我在gridview中有数据,该数据已由用户在特定数据周期中批准( startDate ,ex。'2017-05-01(。对于每一行,如果检查了该行的复选框,则将批准和时间戳记录。如果未检查框,则标记了记录" D"并进行时间戳。未经批准的记录需要评论,但在批准的记录上不需要评论。
问题是我无法运行更新语句,我相信这是因为我设置了参数或 startDate , filenumber empid 。我尝试运行基于用户名和 empid 的简单删除语句,这些语句有效。有任何想法吗?
我已经尝试了一些 request.querystring(" startdate"(和 gridunappreverecords.selectedrow.findcontrol(" startDate"(的变体,但是我没有那些运气。
错误:
The parameterized query '(@UserName varchar(13),@EmpID varchar(4),@StartDate varchar(8000' expects the parameter '@StartDate', which was not supplied.
子:
Protected Sub UpdateSelectedRecords_Click(ByVal sender As Object, ByVal e As EventArgs)
Dim cb As CheckBox
Dim atLeastOneRowApproved As Boolean = False
Dim strComment As TextBox
Dim conString As String = ConfigurationManager.ConnectionStrings("MktDataConnectionString").ToString()
Dim sqlConn As New SqlConnection(conString)
sqlConn.Open()
Dim cmd As New SqlCommand(conString,sqlConn)
cmd.Parameters.Add("@UserName", SqlDbType.VarChar)
cmd.Parameters.Add("@EmpID", SqlDbType.VarChar)
cmd.Parameters.Add("@StartDate", SqlDbType.VarChar)
cmd.Parameters.Add("@FileNumber", SqlDbType.VarChar)
cmd.Parameters.Add("@Comment", SqlDbType.VarChar)
' Make changes to dtsp_THS_PerfectAttendanceValidation, row by row
For Each row As GridViewRow In GridUnapprovedRecords.Rows
' Select the current row's check box and comment
cb = CType(row.FindControl("CheckBox1"),CheckBox)
strComment = CType(row.FindControl("Comment"), TextBox)
' Set parameter values for UPDATE statement
cmd.Parameters("@UserName").Value = Row.Page.User.Identity.Name
cmd.Parameters("@EmpID").Value = GridUnapprovedRecords.DataKeys(row.RowIndex).Value
cmd.Parameters("@StartDate").Value = row.Cells(0).Text.ToString()
cmd.Parameters("@FileNumber").Value = row.Cells(2).Text.ToString()
cmd.Parameters("@Comment").Value = row.Cells(5).Text.ToString()
' Determine which UPDATE statement to run
If ((Not (cb) Is Nothing) AndAlso cb.Checked) Then
' Approved records; RecordType left as NULL; Comment Optional
atLeastOneRowApproved = true
If String.IsNullOrEmpty(strComment.Text) Then
' Ignores comment
cmd.CommandText = "UPDATE dtsp_THS_PerfectAttendanceValidation SET UserName = @UserName, ValidationDate = GETDATE() WHERE StartDate = @StartDate AND FileNumber = @FileNumber AND EmpID = @EmpID"
cmd.ExecuteNonQuery()
Else
' Adds Comment
cmd.CommandText = "UPDATE dtsp_THS_PerfectAttendanceValidation SET Comment = @Comment, UserName = @UserName, ValidationDate = GETDATE() WHERE StartDate = @StartDate AND FileNumber = @FileNumber AND EmpID = @EmpID"
cmd.ExecuteNonQuery()
End If
Else
' Unapproved records; Same update except that RecordType is set to "D"; Comment Required
cmd.CommandText = "UPDATE dtsp_THS_PerfectAttendanceValidation SET RecordType = 'D', Comment = @Comment, UserName = @UserName, ValidationDate = GETDATE() WHERE StartDate = @StartDate AND FileNumber = @FileNumber AND EmpID = @EmpID"
cmd.ExecuteNonQuery()
End If
Next
' Reload the page
Response.Redirect(HttpContext.Current.Request.Url.ToString(), True)
End Sub
更新:虽然史蒂夫提供了一些很好的建议,但我最终不得不围绕着自己的操作方式进行更改,因为我根本无法将值从GridView传递到VB变量。唯一的例外是我用于 comment 的文本框,它必须经过多个步骤,然后才能做任何事情。我尝试使用 row.findcontrol(" comment"(。文本,但这是行不通的。
strComment = row.FindControl("Comment")
strComment.Text
教训:如果可以的话,请避免从GridView中获得值。可能是可能的,但是很难做到。
如果您对StartDate字段的类型日期列,则不要传递VarChar类型的参数。这将迫使数据库按照其在服务器计算机上的安装规则执行转换。
您应始终通过一个适用于接收列的值的参数,
因此,开始将参数声明为
cmd.Parameters.Add("@StartDate", SqlDbType.Date)
然后将单元格值转换为日期变量,然后使用该日期设置参数的值。无需转换,数据库引擎正确解释了日期
Dim start As DateTime
if Not DateTime.TryParse(row.Cells(0).Text, start) Then
' Message about invalid date and return
else
cmd.Parameters("@StartDate").Value = start
sql语句和存储过程通常包含在运行时评估的参数。用参数编写的SQL语句称为参数化SQL语句。
使用SQLDATASOURCE控件时,您可以指定使用参数的SQL查询和语句。这有助于通过根据运行时评估的值读取和编写数据库信息来使您的数据结合方案更加灵活。您可以从各种来源获取参数值,包括ASP.NET应用程序变量,用户身份和用户选择的值。您可以使用参数提供数据检索的搜索标准;提供要在数据存储中插入,更新或删除的值;并提供用于排序,分页和过滤的值。
selectCommand =" select employeeId,lastname,first frop from雇员的employeeid = @empid"
insertCommand ="插入员工(lastName,firstName(值(@lastname,@firstname(;
SELECT @EmpID = SCOPE_IDENTITY()"
updateCommand ="更新员工设置lastName =@lastName,firstName =@firstName
WHERE EmployeeID=@EmployeeID"
deletecommand =" delete员工where employeeid =@雇员"
connectionsTring ="<%$ connectionsRings:northwindConnection%>" oninSerted =" opplyeedetailssqldatasource_oninserted" runat =" server">
<asp:Parameter Name="EmpID" Type="Int32" DefaultValue="0" />
<asp:Parameter Name="EmpID" Direction="Output" Type="Int32" DefaultValue="0"/>
有关更多详细信息,请参见https://msdn.microsoft.com/en-us/library/z72eefad.aspx?cs-save-save-lang=1&cs-lang=vb#code-snippet-3