• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 406
  • Last Modified:

Simple GridView Updates Not Working

I have a very basic table that I'm trying to setup to update from the code behind but whenever I click update nothing changes.

C#
        protected void UpdateCarrier(object sender, GridViewUpdateEventArgs e)
        {

            GridViewRow row = (GridViewRow)gvCarrier.Rows[e.RowIndex];
            TextBox carrier = (TextBox)row.FindControl("txtCarrier");
            Label carrierid = (Label)row.FindControl("lblCarrierID");
            gvCarrier.EditIndex = -1;
            assetsCon.Open();
            SqlCommand cmdUpdate = new SqlCommand("UPDATE L_Carrier SET CarrierName = '"+carrier.Text+"' WHERE CarrierID = "+carrierid.Text+"", assetsCon);

            cmdUpdate.ExecuteNonQuery();
            assetsCon.Close();
            BindData();

        }

Open in new window


ASP.NET
<asp:GridView ID="gvCarrier" DataKeyNames="CarrierID" runat="server" AutoGenerateColumns="false" OnRowEditing="EditCarrier" OnRowDataBound="RowDataBound" OnRowUpdating="UpdateCarrier" OnRowCancelingEdit="CancelEdit" EnableModelValidation="True">
    <Columns>
        <asp:TemplateField HeaderText="CarrierID">
            <EditItemTemplate>
                <asp:Label runat="server" Text='<%# Eval("CarrierID") %>' ID="lblCarrierID"></asp:Label>
            </EditItemTemplate>
            <ItemTemplate>
                <asp:Label runat="server" Text='<%# Eval("CarrierID") %>' ID="Label1"></asp:Label>
            </ItemTemplate>
        </asp:TemplateField>

        <asp:TemplateField HeaderText = "Carrier Name">
    <ItemTemplate>
        <asp:Label ID="lblCarrier" runat="server" Text='<%# Eval("CarrierName")%>'></asp:Label>
    </ItemTemplate>
    <EditItemTemplate>
        <asp:TextBox ID="txtCarrier" runat="server" Text='<%# Eval("CarrierName")%>'></asp:TextBox>
    </EditItemTemplate>
    </asp:TemplateField>
    <asp:CommandField ShowEditButton="True" />
</Columns>
</asp:GridView>

Open in new window


I click the button and it closes the editor but no changes happened.
0
BigDeer
Asked:
BigDeer
  • 2
1 Solution
 
Kyle AbrahamsSenior .Net DeveloperCommented:
Just a warning you're code is vulnerable to sql injection:

this is a SAMPLE, do NOT run this.

suppose Carrier.text = " ' ; drop table L_Carrier ; --"

this
new SqlCommand("UPDATE L_Carrier SET CarrierName = '"+carrier.Text+"' WHERE CarrierID = "+carrierid.Text+"", assetsCon);

becomes
" UPDATE L_Carrier SET CarrierName = '  ' ; drop table L_Carrier ; --' WHERE CarrierID "


The proper way to do this is here:
http://msdn.microsoft.com/en-us/library/ms972948.aspx

and

http://code.msdn.microsoft.com/CSASPNETGridView-5b16ce70
0
 
BigDeerAuthor Commented:
Thanks for that...

Getting:

[FormatException: Input string was not in a correct format.]
   System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) +10165251
   System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info) +207
   System.String.System.IConvertible.ToInt32(IFormatProvider provider) +61
   System.Convert.ChangeType(Object value, Type conversionType, IFormatProvider provider) +307
   System.Data.SqlClient.SqlParameter.CoerceValue(Object value, MetaType destinationType) +1367

[FormatException: Failed to convert parameter value from a String to a Int32.]



I assume from my:

 // Get the ReasonID of the selected row.
string strReasonID = gvReason.Rows[e.RowIndex].Cells[2].Text;

// Append the parameters.
cmd.Parameters.Add("@ReasonID", SqlDbType.Int).Value = strReasonID;
0
 
BigDeerAuthor Commented:
I figured it out. Thanks for the link, that's what I needed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now