更新不起作用C＃ADO.net

Question

我一直在這個小時，並找不到問題在這裏。我有3頁，其中2個有更新，工作正常，但這不是我希望有人能夠找到問題所在。

一切「出現」工作，我看到'成功更新'的消息，但它只是不更新​​數據。

這裏是代碼中的相關片段：

ASCX：

<asp:Repeater ID="TestDataList" runat="server" onItemCommand="Item_Command"> 
     <ItemTemplate> 
      <div class='<%# Container.ItemIndex % 2 == 0 ? "list-wrap" : "list-wrap alternate" %>'> 
       <a href="#" class="edit-list icon-pencil icon-large"></a> 
       <div class="update"> 
        <span class="dl-content"> 
         <h2><asp:Label ID="TestNameDisplay" runat="server" CssClass="name" Text='<%# Eval("TestName") %>'/></h2> 
        </span> 
        <asp:LinkButton ID="deleteTestCase" CssClass="delete-list icon-trash icon-large" runat="server" CommandName="deleteTestCase" CommandArgument='<%#Eval("TestCaseID")%>'/> 

        <%--edit form--%> 
        <span class="dl-update">  
         <asp:TextBox ID="TxtUpdateTestName" runat="server" CssClass='textEntry' Text='<%#Eval("TestName")%>'></asp:TextBox> 
         <asp:LinkButton ID="EditTestNameButton" runat="server" Text="Save" CommandName="SelectTestName" CommandArgument='<%#Eval("TestCaseID")%>' ValidationGroup='<%# "UpdateTestCaseName" + Eval("TestCaseID") %>' /> 
         <asp:RequiredFieldValidator ID="UpdateTestNameRequired" runat="server" ControlToValidate="TxtUpdateTestName" CssClass="formValidation" ErrorMessage="What good is a test case with no name?" ValidationGroup='<%# "UpdateTestCaseName" + Eval("TestCaseID") %>'/> 
        </span> 
       </div> 
</ItemTemplate> 
    </asp:Repeater> 

代碼背後：

protected void Item_Command(Object sender, RepeaterCommandEventArgs e) 
    { 
     if (e.CommandName == "SelectTestName") 
     { 
      string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = " + e.CommandArgument; 

      SqlConnection conn = new SqlConnection(GetConnectionString()); 
      SqlCommand cmdUpdateTestName = new SqlCommand(setTestNameSQL, conn); 

      TextBox tb = (TextBox)e.Item.FindControl("TxtUpdateTestName"); 

      SqlParameter u1 = new SqlParameter("TestName", tb.Text); 
      SqlParameter u2 = new SqlParameter("TestCaseID", e.CommandArgument); 

      cmdUpdateTestName.Parameters.Add(u1); 
      cmdUpdateTestName.Parameters.Add(u2); 

      try 
      { 
       conn.Open(); 
       cmdUpdateTestName.ExecuteNonQuery(); 
       PopulateTestList(); 
       lblUserFeedbackMessage.Text = "Sucessfully updated!"; 
      } 
      catch (System.Data.SqlClient.SqlException ex) 
      { 
       string msg = "Update Error:"; 
       msg += ex.Message; 
       throw new Exception(msg); 
      } 
      finally 
      { 
       conn.Close(); 
      } 
     } 

Answer 1

試試這樣說：

string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = @TestCaseID"; 

SqlConnection conn = new SqlConnection(GetConnectionString()); 
SqlCommand cmdUpdateTestName = new SqlCommand(setTestNameSQL, conn); 

TextBox tb = (TextBox)e.Item.FindControl("TxtUpdateTestName"); 

SqlParameter u1 = new SqlParameter("@TestName", tb.Text); 
SqlParameter u2 = new SqlParameter("@TestCaseID", e.CommandArgument); 

cmdUpdateTestName.Parameters.Add(u1); 
cmdUpdateTestName.Parameters.Add(u2); 

否則你請勿提供參數的值，因爲缺少@，並且您的命令易受到sql injection attack的攻擊。

Answer 2

你已經錯過了@（符號）在sqlparamete對象名稱，對於你的查詢參數對象的名字是@TestName。但是你已經使用了SqlParameter Name是@TestName。發現了@符號

試試下面行，而不是該行代碼

 SqlParameter u1 = new SqlParameter("**@TestName**", tb.Text); 

Answer 3

您正在使用SqlParameters的這是一件好事，因爲它避免了SQL注入但後來你爲什麼直接傳遞e.CommandArgument更新查詢。所以將其更改爲

string setTestNameSQL = "UPDATE TestCases SET TestName = @TestName WHERE TestCaseID = @TestCaseID"; 

，並添加參數是這樣的（不要忘了在參數名稱前添加@）

SqlParameter u1 = new SqlParameter("@TestName", tb.Text); 
SqlParameter u2 = new SqlParameter("@TestCaseID", e.CommandArgument)