在按钮上单击追加 OR... 在 SQL 查询中
[英]On button click append OR... in SQL Query
问题描述
Is it possible to append to an SQL query based on number of clicks on a button?
是否可以根据按钮的点击次数附加到 SQL 查询?
Eg.例如。 For each time I click on the button (+) I want to add OR [PIN]=@LogID# Where # is a number increasing for everytime I press the plus (+) button.每次单击按钮(+) 时,我都想添加OR [PIN]=@LogID#其中#是每次按加号(+)按钮时增加的数字。
I also would like do be able to decrease the same way by using the minus (-) button.我也希望能够通过使用减号(-)按钮以同样的方式减少。
A new textfield should appear for every (+) click with the same number # as the appending line in the query OR [PIN]=@LogID# to my SQL query SelectCommand="SELECT * FROM [PINCode] WHERE ([PIN]=@LogID)" .一个新的文本字段应该出现在每一个(+)点击相同数量#在查询中的追加行OR [PIN]=@LogID#我的SQL查询SelectCommand="SELECT * FROM [PINCode] WHERE ([PIN]=@LogID)" 。 And decrease if I click on (-) button.如果我点击(-)按钮,则减少。
Any idea on how to do this?关于如何做到这一点的任何想法? I would appreciate any links or suggestions pointing me in the right direction.我将不胜感激任何指向我正确方向的链接或建议。
I´m not looking for a finished solution here just help on were to start.我不是在这里寻找完整的解决方案,只是帮助开始。 What to search for, where to read.要搜索什么,在哪里阅读。
Implemented the example script recieved实现了收到的示例脚本
Default.aspx.vb默认.aspx.vb
Imports System.Data.SqlClient
Public Class _Default
Inherits System.Web.UI.Page
Dim rstData As New DataTable
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not IsPostBack Then
CreateTable()
ViewState("MyTable") = rstData
Else
rstData = ViewState("MyTable")
End If
End Sub
Sub CreateTable()
rstData.Columns.Add("MyPin", GetType(String))
End Sub
Protected Sub cmdAdd_Click(sender As Object, e As ImageClickEventArgs) Handles cmdAdd.Click
RepToTable() ' save any user edits
Dim OneRow As DataRow
OneRow = rstData.NewRow
OneRow("MyPin") = rstData.Rows.Count + 1 ' optional default value??
rstData.Rows.Add(OneRow)
Repeater1.DataSource = rstData
Repeater1.DataBind()
End Sub
Protected Sub Repeater1_ItemCommand(source As Object, e As RepeaterCommandEventArgs) Handles Repeater1.ItemCommand
End Sub
Protected Sub cmdMinus_Click(sender As Object, e As ImageClickEventArgs)
RepToTable() ' save edits
' remove the row user clicked on
Dim cmdDel As ImageButton = sender
Dim rowClick As RepeaterItem = cmdDel.Parent
rstData.Rows(rowClick.ItemIndex).Delete()
rstData.AcceptChanges()
Repeater1.DataSource = rstData
Repeater1.DataBind()
End Sub
Sub RepToTable()
' move values from grid back to table
For Each rRow As RepeaterItem In Repeater1.Items
rstData.Rows(rRow.ItemIndex).Item("MyPin") = CType(rRow.FindControl("txtPin"), TextBox).Text
Next
End Sub
Protected Sub cmdSearch_Click(sender As Object, e As EventArgs) Handles cmdSearch.Click
RepToTable() ' save any user edits
Using cmdSQL As New SqlCommand("", New SqlConnection())
Dim strWhere As String = ""
' grab each repater row, add a paramter - no concat of user input - no sql injection
For i = 0 To Repeater1.Items.Count - 1
If strWhere <> "" Then strWhere &= ","
strWhere &= "@" & i
Dim txtPIN As TextBox = Repeater1.Items(i).FindControl("txtPin")
cmdSQL.Parameters.Add("@" & i, SqlDbType.Int).Value = txtPIN.Text
Next
cmdSQL.CommandText = "SELECT * from PINCode WHERE PIN IN (" & strWhere & ")"
cmdSQL.Connection.Open()
Dim rstResults As New DataTable
rstResults.Load(cmdSQL.ExecuteReader)
For Each OneRow As DataRow In rstResults.Rows
Debug.Print("Computername = " & OneRow("PIN"))
Debug.Print("PIN = " & OneRow("PIN"))
Next
End Using
End Sub
Protected Sub PINCodeConnectionString_Selecting(sender As Object, e As SqlDataSourceSelectingEventArgs) Handles PINCodeConnectionString.Selecting
End Sub
End Class
Default.aspx默认.aspx
<%@ Page Language="vb" AutoEventWireup="false" CodeBehind="Default.aspx.vb" Inherits="PINCode._Default" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<asp:Repeater ID="Repeater1" runat="server">
