Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 551
  • Last Modified:

SqlDataSource: The server tag is not well formed.

I have a SQL data source and I'm trying to concatenate the logged in user with my SQL SELECT string.  I think I have the syntax wrong, though.   Can someone help?

 <asp:SqlDataSource ID="SqlDataSource1" runat="server"
 ConnectionString="<%$ ConnectionStrings:SQLConnection %>"
 SelectCommand="SELECT dcca_firstname, FROM tblDCCreditApplication WHERE dcca_userid='" & DirectCast(Page, PageBaseClass).CurrentLoggedUser.ID & "'">
>

0
saturation
Asked:
saturation
  • 3
  • 3
1 Solution
 
Nathan BoveSoftware EngineerCommented:
The offending line is:
SelectCommand="SELECT dcca_firstname, FROM tblDCCreditApplication WHERE dcca_userid='" & DirectCast(Page, PageBaseClass).CurrentLoggedUser.ID & "'"

You are not allowed to set those values explicity inline.  
1)  Remove the "Select Command" property from your datasource.
2)  Add a "OnSelecting" event handler.
3)  In the event handler, add the following code:
SqlDataSource1.SelectCommand = "SELECT dcca_firstname, FROM tblDCCreditApplication WHERE dcca_userid='" & DirectCast(Page, PageBaseClass).CurrentLoggedUser.ID & "'"
0
 
saturationAuthor Commented:
How do I add the OnSelecting event handler?   Sorry, I'm fairly new to .NET.
0
 
Nathan BoveSoftware EngineerCommented:
Modify your datasource to read:
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
 ConnectionString="<%$ ConnectionStrings:SQLConnection %>"
 onselecting="SqlDataSource1_Selecting">

Add the following method to the code behind:
protected void SqlDataSource1_Selecting(object sender, SqlDataSourceSelectingEventArgs e) {
  SqlDataSource1.SelectCommand = "SELECT dcca_firstname, FROM tblDCCreditApplication WHERE dcca_userid='" & DirectCast(Page, PageBaseClass).CurrentLoggedUser.ID & "'"
}
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
saturationAuthor Commented:
Is this C#?   My page is VB.NET.
0
 
Nathan BoveSoftware EngineerCommented:
Sub SqlDataSource1_Selecting(ByVal sender As Object, ByVal e As SqlDataSourceSelectingEventArgs)) {
  SqlDataSource1.SelectCommand = "SELECT dcca_firstname, FROM tblDCCreditApplication WHERE dcca_userid='" & DirectCast(Page, PageBaseClass).CurrentLoggedUser.ID & "'"
}
0
 
saturationAuthor Commented:
I get "Statement cannot appear within a method body. End of method assumed." with the code below.   What am I doing wrong?
<%

Public Sub SqlDataSource1_Selecting(ByVal sender As Object, ByVal e As SqlDataSourceSelectingEventArgs)
    SqlDataSource1.SelectCommand = "SELECT dcca_firstname FROM tblDCCreditApplication WHERE dcca_userid='" & DirectCast(Page, PageBaseClass).CurrentLoggedUser.ID & "'"

End Sub

%>

Open in new window

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now