将列表传递给sqldatasource的参数

时间:2013-07-22 16:01:20

标签: asp.net vb.net visual-studio-2012

我的代码后面有一个arraylist,用于存储数据库中各种项目的id值。单击按钮后,我希望将这些id值传递给SQLDataSource,以充当填充gridview的参数。不幸的是,我对VB的有限知识阻碍了我,而且我对如何做这样的事情感到困惑。

背后的代码 

Protected Sub Preview_Click(ByVal sender As Object, ByVal e As EventArgs) Handles Preview_Button.Click

    Dim list As New ArrayList
    Dim atLeastOneRowSelected As Boolean = False
    'Iterate through the Devices.Rows property
    For Each row As GridViewRow In GridView1.Rows
        'Access the CheckBox
        Dim cb As CheckBox = row.FindControl("DeviceSelector")
        If cb IsNot Nothing AndAlso cb.Checked Then
            atLeastOneRowSelected = True
            'First, get the device_id for the selected row
            Dim device_id As Integer = _
                Convert.ToInt32(GridView1.DataKeys(row.RowIndex).Value)
            list.Add(device_id)
        End If
    Next

End Sub

.aspx页面中的SQLDataSource 

<asp:SqlDataSource ID="SqlDataSource3" runat="server"
                ConnectionString="<%$ ConnectionStrings:LOTOConnectionString %>"
                SelectCommand="SELECT * FROM [DEVICES] WHERE ([devices_id] = @devices_id)">
    <SelectParameters>
        <asp:Parameter Name="devices_id" Type="Int32" />
    </SelectParameters>
</asp:SqlDataSource>

修改

在玩了一下之后,我意识到我可以使用join命令将我的列表组成一个合适的SQL字符串。因此,我仍然不理解的唯一部分是如何从我的代码中引用SQLDataSource。

2 个答案:

答案 0 :(得分:0)

只需使用SqlDataSource的Selecting事件来设置参数值devices_id。此事件发生在DataSource执行查询之前。因此,此事件中设置的任何值都将被接下来要执行的查询使用。

<asp:SqlDataSource ID="SqlDataSource3" runat="server"     
     OnSelecting="SqlDataSource3_Selecting"
     ConnectionString="<%$ ConnectionStrings:LOTOConnectionString %>"
     SelectCommand="SELECT * FROM [DEVICES] WHERE ([devices_id] = @devices_id)">

我不知道VB中的语法,可能在C#下面的例子可能会帮助你,因为逻辑是相同的,只有语法不同。 

protected void SqlDataSource3_Selecting(object sender, SqlDataSourceSelectingEventArgs e) 
 { 
   for (int i=0;i < arrList.Count - 1;i++)
    {
      // just for example suppose Business logic needs the First ID value
       if(i==0)
        {
         // the select parameters can be accessed using: e.Command.Parameters
         e.Command.Parameters["@devices_id"].Value == Convert.ToInt32(list[i]);
        }
     } 
  }

答案 1 :(得分:0)

好吧,我弄清楚我需要做什么。我动态创建一个SQL查询并将其传递给我的SQLDataSource。我不确定这是否会让我倾向于SQL注入,但由于我生成的查询是从单独的gridview中提取数据,我相信它没问题?

背后的代码 

Protected Sub Preview_Click(ByVal sender As Object, ByVal e As EventArgs) Handles Preview_Button.Click

    'Finds all checkboxes that have been selected in GridView1
    Dim list As New ArrayList
    Dim atLeastOneRowSelected As Boolean = False

    'Iterate through each row of GridView1
    For Each row As GridViewRow In GridView1.Rows
        'Access the CheckBox
        Dim cb As CheckBox = row.FindControl("DeviceSelector")
        If cb IsNot Nothing AndAlso cb.Checked Then
            atLeastOneRowSelected = True
            'Get the device_id of the selected row
            Dim device_id As Integer = _
                Convert.ToInt32(GridView1.DataKeys(row.RowIndex).Value)
            list.Add(device_id)
        End If
    Next

    If atLeastOneRowSelected Then
        'Generate an SQL command using the selected checkboxes
        Dim str As String = String.Join(" OR devices_id = ", list.ToArray())
        Dim query As String = "Select * FROM [DEVICES] where devices_id = " + str
        SqlDataSource3.SelectCommand = query

        'Enable the GenerateReport Button
        GenerateReport_Button.Enabled = True
    End If
End Sub

的SqlDataSource 

<asp:SqlDataSource ID="SqlDataSource3" runat="server"
                ConnectionString="<%$ ConnectionStrings:LOTOConnectionString %>"
                SelectCommand=""></asp:SqlDataSource>
相关问题
最新问题