<ItemTemplate>
<div style="float:left">
My Pin: <asp:TextBox ID="txtPin" runat="server" Text = '<%# Eval("MyPin") %>' ></asp:TextBox>
</div>
<div style="float:left;margin-left:10px">
<asp:ImageButton ID="cmdMinus" runat="server"
ImageUrl="Content/minus.jpg" Style="height:26px;width:20px"
OnClick="cmdMinus_Click"/>
</div>
<div style="clear:both"></div>
</ItemTemplate>
</asp:Repeater>
<br />
<asp:ImageButton ID="cmdAdd" runat="server"
ImageUrl="Content/Plus.jpg" Height="46" Width="40" style="margin-left:20px" />
<br />
<br />
<asp:Button ID="cmdSearch" runat="server" Text="Search Database" Width="133px" />
<asp:SqlDataSource ID="PINCodeConnectionString" runat="server" ConnectionString="<%$ ConnectionStrings:PINCodeConnectionString %>" SelectCommand="SELECT * FROM [PINCode]" UpdateCommand="UPDATE [PINCode] SET [Status] = @Status">
<UpdateParameters>
<asp:Parameter Name="Status" Type="Int32" />
</UpdateParameters>
</asp:SqlDataSource>
<asp:GridView ID="GridView1" runat="server" CellPadding="4" DataSourceID="PINCodeConnectionString" ForeColor="#333333" GridLines="None">
<AlternatingRowStyle BackColor="White" />
<Columns>
<asp:CommandField ShowEditButton="True" ShowSelectButton="True" />
</Columns>
<EditRowStyle BackColor="#2461BF" />
<FooterStyle BackColor="#507CD1" Font-Bold="True" ForeColor="White" />
<HeaderStyle BackColor="#507CD1" Font-Bold="True" ForeColor="White" />
<PagerStyle BackColor="#2461BF" ForeColor="White" HorizontalAlign="Center" />
<RowStyle BackColor="#EFF3FB" />
<SelectedRowStyle BackColor="#D1DDF1" Font-Bold="True" ForeColor="#333333" />
<SortedAscendingCellStyle BackColor="#F5F7FB" />
<SortedAscendingHeaderStyle BackColor="#6D95E1" />
<SortedDescendingCellStyle BackColor="#E9EBEF" />
<SortedDescendingHeaderStyle BackColor="#4870BE" />
</asp:GridView>
</form>
</body>
</html>
1 个解决方案
解决方案1
1 2021-09-11 06:29:21
Sure, since you want to be able to add 1 to "N" choices?当然,既然您希望能够将 1 添加到“N”选项中?
Then that suggests a repeater solution.那么这建议了一个中继器解决方案。
So, say we have this markup:所以,假设我们有这个标记:
<asp:Repeater ID="Repeater1" runat="server">
<ItemTemplate>
<div style="float:left">
My Pin: <asp:TextBox ID="txtPin" runat="server" Text = '<%# Eval("MyPin") %>' ></asp:TextBox>
</div>
<div style="float:left;margin-left:10px">
<asp:ImageButton ID="cmdMinus" runat="server"
ImageUrl="Content/minus.png" Style="height:26px;width:20px"
OnClick="cmdMinus_Click"/>
</div>
<div style="clear:both"></div>
</ItemTemplate>
</asp:Repeater>
<br />
<asp:ImageButton ID="cmdAdd" runat="server"
ImageUrl="Content/Add.png" Height="46" Width="40" style="margin-left:20px" />
<br />
<br />
<asp:Button ID="cmdSearch" runat="server" Text="Search Database" Width="133px" />
So, we have a + button, a - button (for each row), a database search button, and of course our simple repeater.因此,我们有一个 + 按钮、一个 - 按钮(针对每一行)、一个数据库搜索按钮,当然还有我们的简单中继器。
So, the code to load this up, and say add a row, and delete a row, we get this code:所以,加载它的代码,比如添加一行和删除一行,我们得到以下代码:
Dim rstData As New DataTable
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Not IsPostBack Then
CreateTable()
ViewState("MyTable") = rstData
Else
rstData = ViewState("MyTable")
End If
End Sub
Sub CreateTable()
rstData.Columns.Add("MyPin", GetType(String))
End Sub
So, say we whack + a few times, and we thus have this:所以,假设我们重击 + 几次,我们就得到了这个:
So, each time we click the + key, we get a new row.因此,每次我们单击 + 键时,我们都会得到一个新行。 We are free to type in a value.我们可以自由输入一个值。
So, our add button code is this:所以,我们的添加按钮代码是这样的:
Protected Sub cmdAdd_Click(sender As Object, e As ImageClickEventArgs) Handles cmdAdd.Click
RepToTable() ' save any user edits
Dim OneRow As DataRow
OneRow = rstData.NewRow
OneRow("MyPin") = rstData.Rows.Count + 1 ' optional default value??
