0

我遇到了一个小问题,让我有点不知所措。我正在使用连接到显示数据的数据源的网格视图。我想要做的是将我想要的一行移到另一个表中。我现在拥有的代码在单击时插入所有行,而不仅仅是选定的行。这是我的按钮单击的代码..

    protected void lbSelect_OnClick(object sender, EventArgs e)
    {

        conn.Open();
        tran = conn.BeginTransaction();
        cmd.Transaction = tran;
        //string slno = null;

        try
        {
            foreach (GridViewRow g1 in gvVehicleImport.Rows)
            {
                string StockNumber = (g1.FindControl("lblStockNumber") as Label).Text;
                string SalesPerson = (g1.FindControl("lblSalesPerson") as Label).Text;
                string Buyer = (g1.FindControl("lblBuyer") as Label).Text;
                string GrossProfit = (g1.FindControl("lblGrossProfit") as Label).Text;
                string DealDate = (g1.FindControl("lblDealDate") as Label).Text;
                string Make = (g1.FindControl("lblMake") as Label).Text;
                string Model = (g1.FindControl("lblModel") as Label).Text;
                string CarTruck = (g1.FindControl("lblCarTruck") as Label).Text;
                string NewUsed = (g1.FindControl("lblNewUsed") as Label).Text;
                string Lender = (g1.FindControl("lblLender") as Label).Text;
                string AmtFinanced = (g1.FindControl("lblAmtFinanced") as Label).Text;
                string RetailLease = (g1.FindControl("lblRetailLease") as Label).Text;
                string BankName = (g1.FindControl("lblBankName") as Label).Text;
                string Status = (g1.FindControl("lblStatus") as Label).Text;
                string ChangedBy = (g1.FindControl("lblChangedBy") as Label).Text;

                string query = "INSERT INTO Vehicle VALUES('" + StockNumber + "','" + SalesPerson + "','" + Buyer + "','" + GrossProfit + "','" + DealDate + "','" + Make + "','" + Model + "','" + CarTruck + "','" + NewUsed + "','" + Lender + "','" + AmtFinanced + "','" + RetailLease + "','" + BankName + "','" + Status + "','" + ChangedBy + "')";
                //slno = StockNumber;
                cmd.CommandText = query;
                cmd.ExecuteNonQuery();
            }


            tran.Commit();
            conn.Close();
            lblImportMessage.Text = "Row move successful.";


        }
        catch (Exception ex)
        {
            tran.Rollback();
            lblImportMessage.Text = "Row move was unsuccessful, " + ex.ToString();
        }

我正在调用标签插入数据库,效果很好,但它会插入每一行,而不仅仅是选定的行。任何想法都会很棒!谢谢!

4

2 回答 2

2

您可以使用GridView的SelectedRow
属性 删除循环并使用类似这样的东西

GridViewRow g1 = gvVehicleImport.SelectedRow;
if(g1 != null)
{
   ... // code to insert
}

就是说,请尽快删除构建 Sql 命令的字符串连接并使用参数化查询。这将允许您避免语法错误(当您的输入文本包含单引号时)和恶意用户试图破坏您的数据库的Sql 注入

于 2013-05-20T20:47:55.773 回答
0

我终于想通了。我不得不放弃我在模板中创建的 onclick 选择按钮,但没什么大不了的。这是代码。

    protected void gvVehicleImport_SelectedIndexChanging(object sender, GridViewSelectEventArgs e)
    {
        SqlConnection conn = new SqlConnection("Data Source=DataBase;Initial Catalog=DataBase;Integrated Security=True");
        conn.Open();

        string StockNumber;
        string SalesPerson;
        string Buyer;
        string GrossProfit;
        string DealDate;
        string Make;
        string Model;
        string CarTruck;
        string NewUsed;
        string Lender;
        string AmtFinanced;
        string RetailLease;
        string BankName;
        string Status;
        string ChangedBy;

        try
        {
            GridViewRow g1 = gvVehicleImport.Rows[e.NewSelectedIndex];


            //converts the labels of the gridview into strings
            StockNumber = (g1.FindControl("lblStockNumber") as Label).Text;
            SalesPerson = (g1.FindControl("lblSalesPerson") as Label).Text;
            Buyer = (g1.FindControl("lblBuyer") as Label).Text;
            GrossProfit = (g1.FindControl("lblGrossProfit") as Label).Text;
            DealDate = (g1.FindControl("lblDealDate") as Label).Text;
            Make = (g1.FindControl("lblMake") as Label).Text;
            Model = (g1.FindControl("lblModel") as Label).Text;
            CarTruck = (g1.FindControl("lblCarTruck") as Label).Text;
            NewUsed = (g1.FindControl("lblNewUsed") as Label).Text;
            Lender = (g1.FindControl("lblLender") as Label).Text;
            AmtFinanced = (g1.FindControl("lblAmtFinanced") as Label).Text;
            RetailLease = (g1.FindControl("lblRetailLease") as Label).Text;
            BankName = (g1.FindControl("lblBankName") as Label).Text;
            Status = (g1.FindControl("lblStatus") as Label).Text;
            ChangedBy = (g1.FindControl("lblChangedBy") as Label).Text;


            //inserts statement inserts above strings into table
            SqlCommand addImport = new SqlCommand("INSERT INTO Vehicle(v_StockNumber, v_SalesPerson, v_Buyer, v_GrossProfit, v_DealDate, v_Make, v_Model, v_CarTruck, v_NewUsed, v_Lender, v_AmtFinanced, v_RetailLease, v_BankName, v_Status, v_ChangedBy)"
            + "VALUES(@v_StockNumber, @v_SalesPerson, @v_Buyer, @v_GrossProfit, @v_DealDate, @v_Make, @v_Model, @v_CarTruck, @v_NewUsed, @v_Lender, @v_AmtFinanced, @v_RetailLease, @v_BankName, @v_Status, @v_ChangedBy)", conn);
            addImport.Parameters.AddWithValue("@v_StockNumber", StockNumber);
            addImport.Parameters.AddWithValue("@v_SalesPerson", SalesPerson);
            addImport.Parameters.AddWithValue("@v_Buyer", Buyer);
            addImport.Parameters.AddWithValue("@v_GrossProfit", GrossProfit);
            addImport.Parameters.AddWithValue("@v_DealDate", DealDate);
            addImport.Parameters.AddWithValue("@v_Make", Make);
            addImport.Parameters.AddWithValue("@v_Model", Model);
            addImport.Parameters.AddWithValue("@v_CarTruck", CarTruck);
            addImport.Parameters.AddWithValue("@v_NewUsed", NewUsed);
            addImport.Parameters.AddWithValue("@v_Lender", Lender);
            addImport.Parameters.AddWithValue("@v_AmtFinanced", AmtFinanced);
            addImport.Parameters.AddWithValue("@v_RetailLease", RetailLease);
            addImport.Parameters.AddWithValue("@v_BankName", BankName);
            addImport.Parameters.AddWithValue("@v_Status", Status);
            addImport.Parameters.AddWithValue("@v_ChangedBy", ChangedBy);

            //executes the import
            addImport.ExecuteNonQuery();
            //}

            //closes connection
            conn.Close();
            lblImportMessage.Text = "Row move successful.";


        }
        catch (Exception ex)
        {
            lblImportMessage.Text = "Row move was unsuccessful, " + ex.ToString();
        }
    }

我已经尝试了多种方法,很多都可以插入没有数据的单行,但这似乎对我来说现在还可以。希望这可以帮助其他遇到麻烦的人。再次感谢!

于 2013-05-21T16:22:41.117 回答