此代码 go 在 Web Forms 项目中在哪里？

Question

I am trying to figure out where to put this code. I have tried placing it is the default.aspx.cs file but I am not for sure if I am putting it in the wrong portion of the template or not. Also, I have tried placing the aspx code in the default.aspx folder but I am having the same issue with that as well.

If someone can show me where this code is supposed to be placed that would be great!

Here is the code that I have:

aspx code

<asp:Content ID="BodyContent" ContentPlaceHolderID="MainContent" runat="server">

<h1>Northwind Traders</h1>
<hr />
<br />
<div class="col-md-12 table-responsive">
<asp:GridView ID="ProductsViewID" runat="server" OnPreRender="Grid_PreRender"
PageSize="5" CssClass="table table-hover table-condensed" AutoGenerateColumns="True" Style="width: 100%;">
</asp:GridView>

</div>
</asp:Content>

And here is the cs code

public void LoadProductsData()
{
DataTable dt = new DataTable();
//We need to fetch data from Data Base we can call Fetch_ProductList() with
//necessary changes mentioned. Here i am considering MS SQL DB
//since Data base details are not provided i am creating Data Table manually.
  
//Creating columns
dt.Columns.Add("Product");
dt.Columns.Add("First Name");
dt.Columns.Add("Last Name");

//Adding Rows
dt.Rows.Add("Northwind Traders Almonds","Roland","Wacker");
dt.Rows.Add("Northwind Traders Beer","Soo Jung","Lee");
dt.Rows.Add("Northwind Traders Beer","Francisco","Perez-Olaeta");
dt.Rows.Add("Northwind Traders Beer","Karen","Tob");

dt.Rows.Add("Northwind Traders Boysenberry Spread", "Run", "Liu");
dt.Rows.Add("Northwind Traders Boysenberry Spread", "Roland", "Wacker");

dt.Rows.Add("Northwind Traders Cajun Seasoning", "John", "Rodman");
dt.Rows.Add("Northwind Traders Cajun Seasoning", "Roland", "Wacker");

//Assigning Data Table to Gridview
ProductsViewID.DataSource = dt;
//Binding the data to GridView
ProductsViewID.DataBind();
}

protected void Grid_PreRender(object sender, EventArgs e)
{
GridView grid = sender as GridView;
try
{
if (grid != null && grid.Rows.Count > 0)
{

grid.UseAccessibleHeader = true;
grid.HeaderRow.TableSection = TableRowSection.TableHeader;
grid.FooterRow.TableSection = TableRowSection.TableFooter;
}
}
catch (Exception)
{
}

}


public DataTable Fetch_ProductList()
{
DataTable dt = new DataTable();
SqlConnection conn = new SqlConnection("ConnectionString"); //Here we need to provide ConnectionString of Data Base.
SqlCommand cmd = new SqlCommand();
try
{
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
//Here we need to provide the Query to fetch the data from DataBase
//Sample Query would be 'SELECT PRODUCT_NAME,[FIRST NAME],[LAST NAME] FROM NORTHWIND_TRADERS_TABLE'
cmd.CommandText = "HERE WE NEED TO PROVIDE QUERY";
conn.Open();
SqlDataAdapter reader = new SqlDataAdapter(cmd);
reader.Fill(dt);
conn.Close();
}
catch (Exception ex)
{
conn.Close();
}
return dt;
}

Again, I am just needing help with the placement of the code. The code itself should work as intended. Any help is appreciated!

Answer 1

Web Forms has a couple places for this kind of thing, but probably you should look at the App_Code folder. You can put additional *.cs files in there with their own classes defined, including static classes.

Additionally, methods that fill a DataTable should never also directly update controls or set a data source. Instead, have the method (in this case LoadProductsData() ) return the DataTable as a value. Then, the ASP.Net Page Life Cycle event handlers will call into your method and use the result to update the controls on the page.

Finally, there's some code here leading me to believe you haven't yet been exposed to Sql Injection. Make sure you are NEVER using string concatenation to substitute user values into an SQL query. Instead, learn how to use parameterized queries. It's hard to understate how important this is.