如何在用户更新gridview时获取用户名会话并将其用户名更新到数据库?

时间:2014-04-01 08:57:43

标签: c# session gridview webforms

我有一个名为EntryTable的表。我使用gridview显示数据。但在此之前,用户需要先登录才能使用该服务。我将用户名硬编码为Admin。在他登录之后,在他编辑之后,一旦他点击了更新按钮,他的名字Admin就会转到数据库中的MODIFIEDBY列字段。

不要被名称栏混淆,与此无关。只有列修改才很重要。由于我以Admin身份登录,因此我的名字称为admin。如果我编辑并更新了gridview,这个名为admin的名称将转到数据库中的modifiedby列。因为管理员修改了它。如果我在gridview中更新第一行,则名称admin将进入由列字段修改而不是John Tan。如果我在gridview中更新第二行,则名称admin将进入由column字段修改而不是kevin wong。总是管理员,因为我以管理员身份登录。这意味着通过会话名称的值更新已修改的列。

enter image description here

enter image description here

登录名是标签,id称为lblUsername。 enter image description here

LOGIN.ASPX代码 

protected void btnLogin_Click(object sender, EventArgs e)
{

    if (txtUserName.Text == "Admin" && txtPassword.Text == "123")
    {
        Session.Add("Username", txtUserName.Text);
        Session.Add("Password", txtPassword.Text);
        FormsAuthentication.SetAuthCookie(txtUserName.Text, true);
        Response.Redirect("BlogEntry.aspx");
    }

    else

        lblError.Text = "Incorrect Username or Password";
}

登录页面,更新和PAGELOAD代码后 

protected void Page_Load(object sender, EventArgs e)
{
    if (Page.IsPostBack == false)
    {
        bindResultGridView();

    }
    //Logout.Visible = false;
    string memName = (String)Session["UserName"];
    lblUsername.Text = String.Concat("Welcome Guest!");

    if (Session["Username"] != null && Session["Username"] != String.Empty)
    {
        lblUsername.Text = "Welcome, " + memName + "!";


    }

}


protected void grdBlog_RowEditing(object sender, GridViewEditEventArgs e)
    {
        grdBlog.EditIndex = e.NewEditIndex;
        bindResultGridView();
    }
    protected void grdBlog_RowUpdating(object sender, GridViewUpdateEventArgs e)
    {
        int selectedRow = e.RowIndex;   //get selected row
        //  get product id from data key
        int blogid = (int)grdBlog.DataKeys[selectedRow].Value;

    //  get current grid view row
    GridViewRow row = (GridViewRow)grdBlog.Rows[selectedRow];
    TextBox name = (TextBox)row.FindControl("txtName");
    //  find text box for txtPrice
    TextBox blogtype = (TextBox)row.FindControl("txtBlogType");
    TextBox description = (TextBox)row.FindControl("txtDescription");
    TextBox dateentry = (TextBox)row.FindControl("txtDateEntry");
    TextBox blogstory = (TextBox)row.FindControl("txtBlogStory");
    //  Remove $ sign
    string strName = name.Text;
    string strBlogType = blogtype.Text;
    string strDescription = description.Text;
    string strDateEntry = dateentry.Text;
    string strBlogStory = blogstory.Text;
    DateTime datDate;
    if (DateTime.TryParseExact(strDateEntry, new string[] { "dd/MM/yyyy" },
                           System.Globalization.CultureInfo.InvariantCulture,
                           System.Globalization.DateTimeStyles.None, out datDate))
    {
        updateBlogGridviewRecord(blogid, strName, strBlogType, strDescription, datDate, strBlogStory);
    }

    else
    {
        lblError.Visible = true;
        lblError.Text = "Invalid Date";
        lblSuccess.Visible = false;
    }
}

private void updateBlogGridviewRecord(int blogid, string strName, string strBlogType, string strDescription, DateTime datDate, string strBlogStory)
{
    try
    {
        string strConnectionString = ConfigurationManager.ConnectionStrings["BlogConnectionString"].ConnectionString;
        SqlConnection myConnect = new SqlConnection(strConnectionString);

        string strCommandText = "UPDATE EntryTable SET [Name]=@Name, [BlogType]=@BlogType, [Description]=@Description, [DateEntry]=@DateEntry, [BlogStory]=@BlogStory WHERE [BlogID]=@BlogID";

