页面时,在您能够将从表单收集的值保存回数据库之前,Page_Load再次执行。而是使用数据库中的值加载文本框,并覆盖任何更改。稍后,当Button1_Click事件发生并且您确实将数据保存到数据库时,您使用文本框中的值更新行,这些值现在反映了数据库中的内容,而不是表单中提交的内容。

Check out the order of events in the ASP.NET page life cycle here: http://msdn.microsoft.com/en-us/library/ms178472.aspx

在这里查看ASP.NET页面生命周期中的事件顺序:http://msdn.microsoft.com/en-us/library/ms178472.aspx

An easy way to fix this would be to only run the query that loads and updates the textboxes (in the Page_Load) if it is not in postback:

解决此问题的一种简单方法是仅运行加载和更新文本框的查询(在Page_Load中),如果它不在回发中:

public partial class ViewEdit : System.Web.UI.Page {
    protected void Page_Load(object sender, EventArgs e)
    {

        if (!Page.IsPostBack)
        {
            string x = Request.QueryString["ProductId"];
            string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString;
            string editQuery = "SELECT CustId, CustName, SicNaic, CustCity, CustAdd, CustState, CustZip, BroName, BroId, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments, ProductId FROM ProductInstance WHERE ProductId =" + x;



        using (SqlConnection editConn = new SqlConnection(connectionString))
        {
            editConn.Open();

            using (SqlCommand command = new SqlCommand(editQuery, editConn))
            { [...]

However, this also means that after the changes get done you will no longer be reloading the changes from the database since every page event after that will be a postback (unless you do a redirect). Since you are learning ASP.NET, I recommend you check out the page life cycle and explore a different solution. Good luck!

但是,这也意味着在更改完成后,您将不再从数据库重新加载更改,因为之后的每个页面事件都将是回发(除非您执行重定向)。由于您正在学习ASP.NET,我建议您查看页面生命周期并探索不同的解决方案。祝好运!

#2


2  

In your Page_Load check for postback

在你的Page_Load中检查回发

protected void Page_Load(object sender, EventArgs e)     
{         
    if (Page.IsPostBack == false)
    {
        string x = Request.QueryString["ProductId"];         
        string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString;         string editQuery = "SELECT CustId, CustName, SicNaic, CustCity, CustAdd, CustState, CustZip, BroName, BroId, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments, ProductId FROM ProductInstance WHERE ProductId =" + x;
    }
}

#3


0  

The first thing you should always do on a page like this is check for !IsPostBack and then carry out the standard process for rendering the page inside the code:

你应该总是在这样的页面上做的第一件事是检查!IsPostBack然后执行标准过程来渲染代码中的页面:

protected void Page_Load(object sender, EventArgs e)
{         
    if (!IsPostBack)
    {
        // Add your normal code in here
    }
}

And then in your click event, rebind the data when you finish your insertion to the database

然后在您的单击事件中,在完成对数据库的插入后重新绑定数据

protected void Button1_Click(object sender, EventArgs e)
{
    // Do Insertion here
    lstView.DataSource = sqlVals;
    lstView.DataBind();
}

Also get reading up on EF4 or LinqToSql as it will make data calls from SQL easier and more secure

还可以阅读EF4或LinqToSql,因为它将使SQL的数据调用更容易,更安全

#1


4  

Brazos,

This occurs because when a change is made and posted back to the page, Page_Load is executing again before you are able to save the values collected from the form back to the database. Instead, the text boxes are loaded with the values from the database and any changes are overridden. Later, when the Button1_Click event occurs and you do save the data to the database, you update the row with the values from the textboxes which now reflect what was in the database in the first place and not what was submitted in the form.

这是因为当进行更改并将其发回页面时,在您能够将从表单收集的值保存回数据库之前,Page_Load再次执行。而是使用数据库中的值加载文本框,并覆盖任何更改。稍后,当Button1_Click事件发生并且您确实将数据保存到数据库时,您使用文本框中的值更新行,这些值现在反映了数据库中的内容,而不是表单中提交的内容。

Check out the order of events in the ASP.NET page life cycle here: http://msdn.microsoft.com/en-us/library/ms178472.aspx

在这里查看ASP.NET页面生命周期中的事件顺序:http://msdn.microsoft.com/en-us/library/ms178472.aspx

An easy way to fix this would be to only run the query that loads and updates the textboxes (in the Page_Load) if it is not in postback:

解决此问题的一种简单方法是仅运行加载和更新文本框的查询(在Page_Load中),如果它不在回发中:

public partial class ViewEdit : System.Web.UI.Page {
    protected void Page_Load(object sender, EventArgs e)
    {

        if (!Page.IsPostBack)
        {
            string x = Request.QueryString["ProductId"];
            string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString;
            string editQuery = "SELECT CustId, CustName, SicNaic, CustCity, CustAdd, CustState, CustZip, BroName, BroId, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments, ProductId FROM ProductInstance WHERE ProductId =" + x;



        using (SqlConnection editConn = new SqlConnection(connectionString))
        {
            editConn.Open();

            using (SqlCommand command = new SqlCommand(editQuery, editConn))
            { [...]

However, this also means that after the changes get done you will no longer be reloading the changes from the database since every page event after that will be a postback (unless you do a redirect). Since you are learning ASP.NET, I recommend you check out the page life cycle and explore a different solution. Good luck!

但是,这也意味着在更改完成后,您将不再从数据库重新加载更改,因为之后的每个页面事件都将是回发(除非您执行重定向)。由于您正在学习ASP.NET,我建议您查看页面生命周期并探索不同的解决方案。祝好运!

#2


2  

In your Page_Load check for postback

在你的Page_Load中检查回发

protected void Page_Load(object sender, EventArgs e)     
{         
    if (Page.IsPostBack == false)
    {
        string x = Request.QueryString["ProductId"];         
        string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString;         string editQuery = "SELECT CustId, CustName, SicNaic, CustCity, CustAdd, CustState, CustZip, BroName, BroId, BroAdd, BroCity, BroState, BroZip, EntityType, Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments, ProductId FROM ProductInstance WHERE ProductId =" + x;
    }
}

#3


0  

The first thing you should always do on a page like this is check for !IsPostBack and then carry out the standard process for rendering the page inside the code:

你应该总是在这样的页面上做的第一件事是检查!IsPostBack然后执行标准过程来渲染代码中的页面:

protected void Page_Load(object sender, EventArgs e)
{         
    if (!IsPostBack)
    {
        // Add your normal code in here
    }
}

And then in your click event, rebind the data when you finish your insertion to the database

然后在您的单击事件中,在完成对数据库的插入后重新绑定数据

protected void Button1_Click(object sender, EventArgs e)
{
    // Do Insertion here
    lstView.DataSource = sqlVals;
    lstView.DataBind();
}

Also get reading up on EF4 or LinqToSql as it will make data calls from SQL easier and more secure

还可以阅读EF4或LinqToSql,因为它将使SQL的数据调用更容易,更安全