Solved

Simple GridView Updates Not Working

Posted on 2013-05-29
3
394 Views
Last Modified: 2013-05-29
I have a very basic table that I'm trying to setup to update from the code behind but whenever I click update nothing changes.

C#
        protected void UpdateCarrier(object sender, GridViewUpdateEventArgs e)
        {

            GridViewRow row = (GridViewRow)gvCarrier.Rows[e.RowIndex];
            TextBox carrier = (TextBox)row.FindControl("txtCarrier");
            Label carrierid = (Label)row.FindControl("lblCarrierID");
            gvCarrier.EditIndex = -1;
            assetsCon.Open();
            SqlCommand cmdUpdate = new SqlCommand("UPDATE L_Carrier SET CarrierName = '"+carrier.Text+"' WHERE CarrierID = "+carrierid.Text+"", assetsCon);

            cmdUpdate.ExecuteNonQuery();
            assetsCon.Close();
            BindData();

        }

Open in new window


ASP.NET
<asp:GridView ID="gvCarrier" DataKeyNames="CarrierID" runat="server" AutoGenerateColumns="false" OnRowEditing="EditCarrier" OnRowDataBound="RowDataBound" OnRowUpdating="UpdateCarrier" OnRowCancelingEdit="CancelEdit" EnableModelValidation="True">
    <Columns>
        <asp:TemplateField HeaderText="CarrierID">
            <EditItemTemplate>
                <asp:Label runat="server" Text='<%# Eval("CarrierID") %>' ID="lblCarrierID"></asp:Label>
            </EditItemTemplate>
            <ItemTemplate>
                <asp:Label runat="server" Text='<%# Eval("CarrierID") %>' ID="Label1"></asp:Label>
            </ItemTemplate>
        </asp:TemplateField>

        <asp:TemplateField HeaderText = "Carrier Name">
    <ItemTemplate>
        <asp:Label ID="lblCarrier" runat="server" Text='<%# Eval("CarrierName")%>'></asp:Label>
    </ItemTemplate>
    <EditItemTemplate>
        <asp:TextBox ID="txtCarrier" runat="server" Text='<%# Eval("CarrierName")%>'></asp:TextBox>
    </EditItemTemplate>
    </asp:TemplateField>
    <asp:CommandField ShowEditButton="True" />
</Columns>
</asp:GridView>

Open in new window


I click the button and it closes the editor but no changes happened.
0
Comment
Question by:BigDeer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 40

Accepted Solution

by:
Kyle Abrahams earned 500 total points
ID: 39206123
Just a warning you're code is vulnerable to sql injection:

this is a SAMPLE, do NOT run this.

suppose Carrier.text = " ' ; drop table L_Carrier ; --"

this
new SqlCommand("UPDATE L_Carrier SET CarrierName = '"+carrier.Text+"' WHERE CarrierID = "+carrierid.Text+"", assetsCon);

becomes
" UPDATE L_Carrier SET CarrierName = '  ' ; drop table L_Carrier ; --' WHERE CarrierID "


The proper way to do this is here:
http://msdn.microsoft.com/en-us/library/ms972948.aspx

and

http://code.msdn.microsoft.com/CSASPNETGridView-5b16ce70
0
 
LVL 3

Author Comment

by:BigDeer
ID: 39206169
Thanks for that...

Getting:

[FormatException: Input string was not in a correct format.]
   System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +10165251
   System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info) +207
   System.String.System.IConvertible.ToInt32(IFormatProvider provider) +61
   System.Convert.ChangeType(Object value, Type conversionType, IFormatProvider provider) +307
   System.Data.SqlClient.SqlParameter.CoerceValue(Object value, MetaType destinationType) +1367

[FormatException: Failed to convert parameter value from a String to a Int32.]



I assume from my:

 // Get the ReasonID of the selected row.
string strReasonID = gvReason.Rows[e.RowIndex].Cells[2].Text;

// Append the parameters.
cmd.Parameters.Add("@ReasonID", SqlDbType.Int).Value = strReasonID;
0
 
LVL 3

Author Closing Comment

by:BigDeer
ID: 39206243
I figured it out. Thanks for the link, that's what I needed.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Delta outage: 650 cancelled flights, more than 1200 delayed flights, thousands of frustrated customers, tens of millions of dollars in damages – plus untold reputational damage to one of the world’s most trusted airlines. All due to a catastroph…
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
Viewers will learn how the fundamental information of how to create a table.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question