        SqlCommand cmd = new SqlCommand(strCommandText, myConnect);
        cmd.Parameters.AddWithValue("@BlogID", blogid);
        cmd.Parameters.AddWithValue("@Name", strName);
        cmd.Parameters.AddWithValue("@BlogType", strBlogType);
        cmd.Parameters.AddWithValue("@DateEntry", datDate);
        cmd.Parameters.AddWithValue("@Description", strDescription);
        cmd.Parameters.AddWithValue("@BlogStory", strBlogStory);
        myConnect.Open();

        int result = cmd.ExecuteNonQuery();

        if (result > 0)
        {
            lblSuccess.Visible = true;
            lblSuccess.Text = "Record updated!";
            lblError.Visible = false;
        }
        else
        {
            lblSuccess.Visible = true;
            lblError.Text = "Update fail";
            lblError.Visible = false;
        }

        myConnect.Close();


        //Cancel Edit Mode
        grdBlog.EditIndex = -1;
        bindResultGridView();
    }

    catch
    {
        lblError.Visible = true;
        lblError.Text = "Please Enter Approximate data";
        lblSuccess.Visible = false;
    }
}

关注@puneet建议

 protected void grdBlog_RowUpdating(object sender, GridViewUpdateEventArgs e)
    {
    Session["Username"] = txtName.Text;

    int selectedRow = e.RowIndex;   //get selected row
    //  get product id from data key
    int blogid = (int)grdBlog.DataKeys[selectedRow].Value;

    //  get current grid view row
    GridViewRow row = (GridViewRow)grdBlog.Rows[selectedRow];
    TextBox name = (TextBox)row.FindControl("txtName");
    //  find text box for txtPrice
    TextBox blogtype = (TextBox)row.FindControl("txtBlogType");
    TextBox description = (TextBox)row.FindControl("txtDescription");
    TextBox dateentry = (TextBox)row.FindControl("txtDateEntry");
    TextBox blogstory = (TextBox)row.FindControl("txtBlogStory");
    //  Remove $ sign
    string strName = name.Text;
    string strBlogType = blogtype.Text;
    string strDescription = description.Text;
    string strDateEntry = dateentry.Text;
    string strBlogStory = blogstory.Text;
    DateTime datDate;
    if (DateTime.TryParseExact(strDateEntry, new string[] { "dd/MM/yyyy" },
                           System.Globalization.CultureInfo.InvariantCulture,
                           System.Globalization.DateTimeStyles.None, out datDate))
    {
        updateBlogGridviewRecord(blogid, strName, strBlogType, strDescription, datDate, strBlogStory);
    }

    else
    {
        lblError.Visible = true;
        lblError.Text = "Invalid Date";
        lblSuccess.Visible = false;
    }
}

2 个答案:

答案 0 :(得分:1)

以下是完全未经测试的,但在我看来,您可以按照以下方式执行某些操作。 

string strCommandText = "UPDATE EntryTable SET [ModifiedBy]=@Modifier, [Name]=@Name, [BlogType]=@BlogType, [Description]=@Description, [DateEntry]=@DateEntry, [BlogStory]=@BlogStory WHERE [BlogID]=@BlogID";

SqlCommand cmd = new SqlCommand(strCommandText, myConnect);
cmd.Parameters.AddWithValue("@BlogID", blogid);
cmd.Parameters.AddWithValue("@Name", strName);
cmd.Parameters.AddWithValue("@BlogType", strBlogType);
cmd.Parameters.AddWithValue("@DateEntry", datDate);
cmd.Parameters.AddWithValue("@Description", strDescription);
cmd.Parameters.AddWithValue("@BlogStory", strBlogStory);
cmd.Parameters.AddWithValue("@Modifier", Session["Username"]);

答案 1 :(得分:0)

在grdBlog_RowUpdating方法中,通过用户输入的文本更改会话值。

  

Session["Username"] = name.Text;

下次刷新页面时,会出现新名称。

相关问题
最新问题