[英]Passing value of textbox to a class VS2013 ASPX C#
我有一個Gridview.aspx,Gridview.aspx.cs和GetData.cs(類)
在Gridview.aspx中,我有一個名為SearchData的文本框和一個名為SearchBtn的按鈕
我在Gridview.aspx.cs中有此>>>
protected void SearchBtn_Click(object sender, EventArgs e){
if (!IsPostBack){
Search_Grid();
}
}
void Search_Grid(){
DataGridView.DataSource = obj.Search_Data();
DataGridView.DataBind();
}
由於這是我第一次使用類,所以這是我在GetData.cs中添加的內容>>>
public DataTable Search_Data(){
adap = new SqlDataAdapter("select * from MyTable " +
"where MyID = '" +
value_of_my_SearchData_textbox +
"'", con);
dt = new DataTable();
adap.Fill(dt);
return dt;
}
ASPX代碼 GridView.aspx代碼很長,但在gridview部分下是這樣的:
<table id="TBL_GridView" runat="server" align="center">
<tr>
<td text-align:center">*** TEST ONLY ***</td>
</tr>
<tr>
<td >
<asp:Label ID="Label1" runat="server" Text="Procedure name: "></asp:Label>
<asp:TextBox ID="SearchData" runat="server"></asp:TextBox>
<asp:Button ID="SearchBtn" runat="server" Text="Search" OnClick="SearchBtn_Click" />
</td>
</tr>
<tr >
<td >
<asp:GridView ID="DataGridView" runat="server" AutoGenerateColumns="False" ShowFooter="True"
CellPadding="4" ForeColor="#333333" GridLines="None" Height="281px" style="margin-top: 0px" Width="1000px"
OnRowCancelingEdit="DataGridView_RowCancelingEdit"
OnRowEditing="DataGridView_RowEditing" HorizontalAlign="Center" >
<AlternatingRowStyle BackColor="White" ForeColor="#284775" />
<Columns>
<asp:TemplateField>
<HeaderTemplate>Recipe Name</HeaderTemplate>
<ItemTemplate><asp:Label ID="recpname" runat="server" Text='<%# Bind("recpname")%>'></asp:Label></ItemTemplate>
<EditItemTemplate><asp:TextBox ID="recpname" runat="server"></asp:TextBox></EditItemTemplate>
<FooterTemplate><asp:TextBox ID="recpname" runat="server"></asp:TextBox></FooterTemplate>
</asp:TemplateField>
<asp:TemplateField>
<HeaderTemplate>Standard Time</HeaderTemplate>
<ItemTemplate><asp:Label ID="stdtime" runat="server" Text='<%# Bind("stdtime")%>'></asp:Label></ItemTemplate>
<EditItemTemplate><asp:TextBox ID="stdtime" runat="server"></asp:TextBox></EditItemTemplate>
<FooterTemplate><asp:TextBox ID="stdtime" runat="server"></asp:TextBox></FooterTemplate>
</asp:TemplateField>
<asp:TemplateField>
<HeaderTemplate>Operation</HeaderTemplate>
<ItemTemplate>
<asp:Button ID="BtnEdit" runat="server" Text="Edit" CommandName="Edit" Width="60px" />
</ItemTemplate>
<EditItemTemplate>
<asp:Button ID="BtnUpdate" runat="server" Text="Update" CommandName="Update" Width="60px" />
<asp:Button ID="BtnCancle" runat="server" Text="Cancel" CommandName="Cancel" Width="60px" />
</EditItemTemplate>
<FooterTemplate>
<asp:Button ID="BtnInsert" runat="server" Text="Insert" Width="60px" OnClick="BtnInsert_Click" />
</FooterTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView>
<br />
<asp:Literal ID="Literal1" runat="server"></asp:Literal>
</td>
</tr>
</table>
如何將文本框的值傳遞給班級?
我看到您的文本框SearchData只是gridview之外而不是gridview中的普通文本框。
您可以簡單地使用:
SearchData.Text
更改方法以傳遞SearchData.Text
protected void SearchBtn_Click(object sender, EventArgs e){
if (!IsPostBack){
Search_Grid(SearchData.Text);
}
}
void Search_Grid(string searchValue){
DataGridView.DataSource = obj.Search_Data(searchValue);
DataGridView.DataBind();
}
最后使用它:
public DataTable Search_Data(string searchValue){
adap = new SqlDataAdapter("select * from MyTable " +
"where MyID = '" +
searchValue +
"'", con);
dt = new DataTable();
adap.Fill(dt);
return dt;
}
但是,請注意,此代碼很容易受到SQL Injection攻擊,因為您要內聯添加值,因此攻擊者可以添加; delete from my table
; delete from my table
以擦除您的數據。
您應該參數化您的查詢。
adap = new SqlDataAdapter("select * from MyTable where MyID = @myIdValue", con);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.