stackoom
  简体   繁体   中英

Update not working C# ADO.net

 原文  2013-06-01 10:26:11       c#/ asp.net/ ado.net

Question

I've been at this for hours and cannot find the issue here. I have 3 pages, 2 of which have updates and are working fine, but this one not which I'm hoping someone might be able to find where the issue lies..

Everything 'appears' to work, I see the 'sucessfully updated' message but it just does not update the data.

Here are the relevant snippets of code:

ASCX: 

<asp:Repeater ID="TestDataList" runat="server" onItemCommand="Item_Command">
        <ItemTemplate>
            <div class='<%# Container.ItemIndex % 2 == 0 ? "list-wrap" : "list-wrap alternate" %>'>
                <a href="#" class="edit-list icon-pencil icon-large"></a>
                <div class="update">
                    <span class="dl-content">
                        <h2><asp:Label ID="TestNameDisplay" runat="server" CssClass="name" Text='<%# Eval("TestName") %>'/></h2>
                    </span>
                    <asp:LinkButton ID="deleteTestCase" CssClass="delete-list icon-trash icon-large" runat="server" CommandName="deleteTestCase" CommandArgument='<%#Eval("TestCaseID")%>'/>

                    <%--edit form--%>
                    <span class="dl-update">    
                        <asp:TextBox ID="TxtUpdateTestName" runat="server" CssClass='textEntry' Text='<%#Eval("TestName")%>'></asp:TextBox>
                        <asp:LinkButton ID="EditTestNameButton" runat="server" Text="Save" CommandName="SelectTestName" CommandArgument='<%#Eval("TestCaseID")%>' ValidationGroup='<%# "UpdateTestCaseName" + Eval("TestCaseID") %>' />
                        <asp:RequiredFieldValidator ID="UpdateTestNameRequired" runat="server" ControlToValidate="TxtUpdateTestName" CssClass="formValidation" ErrorMessage="What good is a test case with no name?" ValidationGroup='<%# "UpdateTestCaseName" + Eval("TestCaseID") %>'/>
                    </span>
                </div>
</ItemTemplate>
    </asp:Repeater>

Code Behind: 

protected void Item_Command(Object sender, RepeaterCommandEventArgs e)
    {
        if (e.CommandName == "SelectTestName")
        {
            string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = " + e.CommandArgument;

            SqlConnection conn = new SqlConnection(GetConnectionString());
            SqlCommand cmdUpdateTestName = new SqlCommand(setTestNameSQL, conn);

            TextBox tb = (TextBox)e.Item.FindControl("TxtUpdateTestName");

            SqlParameter u1 = new SqlParameter("TestName", tb.Text);
            SqlParameter u2 = new SqlParameter("TestCaseID", e.CommandArgument);

            cmdUpdateTestName.Parameters.Add(u1);
            cmdUpdateTestName.Parameters.Add(u2);

            try
            {
                conn.Open();
                cmdUpdateTestName.ExecuteNonQuery();
                PopulateTestList();
                lblUserFeedbackMessage.Text = "Sucessfully updated!";
            }
            catch (System.Data.SqlClient.SqlException ex)
            {
                string msg = "Update Error:";
                msg += ex.Message;
                throw new Exception(msg);
            }
            finally
            {
                conn.Close();
            }
        }

3 answers

solution1
 1 ACCPTED  2013-06-01 10:35:15

Try it this way: 

string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = @TestCaseID";

SqlConnection conn = new SqlConnection(GetConnectionString());
SqlCommand cmdUpdateTestName = new SqlCommand(setTestNameSQL, conn);

TextBox tb = (TextBox)e.Item.FindControl("TxtUpdateTestName");

SqlParameter u1 = new SqlParameter("@TestName", tb.Text);
SqlParameter u2 = new SqlParameter("@TestCaseID", e.CommandArgument);

cmdUpdateTestName.Parameters.Add(u1);
cmdUpdateTestName.Parameters.Add(u2);

Otherwise you don't provide the values for the parameters, because the @ is missing and your command is vulnerable for an sql injection attack .

solution2
 0  

You have missed the @(Symbol) in sqlparamete object Name ,For your Query parameter object name is @TestName .But you have used SqlParameter Name is @TestName .Missed the @ symbol

Try below line for instead of that line of your code 

       SqlParameter u1 = new SqlParameter("**@TestName**", tb.Text);

solution3
 0  2013-06-01 10:33:22

You are using SqlParameters which is a good thing as it avoids the Sql Injection but then why are you passing the e.CommandArgument directly to update query. so change it to 

string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = @TestCaseID";

and add parameter like this(don't forgot to add @ before the parameter name) 

SqlParameter u1 = new SqlParameter("@TestName", tb.Text);
SqlParameter u2 = new SqlParameter("@TestCaseID", e.CommandArgument)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question C# Update in ado.net ADO.NET Update not working How to update a excel row using C# ADO.NET? ADO.NET objects in C# not working properly is BrightStarDB will support Ado.net in c#? C# ADO.NET Parametrized query C# ADO.NET Entity c# ado.net sqlparameter fails C# ADO.NET UPDATE doesn't change database record, but still returns 1 affected row(s) How to update a object that contains a collection of other objects in c# in ado.net?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM