Solved

Simple GridView Updates Not Working

Posted on 2013-05-29
3
380 Views
Last Modified: 2013-05-29
I have a very basic table that I'm trying to setup to update from the code behind but whenever I click update nothing changes.

C#
        protected void UpdateCarrier(object sender, GridViewUpdateEventArgs e)
        {

            GridViewRow row = (GridViewRow)gvCarrier.Rows[e.RowIndex];
            TextBox carrier = (TextBox)row.FindControl("txtCarrier");
            Label carrierid = (Label)row.FindControl("lblCarrierID");
            gvCarrier.EditIndex = -1;
            assetsCon.Open();
            SqlCommand cmdUpdate = new SqlCommand("UPDATE L_Carrier SET CarrierName = '"+carrier.Text+"' WHERE CarrierID = "+carrierid.Text+"", assetsCon);

            cmdUpdate.ExecuteNonQuery();
            assetsCon.Close();
            BindData();

        }

Open in new window


ASP.NET
<asp:GridView ID="gvCarrier" DataKeyNames="CarrierID" runat="server" AutoGenerateColumns="false" OnRowEditing="EditCarrier" OnRowDataBound="RowDataBound" OnRowUpdating="UpdateCarrier" OnRowCancelingEdit="CancelEdit" EnableModelValidation="True">
    <Columns>
        <asp:TemplateField HeaderText="CarrierID">
            <EditItemTemplate>
                <asp:Label runat="server" Text='<%# Eval("CarrierID") %>' ID="lblCarrierID"></asp:Label>
            </EditItemTemplate>
            <ItemTemplate>
                <asp:Label runat="server" Text='<%# Eval("CarrierID") %>' ID="Label1"></asp:Label>
            </ItemTemplate>
        </asp:TemplateField>

        <asp:TemplateField HeaderText = "Carrier Name">
    <ItemTemplate>
        <asp:Label ID="lblCarrier" runat="server" Text='<%# Eval("CarrierName")%>'></asp:Label>
    </ItemTemplate>
    <EditItemTemplate>
        <asp:TextBox ID="txtCarrier" runat="server" Text='<%# Eval("CarrierName")%>'></asp:TextBox>
    </EditItemTemplate>
    </asp:TemplateField>
    <asp:CommandField ShowEditButton="True" />
</Columns>
</asp:GridView>

Open in new window


I click the button and it closes the editor but no changes happened.
0
Comment
Question by:BigDeer
  • 2
3 Comments
 
LVL 40

Accepted Solution

by:
Kyle Abrahams earned 500 total points
ID: 39206123
Just a warning you're code is vulnerable to sql injection:

this is a SAMPLE, do NOT run this.

suppose Carrier.text = " ' ; drop table L_Carrier ; --"

this
new SqlCommand("UPDATE L_Carrier SET CarrierName = '"+carrier.Text+"' WHERE CarrierID = "+carrierid.Text+"", assetsCon);

becomes
" UPDATE L_Carrier SET CarrierName = '  ' ; drop table L_Carrier ; --' WHERE CarrierID "


The proper way to do this is here:
http://msdn.microsoft.com/en-us/library/ms972948.aspx

and

http://code.msdn.microsoft.com/CSASPNETGridView-5b16ce70
0
 
LVL 3

Author Comment

by:BigDeer
ID: 39206169
Thanks for that...

Getting:

[FormatException: Input string was not in a correct format.]
   System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +10165251
   System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info) +207
   System.String.System.IConvertible.ToInt32(IFormatProvider provider) +61
   System.Convert.ChangeType(Object value, Type conversionType, IFormatProvider provider) +307
   System.Data.SqlClient.SqlParameter.CoerceValue(Object value, MetaType destinationType) +1367

[FormatException: Failed to convert parameter value from a String to a Int32.]



I assume from my:

 // Get the ReasonID of the selected row.
string strReasonID = gvReason.Rows[e.RowIndex].Cells[2].Text;

// Append the parameters.
cmd.Parameters.Add("@ReasonID", SqlDbType.Int).Value = strReasonID;
0
 
LVL 3

Author Closing Comment

by:BigDeer
ID: 39206243
I figured it out. Thanks for the link, that's what I needed.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question