0
這是我的代碼..而編輯和刪除行索引總是採取零向上...刪除命令根本不工作....如果我試圖編輯任何東西只有第二行向前它的工作...刪除命令不是在所有working..i認爲這是因爲行index..please任何一個可以幫助我在此先感謝的....rowindex始終從零開始......爲什麼?
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
public partial class Manager_Payments : System.Web.UI.Page
{
//SqlConnection con =new SqlConnection("Data Source=sqlexpress;Initial Catalog=isoqrmssys;User ID=sa;password=123456;Integrated Security=True");
Business BL = new Business();
//protected Int64 stf_ID, vmember;
//protected DateTime SRDT;
private System.Drawing.Color a;
string myStr = ConfigurationManager.AppSettings["ConnectionString"].ToString();
protected void Page_Load(object sender, EventArgs e)
{
loadgridview();
}
private void loadgridview()
{
SqlConnection con = new SqlConnection(myStr);
SqlCommand cmd = new SqlCommand("select * from CustomerProfMain", con);
//string sql = "SELECT * FROM CustomerProfMain";
SqlDataAdapter sda = new SqlDataAdapter(cmd);
con.Open();
DataSet ds = new DataSet();
sda.Fill(ds);
//return ds.Tables[0];
Grd_View.DataSource = ds.Tables[0];
Grd_View.DataBind();
con.Close();
}
protected void Grd_View_RowCommand(Object sender, System.Web.UI.WebControls.GridViewCommandEventArgs e)
{
int index = Grd_View.SelectedIndex;
if (e.CommandName == "Edit")
{
//string RowIndex = int.Parse(e.CommandArgument.ToString());
// Session["rowid"] = RowIndex;
DataTable dt = new DataTable();
SqlConnection con = new SqlConnection(myStr);
SqlCommand cmd = new SqlCommand("Select * from CustomerProfMain where CustomerCode='" + e.CommandArgument.ToString() + "'", con);
SqlDataAdapter sda = new SqlDataAdapter(cmd);
con.Open();
DataSet ds = new DataSet();
sda.Fill(ds);
dt=ds.Tables[0];
TextBox1.Text = dt.Rows[0]["CustomerName"].ToString();
TextBox2.Text=dt.Rows[0]["Address"].ToString();
TextBox3.Text=dt.Rows[0]["TellNo"].ToString();
TextBox4.Text=dt.Rows[0]["FaxNo"].ToString();
TextBox5.Text=dt.Rows[0]["Email"].ToString();
Button1.Text = "Update";
}
if (e.CommandName == "Delete")
{
int RowIndex = int.Parse(e.CommandArgument.ToString());
Session["rowid"] = RowIndex;
// DataTable dt = new DataTable();
SqlConnection con = new SqlConnection(myStr);
SqlCommand cmd = new SqlCommand("Delete from CustomerProfMain where CustomerCode='" + RowIndex + "' ", con);
SqlDataAdapter sda = new SqlDataAdapter(cmd);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
protected void Grd_View_RowEditing(object sender, GridViewEditEventArgs e)
{
}
protected void Grd_View_RowDataBound(object sender, GridViewRowEventArgs e)
{
}
protected void Grd_View_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Button1.Text == "Add")
{
string myStr = ConfigurationManager.AppSettings["ConnectionString"].ToString();
SqlConnection con = new SqlConnection(myStr);
con.Open();
string sql = string.Empty;
sql = "insert into CustomerProfMain(CustomerName,Address,TellNo,FaxNo,Email) values('" + TextBox1.Text.Trim() + "','" + TextBox2.Text.Trim() + "','" + TextBox3.Text.Trim() + "','" + TextBox4.Text.Trim() + "','" + TextBox5.Text.Trim() + "') ";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.ExecuteNonQuery();
con.Close();
TextBox1.Text = "";
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
TextBox5.Text = "";
Button1.Text = "Add";
loadgridview();
}
if (Button1.Text == "Update")
{
string myStr = ConfigurationManager.AppSettings["ConnectionString"].ToString();
SqlConnection con = new SqlConnection(myStr);
con.Open();
string sql = string.Empty;
sql = "update CustomerProfMain set CustomerName='" + TextBox1.Text.Trim() + "',Address='" + TextBox2.Text.Trim() + "',TellNo='" + TextBox3.Text.Trim() + "',FaxNo='" + TextBox4.Text.Trim() + "',Email='" + TextBox5.Text.Trim() + "' where CustomerCode='" + Session["rowid"] + "'";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.ExecuteNonQuery();
con.Close();
TextBox1.Text = "";
TextBox2.Text = "";
TextBox3.Text = "";
TextBox4.Text = "";
TextBox5.Text = "";
Button1.Text = "Add";
loadgridview();
}
}
}
"<asp:GridView ID="Grd_View" ShowFooter="True" runat="server" OnRowEditing="Grd_View_RowEditing" AutoGenerateColumns="False"
DataKeyNames="CustomerCode" cellpadding="4" OnRowCommand="Grd_View_RowCommand" GridLines="None"
AllowPaging="True" AllowSorting="True" CssClass="style2" ForeColor="#333333" Width="569px" OnRowDataBound="Grd_View_RowDataBound" OnRowDeleting="Grd_View_RowDeleting">
<FooterStyle BackColor="#555555" ForeColor="White" Font-Bold="True" />
<Columns>
<asp:BoundField DataField="CustomerCode" HeaderText="CustomerCode" InsertVisible="False"
ReadOnly="True" SortExpression="CustomerCode" />
<asp:BoundField DataField="CustomerName" HeaderText="CustomerName" SortExpression="CustomerName" />
<asp:BoundField DataField="Address" HeaderText="Address" SortExpression="Address" />
<asp:BoundField DataField="TellNo" HeaderText="TellNo" SortExpression="TellNo" />
<asp:BoundField DataField="FaxNo" HeaderText="FaxNo" SortExpression="FaxNo" />
<asp:BoundField DataField="Email" HeaderText="Email" SortExpression="Email" />
<asp:CommandField ShowEditButton="true" SelectText="Edit" />
<asp:CommandField ShowDeleteButton="true" SelectText="Delete" />
</Columns>
<RowStyle BackColor="#F7F6F3" ForeColor="#333333" />
<SelectedRowStyle BackColor="#E2DED6" Font-Bold="True" ForeColor="#333333" />
<PagerStyle BackColor="#777777" ForeColor="White" HorizontalAlign="Center" />
<HeaderStyle BackColor="#555555" Font-Bold="True" ForeColor="White" />
<EditRowStyle BackColor="#999999" />
<AlternatingRowStyle BackColor="White" ForeColor="#284775" />
</asp:GridView>
「
請注意,您的代碼有SQL注入漏洞。 – paqogomez
您確定數據庫中的CustomerCode與網格的rowindex相同嗎?你可以請顯示網格的aspx代碼...? – Fool
傻瓜有一點,我的答案假設一切都是直的,[本](http://msdn.microsoft.com/en-us/library/dd466172(v = vs.110).aspx)應該有助於「 SQL注入漏洞「 - paqogomez。 – RadioSpace