单击“提交”按钮时出现问题。即使存在无效数据,数据仍会插入数据库。
public partial class surveyCreate : System.Web.UI.Page
{
SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ToString());
private string lblTextMessage;
protected void Page_Load(object sender, EventArgs e)
{
btnSubmitSurvey.Attributes.Add("onclick", "return PostPage();");
List<string> keys = Request.Form.AllKeys.Where(key => key.Contains("txtDynamic")).ToList();
int i = 1;
foreach (string key in keys)
{
this.CreateTextBox("txtDynamic" + i);
i++;
}
if (!IsPostBack)
{
int a_unit = 0;
string username = (string)Session["Username"];
string query5 = "SELECT * FROM tblAdmin WHERE a_uname='" + username + "'";
con.Open();
SqlCommand cmd5 = new SqlCommand(query5, con);
SqlDataReader dr5 = cmd5.ExecuteReader();
if (dr5.Read())
{
a_unit = Convert.ToInt32(dr5["a_unit"]);
}
dr5.Close();
con.Close();
string queryA = "";
string queryB = "";
string queryC = "";
queryA = "SELECT * FROM tblUnit WHERE u_master = " + a_unit;
queryB = "SELECT * FROM tblProject ";
queryC = "SELECT * FROM tblSurveyTemplate where st_template = " + a_unit;
BindDropDownList(ddlunit, queryA, "u_name", "u_id", "SELECT UNIT");
//BindDropDownList(project, queryB, "pro_name", "pro_id", "SELECT PROJECT");
BindDropDownList(ddlTemplate, queryC, "st_name", "st_id", "SELECT TEMPLATE");
ddlproject.Enabled = false;
}
}
private void BindDropDownList(DropDownList ddl, string query, string text, string value, string defaultText)
{
// string conString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString.ToString();
SqlCommand cmd = new SqlCommand(query);
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ToString()))
{
using (SqlDataAdapter sda = new SqlDataAdapter())
{
cmd.Connection = conn;
conn.Open();
ddl.DataSource = cmd.ExecuteReader();
ddl.DataTextField = text;
ddl.DataValueField = value;
ddl.DataBind();
conn.Close();
}
}
ddl.Items.Insert(0, new ListItem(defaultText, "0"));
}
protected void unit_SelectedIndexChanged(Object sender, EventArgs e)
{
ddlproject.Enabled = true;
int u_id = int.Parse(ddlunit.SelectedItem.Value);
string query = "Select pro_id, pro_name from tblProject WHERE u_id=" + u_id;
BindDropDownList(ddlproject, query, "pro_name", "pro_id", "SELECT PROJECT");
}
protected void ddlTemplate_SelectedIndexChanged(Object sender, EventArgs e)
{
int st_id = int.Parse(ddlTemplate.SelectedItem.Value);
SqlDataSourceQuestions.SelectCommand = "SELECT sq_id, sq_question FROM tblSurveyQuestions WHERE st_id=" + st_id;
string query = "SELECT * FROM tblSurveyTemplate WHERE st_id=" + st_id;
con.Open();
SqlCommand cmd = new SqlCommand(query, con);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
LabelComment.Text = dr["st_comment"].ToString();
LabelIntro.Text = dr["st_intro"].ToString();
}
dr.Close();
con.Close();
if (st_id != 0)
PanelA.Visible = true;
else
PanelA.Visible = false;
}
/**
protected void project_SelectedIndexChanged(Object sender, EventArgs e)
{
project.Enabled = true;
project.Items.Clear();
project.Items.Insert(0, new ListItem("SELECT PROJECT", "0"));
int unitId = int.Parse(unit.SelectedItem.Value);
if (unitId > 0)
{
string query = string.Format("Select pro_id, pro_name from tblProject where pro_id = {0} ", unitId);
BindDropDownList(project, query, "pro_name", "pro_id", "SELECT PROJECT");
project.Enabled = true;
}
}
static int i = 0;
protected void btn_addp_Click(object sender, EventArgs e)
{
int j = 0;
i++;
for (j = 0; j < i; j++)
{
TextBox tb = new TextBox();
tb.Width = 350;
tb.ID = "MP" + j.ToString();
ph.Controls.Add(tb);
}
}
*/
protected void btn_addp_Click(object sender, EventArgs e)
