[英]Update not working C# ADO.net
我已经呆了几个小时了,在这里找不到问题。 我有3页,其中2页已更新,并且工作正常,但是我希望有人能找到问题所在。
一切“看起来”都正常工作,我看到“已成功更新”消息,但它只是不更新数据。
以下是相关的代码段:
ASCX:
<asp:Repeater ID="TestDataList" runat="server" onItemCommand="Item_Command">
<ItemTemplate>
<div class='<%# Container.ItemIndex % 2 == 0 ? "list-wrap" : "list-wrap alternate" %>'>
<a href="#" class="edit-list icon-pencil icon-large"></a>
<div class="update">
<span class="dl-content">
<h2><asp:Label ID="TestNameDisplay" runat="server" CssClass="name" Text='<%# Eval("TestName") %>'/></h2>
</span>
<asp:LinkButton ID="deleteTestCase" CssClass="delete-list icon-trash icon-large" runat="server" CommandName="deleteTestCase" CommandArgument='<%#Eval("TestCaseID")%>'/>
<%--edit form--%>
<span class="dl-update">
<asp:TextBox ID="TxtUpdateTestName" runat="server" CssClass='textEntry' Text='<%#Eval("TestName")%>'></asp:TextBox>
<asp:LinkButton ID="EditTestNameButton" runat="server" Text="Save" CommandName="SelectTestName" CommandArgument='<%#Eval("TestCaseID")%>' ValidationGroup='<%# "UpdateTestCaseName" + Eval("TestCaseID") %>' />
<asp:RequiredFieldValidator ID="UpdateTestNameRequired" runat="server" ControlToValidate="TxtUpdateTestName" CssClass="formValidation" ErrorMessage="What good is a test case with no name?" ValidationGroup='<%# "UpdateTestCaseName" + Eval("TestCaseID") %>'/>
</span>
</div>
</ItemTemplate>
</asp:Repeater>
背后的代码:
protected void Item_Command(Object sender, RepeaterCommandEventArgs e)
{
if (e.CommandName == "SelectTestName")
{
string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = " + e.CommandArgument;
SqlConnection conn = new SqlConnection(GetConnectionString());
SqlCommand cmdUpdateTestName = new SqlCommand(setTestNameSQL, conn);
TextBox tb = (TextBox)e.Item.FindControl("TxtUpdateTestName");
SqlParameter u1 = new SqlParameter("TestName", tb.Text);
SqlParameter u2 = new SqlParameter("TestCaseID", e.CommandArgument);
cmdUpdateTestName.Parameters.Add(u1);
cmdUpdateTestName.Parameters.Add(u2);
try
{
conn.Open();
cmdUpdateTestName.ExecuteNonQuery();
PopulateTestList();
lblUserFeedbackMessage.Text = "Sucessfully updated!";
}
catch (System.Data.SqlClient.SqlException ex)
{
string msg = "Update Error:";
msg += ex.Message;
throw new Exception(msg);
}
finally
{
conn.Close();
}
}
尝试这种方式:
string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = @TestCaseID";
SqlConnection conn = new SqlConnection(GetConnectionString());
SqlCommand cmdUpdateTestName = new SqlCommand(setTestNameSQL, conn);
TextBox tb = (TextBox)e.Item.FindControl("TxtUpdateTestName");
SqlParameter u1 = new SqlParameter("@TestName", tb.Text);
SqlParameter u2 = new SqlParameter("@TestCaseID", e.CommandArgument);
cmdUpdateTestName.Parameters.Add(u1);
cmdUpdateTestName.Parameters.Add(u2);
否则,您将不提供参数的值,因为@
会丢失,并且您的命令容易受到sql注入攻击 。
您已经错过了sqlparamete对象名中的@(Symbol) ,因为您的查询参数对象名是@TestName。但是您已经使用了SqlParameter名称是@TestName。缺少了@符号
尝试在下面的行而不是您的代码行
SqlParameter u1 = new SqlParameter("**@TestName**", tb.Text);
您正在使用SqlParameters,这是一件好事,因为它避免了Sql注入,但是为什么要直接传递e.CommandArgument
来更新查询。 所以将其更改为
string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = @TestCaseID";
并添加这样的参数(不要忘记在参数名称前添加@
)
SqlParameter u1 = new SqlParameter("@TestName", tb.Text);
SqlParameter u2 = new SqlParameter("@TestCaseID", e.CommandArgument)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.