如何通過域內的標籤值

var conString = ConfigurationManager.ConnectionStrings["CONSTRING"].ConnectionString; 
SqlConnection con = new SqlConnection(conString); 
string uname = Session["un"].ToString(); 
Label sid = (Label)DetailsView1.Rows[1].Cells[1].Controls[0].FindControl("lblsid"); 
TextBox nam = (TextBox)DetailsView1.Rows[2].Cells[1].Controls[0].FindControl("lblname"); 
TextBox lnam = (TextBox)DetailsView1.Rows[3].Cells[1].Controls[0].FindControl("lbllname"); 
TextBox cont = (TextBox)DetailsView1.Rows[4].Cells[1].Controls[0].FindControl("lblcon"); 
TextBox ei = (TextBox)DetailsView1.Rows[5].Cells[1].Controls[0].FindControl("lblei"); 
TextBox add = (TextBox)DetailsView1.Rows[6].Cells[1].Controls[0].FindControl("lbladd"); 
TextBox cit = (TextBox)DetailsView1.Rows[7].Cells[1].Controls[0].FindControl("lblcit"); 
DropDownList typ = (DropDownList)DetailsView1.Rows[8].Cells[1].Controls[0].FindControl("lbltyp"); 
cmd.Connection = con; 
cmd.CommandText = "update seller set fname ='" + nam.Text + "', lname ='" + lnam.Text + "', contact ='" + cont.Text + "', address ='" + add.Text + "', city ='" + cit.Text + "', type='" + typ.SelectedValue + "' where sid=" + sid.Text + ""; 
cmd.Connection.Open(); 

cmd.ExecuteNonQuery(); 

DetailsView1.ChangeMode(DetailsViewMode.ReadOnly); 
BindData();

我知道這種方式是找到控件，但我不知道如何在查詢中傳遞Sid值。有人可以幫忙嗎？在C上工作＃如何通過域內的標籤值

來源

2016-12-03 Samsam

哪種技術是這種WPF或WinForms？ – ChrisF

供將來參考：[攻擊媽媽]（http://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work） – Steve

@ ChrisF看起來像ASP.Net WebForms，帶有dataview或gridview –

使用參數。下面我向您展示如何爲名字這麼做。你可以這樣做。

SqlCommand cmd = new SqlCommand(
    "update seller set fname = @firstName", con); 

// 2. define parameters used in command object 
SqlParameter param = new SqlParameter(); 
param.ParameterName = "@firstName"; 
param.Value = nam; 

// 3. add new parameter to command object 
cmd.Parameters.Add(param);

來源

2016-12-03 15:10:42 CodingYoshi

如何通過域內的標籤值

回答

相關問題