I want to pass session value from .aspx code , i.e the source code of the web
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
ConnectionString="<%$ ConnectionStrings:ConnectionString %>"
SelectCommand="SELECT Album.AlbumID, Album.DefaultPhotID, Album.AlbumName, PhotAlbum.Photo FROM Album INNER JOIN PhotAlbum ON Album.DefaultPhotID = PhotAlbum.PhotoID where userid=<% Session["UserId"] %>">
</asp:SqlDataSource>
I am doubtful if this code will work.
Use SessionParameter with SelectParameters to pass Session values
MSDN Doc
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
ConnectionString="<%$ ConnectionStrings:ConnectionString %>"
SelectCommand="SELECT Album.AlbumID, Album.DefaultPhotID, Album.AlbumName, PhotAlbum.Photo FROM Album INNER JOIN PhotAlbum ON Album.DefaultPhotID = PhotAlbum.PhotoID where userid=#userid">
<SelectParameters>
<asp:SessionParameter Name="userid" Type="String" SessionField="UserId" />
</SelectParameters>
</asp:SqlDataSource>
Related
I have the following code but it doesn't seem to work. The <%= Context.User.Identity.GetUserId() %> has a value in the database but it's not returning any data..... Thanks
<asp:SqlDataSource ID="owner_information" runat="server" ConnectionString="<%$ ConnectionStrings:DefaultConnection %>" SelectCommand="SELECT TOP 1 [imgMain_user], [IDname] FROM [View-EditorLinks] WHERE ([IDuser] = #IDowner)">
<SelectParameters>
<asp:Parameter Name="IDowner" Type="String" DefaultValue="<%= Context.User.Identity.GetUserId() %>" />
</SelectParameters>
</asp:SqlDataSource>
I am trying to update my dropdownlistB according to the categoryId chosen in dropdownlistA Using this code:
<asp:DropDownList ID="DropDownListA" runat="server" DataSourceID="SqlDataSourceA" DataTextField="Description" DataValueField="Description" AutoPostBack="True"></asp:DropDownList>
<asp:DropDownList ID="DropDownListB" runat="server" DataSourceID="SqlDataSourceB" DataTextField="Title" DataValueField="Title"></asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSourceA" runat="server" ConnectionString="<%$ ConnectionStrings:MainDbConnectionString1 %>" SelectCommand="SELECT [Description] FROM [BookCategory]"></asp:SqlDataSource>
<asp:SqlDataSource ID="SqlDataSourceB" runat="server" ConnectionString="<%$ ConnectionStrings:MainDbConnectionString1 %>" SelectCommand="SELECT [Title] FROM [BooksInfo] WHERE ([CategoryId] = #CId)">
<SelectParameters>
<asp:QueryStringParameter DefaultValue="" Name="CId" QueryStringField="SELECT [CategoryId] FROM [BookCategory]" Type="Int32" />
</SelectParameters>
</asp:SqlDataSource>
I am new to using SQL and queries in ASP.NET and cant figure out what Im doing wrong, dropdownlistB stays empty. (AutoPostBack = true in dropdownlistA, so it should update?)
I think what you are looking for is the asp:ControlParameter like this
<asp:ControlParameter ControlID="DropDownListA" PropertyName="SelectedValue"
Name="EmpID" Type="Int32" DefaultValue="0" />
So the the query is based on the selection of DropDownListA.
Here's a dropdown list I have...
<asp:DropDownList
ID="selectTimeFrame"
runat="server"
AutoPostBack="true"
DataTextField="Increment"
DataValueField="Increment"
DataSourceID="SqlTimeFrame"
</asp:DropDownList>
And its datasource:
<asp:SqlDataSource
ID="SqlTimeFrame"
runat="server"
ConnectionString="<% connectionstring %>"
SelectCommand="Select [IncrementID], [Increment] FROM [TimeFrame] ORDER BY [IncrementID]" >
</asp:SqlDataSource>
and then I have a gridview, whos datasource looks like:
<asp:SqlDataSource ID="SqlDataSource2" runat="server" ConnectionString="<% connectinstring %>"
ProviderName="<% connectionstring %>"
SelectCommand="SELECT * FROM #TimeFrame">
<SelectParameters>
<asp:ControlParameter ControlID="selectTimeFrame"
Name="TimeFrame"
PropertyName="SelectedValue"
Type="String" />
</SelectParameters>
And obviously the place where I'm having problems is the fact that " FROM #TimeFrame " doesn't do what I want to. I have Different views whose names correspond to different timeframes, and I want to be able to change the gridview to populate with that information based off of the option a user selects via the dropdown menu. Any insight would be much appreciated... THANKS!! :D
You could use dynamic SQL to achieve what you're looking for although you would need to test this very thorughly to prevent SQL injection attacks as we can never trust the input being received from users.