{
int index = pnlTB.Controls.OfType<TextBox>().ToList().Count + 1;
this.CreateTextBox("txtDynamic" + index);
}
private void CreateTextBox(string id)
{
TextBox tb = new TextBox();
tb.ID = id;
tb.Width = 350;
pnlTB.Controls.Add(tb);
Literal lt = new Literal();
lt.Text = "<div style=height:3px ></div>";
pnlTB.Controls.Add(lt);
pnlTB.Controls.Add(new LiteralControl("<div style=height:3px ></div>"));
}
protected void GetTextBoxValues(object sender, EventArgs e)
{
}
//duplicate email
protected void cv_ServerValidate(object sender, ServerValidateEventArgs e)
{
//TextBox[] participant = { participant1, participant2, participant3 };
//if (participant1.Text == participant2.Text || participant2.Text == participant3.Text || participant1.Text == participant3.Text)
//{
// cvSubmit.ErrorMessage = "* Duplicate email! Please enter different email. ";
// cvSubmit.Focus();
// e.IsValid = false;
//}
}
这是提交的代码
protected void btnSubmitSurvey_Click(object sender, EventArgs e)
{
string a_id = "";
string username = (string)Session["Username"];
string query4 = "SELECT * FROM tblAdmin WHERE a_uname='" + username + "'";
con.Open();
SqlCommand cmd4 = new SqlCommand(query4, con);
SqlDataReader dr4 = cmd4.ExecuteReader();
if (dr4.Read())
{
a_id = dr4["a_id"].ToString();
}
dr4.Close();
con.Close();
if (Page.IsValid)
{
con.Open();
string query = "CreateSurvey";
string query1 = "ListParticipant";
int surveyID;
DateTime date_now = DateTime.Now;
SqlCommand cmd = new SqlCommand(query, con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@sd_id", SqlDbType.Int, 0, "sd_id");
cmd.Parameters["@sd_id"].Direction = ParameterDirection.Output;
cmd.Parameters.Add("@sd_title", SqlDbType.NVarChar).Value = txtTitle.Text;
cmd.Parameters.Add("@sd_unit", SqlDbType.NVarChar).Value = ddlunit.SelectedValue;
cmd.Parameters.Add("@sd_project", SqlDbType.NVarChar).Value = ddlproject.SelectedValue;
cmd.Parameters.Add("@sd_year", SqlDbType.NVarChar).Value = txtYear.Text;
cmd.Parameters.Add("@st_id", SqlDbType.NVarChar).Value = ddlTemplate.SelectedValue;
cmd.Parameters.Add("@sd_datecreated", SqlDbType.DateTime).Value = date_now;
cmd.Parameters.Add("@sd_createdBy", SqlDbType.NVarChar).Value = a_id;
cmd.ExecuteNonQuery();
surveyID = (int)cmd.Parameters["@sd_id"].Value;
//validate email
bool email = Regex.IsMatch(participant.Text.Trim(), "\\w+([-+.']\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*");
if (!email)
{
lbl2.Text = "Invalid email address";
return;
}
else
{
lbl2.Text = "";
SqlCommand cmd1 = new SqlCommand(query1, con);
cmd1.CommandType = CommandType.StoredProcedure;
cmd1.Parameters.Add("@sp_email", SqlDbType.NVarChar).Value = participant.Text;
cmd1.Parameters.Add("@sd_id", SqlDbType.Int).Value = surveyID;
cmd1.ExecuteNonQuery();
}
foreach (TextBox textBox in pnlTB.Controls.OfType<TextBox>())
{
if (textBox.Text != "")
{
SqlCommand cmd2 = new SqlCommand(query1, con);
cmd2.CommandType = CommandType.StoredProcedure;
cmd2.Parameters.Add("@sp_email", SqlDbType.NVarChar).Value = textBox.Text;
cmd2.Parameters.Add("@sd_id", SqlDbType.Int).Value = surveyID;
cmd2.ExecuteNonQuery();
}
}
string message = "Your survey details has been saved.";
string url = "surveyConfirm.aspx?surveyId=" + surveyID;
string script = "window.onload = function(){ alert('";
script += message;
script += "');";
script += "window.location = '";
script += url;
script += "'; }";
ClientScript.RegisterStartupScript(this.GetType(), "Redirect", script, true);
con.Close();
}
else
{
lbl2.Text = "Fill up the information required";
}
}
}