rstData.Rows.Add(OneRow)
Repeater1.DataSource = rstData
Repeater1.DataBind()
End Sub
And of course we need the - button, say like this:当然,我们需要 - 按钮,像这样说:
Protected Sub cmdMinus_Click(sender As Object, e As ImageClickEventArgs)
RepToTable() ' save edits
' remove the row user clicked on
Dim cmdDel As ImageButton = sender
Dim rowClick As RepeaterItem = cmdDel.Parent
rstData.Rows(rowClick.ItemIndex).Delete()
rstData.AcceptChanges()
Repeater1.DataSource = rstData
Repeater1.DataBind()
End Sub
Ok, so that gives us, "add as many as we want"好的,这样我们就可以“添加任意数量的”
Or remove a row.或者删除一行。
I do have that little routine that when we add or remove (or search), the user MIGHT have editing the values, so we have a routine to take the repeater rows, and send them back to the table.我确实有一个小程序,当我们添加或删除(或搜索)时,用户可能已经编辑了值,所以我们有一个程序来获取转发器行,并将它们发送回表。 That little routine is this:那个小程序是这样的:
Sub RepToTable()
' move values from grid back to table
For Each rRow As RepeaterItem In Repeater1.Items
rstData.Rows(rRow.ItemIndex).Item("MyPin") = CType(rRow.FindControl("txtPin"), TextBox).Text
Next
End Sub
So, now the only "hard" part is the search routine.所以,现在唯一“困难”的部分是搜索程序。
We need N options.我们需要 N 个选项。
We can NOT use sql concattion since this is USER input.我们不能使用 sql concattion,因为这是 USER 输入。 If we were to generate the numbers and user could NOT edit/change, then ok, you could just concenate here.如果我们要生成数字并且用户无法编辑/更改,那么好的,您可以在这里合并。
So, we now need the "list" of choices and we STILL want strong typed parameters, nd we still want sql injection protection.所以,我们现在需要选择的“列表”,我们仍然需要强类型参数,我们仍然需要 sql 注入保护。
So, this will work:所以,这将起作用:
Protected Sub cmdSearch_Click(sender As Object, e As EventArgs) Handles cmdSearch.Click
RepToTable() ' save any user edits
Using cmdSQL As New SqlCommand("", New SqlConnection(My.Settings.TEST4))
Dim strWhere As String = ""
' grab each repater row, add a paramter - no concat of user input - no sql injection
For i = 0 To Repeater1.Items.Count - 1
If strWhere <> "" Then strWhere &= ","
strWhere &= "@" & i
Dim txtPIN As TextBox = Repeater1.Items(i).FindControl("txtPin")
cmdSQL.Parameters.Add("@" & i, SqlDbType.Int).Value = txtPIN.Text
Next
cmdSQL.CommandText = "SELECT * from tblHotels WHERE ID IN (" & strWhere & ")"
cmdSQL.Connection.Open()
Dim rstResults As New DataTable
rstResults.Load(cmdSQL.ExecuteReader)
For Each OneRow As DataRow In rstResults.Rows
Debug.Print("Hotel name = " & OneRow("City"))
Debug.Print("City = " & OneRow("City"))
Next
End Using
End Sub
so, not too much code.所以,没有太多的代码。 I think one could "try" just adding HTML for the add button but as the above shows?我认为可以“尝试”只为添加按钮添加 HTML,但如上所示? We have really un-limited flexibility, and you can add quite much plain jane markup to that repeater, and add more functionally over time - and not really have to change much code.我们确实拥有无限的灵活性,您可以向该转发器添加相当多的简单 jane 标记,并随着时间的推移添加更多功能 - 而不必真正更改太多代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.