I tried to pass more than one value through Query String from page1.aspx to page2.aspx.
This is my Query string in the Grid View
<a href="javascript:void(0);" onclick='javascript:window.open("Update.aspx?Regno= <%#Eval ("ID") %>'+ ","'&Fn=<%#Eval ("FIRSTNAME") %>' +", "'&Ln=<%#Eval ("LASTNAME") %>'")';>
Edit</a>
On My Page2.aspx, my code behind on PageLoad is:
if (Page.IsPostBack) return;
string id = Request.QueryString["ID"];
string Firstname = Request.QueryString["FIRSTNAME"];
string LastName = Request.QueryString["LASTNAME"];
My Visual Studio IDE shows a syntax error on this query string. I dont know the exact way to pass multiple values through Query String. How to make it work? Can anyone pls help me on this..
Which is the right syntax to pass multiple query string?
You use the & to seperate multiple query string cars. For example, Foo=12&first=death
("LASTNAME") %>'")' ;
Whats up with the semicolon here at the end???
try removing that as u dont need it
Also
You string is a bit difficult to find any missing , quotes. Better print in console , or give an alert for this
Update.aspx?Regno= <%#Eval ("ID") %>'+ ","'&Fn=<%#Eval ("FIRSTNAME") %>' +", "'&Ln=<%#Eval ("LASTNAME") %>'")';
And copy the printed string, paste it in the Browser and check whether it works! There by u can see what are all the things getting passed and where you made mistake in syntax
Related
how to manage the result of a query that returns an integer "select count(*) from table"?
1) I've tried to bind the output of a SQL Execute Statement service to an integer variable and doesn't work. (type mistmatch)
2) i've tried to use types like 'SQLResult', SQLResultRow, SQLResultColumn as well but they dont work:
Caused by: com.lombardisoftware.core.TeamWorksException: Type ismatch the value "[Element: ]" must be and instance of type atructured IBM BPM Java Class found: org.jdom.Element
3) i've tried to bind the output to a XMLElement variable and i've got this value
< resultSet recordCount=\"1\" columnCount=\"1\">5< /columnn>< /record>< /resultSet>
so now... how can I access the recordCount attribute of this node?
anyway, I don't like so manipulate a variable of XMLType, when are the types SQLResult, SQLResultRow, SQLResultColumn used?
****** EDITED *******
even if i get a result as XMLElement.. i can't manipulate it.
methods like: tw.local.result[0].rows[0].column[0].getText() don't work (the intellisense as well)
the XMLElement as an attribute "recordCount" but i don't know how to get his value..
Anyway, the only workaround that i found is to change the query in order to return a normal set of records(not a scalar value)
select field from table instead of select count(field) from table
so i could to map the output value to a list of objects and than count its length...
ugly and dirty :-(
anyone know how manipulate the XMLElement in a script block?
Please try this.
Bind the output variable from sql execute statement as 'ANY' type.
variable name - result (ANY)
Query - select count(field) as COUNTVAL from table
tw.local.totalCount = tw.local.result[0].rows[0].indexedMap.COUNTVAL;
Use Return type as XMLElement then bind a XMLElement in output mapping.
For eg: If you are using tw.local.output as ouput mapping (of type XMLElement) then,
log.info("Count "+tw.local.output.xpath('/resultSet/record/column').item(0).getText());
This will print the count
If you want to get "recordCount" Attribute then use
tw.local.output.getAttribute("recordCount");
I have an SQL statement I run for my website that inserts data into an access database. Is there a way during the insert to replace a space " " if one of the date textboxes contains a space? I need to do this because it throws off my date queries if there is a space in one of the columns?
INSERT INTO tblOpen (DateColumn1, DateColumn2) Values (#Value1, #Value2)
You should use the 'datetime' type for your DateColumn. It solves all your problem. It is good to use proper variable for proper field.
If you mean heading and trailing spaces, then:
myString = myString.Trim()
in your vb.net code will be fine. Even though I would follow Steve's suggestion and converting to date.