I've created a simple stored proc which checks whether the table exists in the db and if so it constructs and executes your dynamic SQL statement:
Stored procedure:
CREATE PROCEDURE dbo.GetData
#TableName NVARCHAR(200)
AS
BEGIN
IF OBJECT_ID(#TableName , N'U') IS NOT NULL
BEGIN
EXEC('SELECT * FROM ' + #TableName);
END
END
ASPX:
<asp:DropDownList ID="selectTimeFrame" runat="server" AutoPostBack="true" DataTextField="Increment"
DataValueField="Increment" DataSourceID="SqlTimeFrame" />
<asp:SqlDataSource ID="SqlTimeFrame" runat="server" ConnectionString="<%$ ConnectionStrings:connectionstring %>"
SelectCommand="Select [IncrementID], [Increment] FROM [TimeFrame] ORDER BY [IncrementID]">
</asp:SqlDataSource>
<asp:SqlDataSource ID="dynamicDS" runat="server" ConnectionString="<%$ ConnectionStrings:connectionstring %>"
SelectCommand="GetData" SelectCommandType="StoredProcedure">
<SelectParameters>
<asp:ControlParameter ControlID="selectTimeFrame" Name="TableName" PropertyName="SelectedValue"
Type="String" />
</SelectParameters>
</asp:SqlDataSource>
<asp:GridView ID="gvData" DataSourceID="dynamicDS" runat="server">
</asp:GridView>
I have two Drop Down Lists, degrees and programs respectively, i want to generate the program list values on the bases of selected Degree from degree dropdown list. how can i do this, the code is given below:
<asp:DropDownList ID="Degree_DList" runat="server" DataSourceID="Degrees_DropdownList"
DataTextField="DEGREE_NAME" DataValueField="DEGREE_ID" AppendDataBoundItems="True">
</asp:DropDownList>
<asp:SqlDataSource ID="Degrees_DropdownList" runat="server" ConnectionString="<%$ ConnectionStrings:admConnectionString %>" ProviderName="<%$ ConnectionStrings:admConnectionString.ProviderName %>"
SelectCommand="SELECT DEGREE_ID, DEGREE_NAME FROM DEGREE"> </asp:SqlDataSource>
<asp:DropDownList ID="Program_Dlist" runat="server" AppendDataBoundItems="True" DataSourceID="Programs_DropdownList" DataTextField="PROGRAM_NAME" DataValueField="PROGRAM_ID"></asp:DropDownList>
<asp:SqlDataSource ID="Programs_DropdownList" runat="server" ConnectionString="<%$ ConnectionStrings:admConnectionString %>" ProviderName="<%$ ConnectionStrings:admConnectionString.ProviderName %>"
SelectCommand="SELECT PROGRAM_ID, PROGRAM_NAME FROM PROGRAMS WHERE DEGREE_ID = #DEGREE_ID"><SelectParameters>
<asp:ControlParameter Name="DEGREE_ID" ControlID="Degree_DList" PropertyName="SelectedValue" />
</SelectParameters>
</asp:SqlDataSource>
You have to inform your DataSource you'll provide some parameters in the SELECT:
<asp:SqlDataSource ... >
<SelectParameters>
<asp:Parameter Name="DEGREE_ID" />
</SelectParameters>
</asp:SqlDataSource>
Do not forget to provide that parameters with code:
MyDataSource.SelectParameters["DEGREE_ID"].DefaultValue = "12345";
Consider a page, when the page loads, nothing shows up.
It works when i pass the querystring on the browser as this:
http://localhost:51765/foo/foo.aspx?ID=c516f4f4-36a9-40a7-baad-d2419ea631b9
I want it to work when the page load not when i pass the querystring on the browser.
Can someone help me with this?
<asp:SqlDataSource ID="categoriesDataSource" runat="server"
connectionString="<%$ ConnectionStrings:ConnectionString %>"
SelectCommand="SELECT [CategoryID], [Name] FROM [Categories] WHERE ([UserId] = #UserId) ORDER BY [Name]">
<SelectParameters>
<asp:QueryStringParameter Name="UserId" QueryStringField="ID" />
</SelectParameters>
</asp:SqlDataSource>
<asp:DropDownList ID="categories" runat="server" AutoPostBack="True"
DataSourceID="categoriesDataSource" DataTextField="Name"
AppendDataBoundItems="True" DataValueField="CategoryID">
<asp:ListItem Value="">-- All Albums --</asp:ListItem>
</asp:DropDownList>
<asp:SqlDataSource ID="picturesDataSource" runat="server" ConnectionString="<%$ ConnectionStrings:ConnectionString %>"
SelectCommand="SELECT [PictureID], [Title], [UploadedOn] FROM [Pictures] WHERE UserId = #UserId AND
(CategoryID = #CategoryID Or #CategoryID IS NULL) ORDER BY UploadedOn DESC"
CancelSelectOnNullParameter="False">
<SelectParameters>
<asp:ControlParameter ControlID="categories" Name="CategoryID" PropertyName="SelectedValue"/>
<asp:QueryStringParameter Name="UserId" QueryStringField="ID" />
</SelectParameters>
</asp:SqlDataSource>
<asp:GridView ID="GridView1" runat="server" DataSourceID="picturesDataSource">
</asp:GridView>
It is difficult to answer your question without showing the code of the page or at least explaining what it does. From the url it seems that the page relies on the ID parameter and tries to parse it to a Guid. You need to test whether the ID parameter is passed and use it only in this case:
string id = Request["ID"];
if (!string.IsNullOrEmpty(id))
{
// The ID parameter has been passed => use its value here
}