As question was about replace, you can either use Replace()
INSERT INTO tblOpen (DateColumn1, DateColumn2)
Values (REPLACE(#Value1, ' ', ''), #Value2)
or LTrim() and RTrim()
INSERT INTO tblOpen (DateColumn1, DateColumn2)
Values (LTRIM(RTRIM(#Value1)), #Value2)
However if datatype is a datetime then it makes sense to convert to that type using
DateTime d = Convert.ToDateTime(TextBox1.Text);
SqlParameter p = command.Parameters.Add("#Value1", System.Data.SqlDbType.DateTime);
p.Value = d;
I am working with ASP.net. In that in one sql query my output is 21,22,23, which is a string.
I want to remove those commas and store them as separate integer values...I want to use an array. Plese help. How to do that ?
You can convert a string separated by certain characters by using .Split(char):
string test = "21,22,23";
string[] split = test.Split(',');
This will give you an array of strings though. If you want to use them as integers you will want to convert them as well, and depending on your situation you might want to check if it's parseable or not, but you could use LINQ and do something like this:
string test = "21,22,23";
int[] values = test.Split(',').Select(value => Convert.ToInt32(value)).ToArray();
the String.Split(char[]) function should do this for you. I think in ASP.net it goes:
string values = "21,22,23";
string[] valuesArray = values.split(",");
While a normal String.Split would work, you still won't get integer values. You can try a simple LINQ query like so:
var results = from string s in yourString.Split('s')
select int.Parse(s);
You can then obviously cast it to a list or array, depending on your needs... A sample for converting it to an array directly in the LINQ query is as follows:
int[] results = (from string s in yourString.Split('s')
select int.Parse(s)).ToArray();
Problem: I have a form with text values, and a function that must return a string query based on the values of the text values too.
Solution: I created a SQLCommand query with parameters, then I put the SQLCommand.CommandText to a string and I returned it (to the business logic that is going to handle the query)
Main Question: Is it sql-injection proof?
Code Example:
sQuery = "select * from xy where x like '%#txtNameParameter%'";
SqlCommand cmd = new SqlCommand(sQuery);
cmd.Parameters.Add("#txtNameParameter", SqlDbType.VarChar);
cmd.Parameters["#txtNameParameter"].Value = txtName.Text;
string query = cmd.CommandText;
return query;
Sub question if main question is ok:
Should I put into parameters also values of a radiobutton and dropdownmenu or are they injection-proof?
What you are doing here is injection proof because you are not injecting anything. In fact, your parameter isn't even used (because the only reference to it is inside a string literal so the SQL Parser won't even see where you are attempting to use the parameter because it will treat it as a string literal.)
You may want to change that line of code to:
sQuery = "select * from xy where x like '%'+#txtNameParameter+'%'";
Which would make the SQL look like this:
select * from xy where x like '%'+#txtNameParameter+'%'
Which is just string concatenation in a place where a string is expected in the SQL command anyway.
However, your description of what you are doing with this afterwards possibly blows all that out of the water. I cannot understand why you would want to send just the where clause of the query to the business layer.
Also, the substringed WHERE clause will not contain the data you are putting in the parameter. So you are getting no more benefit that just returning
return "where x like '%#txtNameParameter%'";
The parameter value is lost.
Hello
I am using datetime datatype in sql sever but whenever i save this form i am getting this error "String was not recognized as a valid DateTime" . In my code i am using ajax code on textbox to select date . But same error i am getting . I am specify date format into it but still it get error . What we do now.
Try Format:
DateTime.ToString("yyyy-MM-dd HH:mm:ss.fff");
you can use this vb code to convert it :
dataandtimevarible.Value.ToString("dd-MM-yyyy")
you need to add Format="dd-MM-yyyy" to your mark up code and add this one to your markup Code
<ajaxToolkit:CalendarExtender ID="CalendarExtender1" runat="server" Format="dd-MM-yyyy" TargetControlID="CreatedOnTextBox">
</ajaxToolkit:CalendarExtender>
last thing you have to make sure from the Culture language!!!
How are you saving your data into the database? Are you using parameters? If not then use parameters - to save date/time value, choose your parameter data type as DbType.DateTime.
Now, your text box will give you a string value and you need to convert it to date/time data type before assigning to the parameter. Use DateTime.ParseExact method with your specific date format - for example,
var param = new SqlParameter("MyDateColumn");
param.DbType = DbType.DateTime;
param.Value = DateTime.ParseExact(textbox1.Text, "dd-MM-yyyy", null);