0 
Protected Sub GridView1_RowCommand _
(sender As Object, e As GridViewCommandEventArgs) _
    Handles GridView1.RowCommand
    If e.CommandName.CompareTo("command") = 0 Then

        Dim itemID As Integer = Convert.ToInt32( _
            GridView1.DataKeys(Convert.ToInt32(e.CommandArgument)).Value)

        Dim sqlConn As New SqlConnection("connectionString")

        sqlConn.Open()

        Dim sqlComm As New SqlCommand("UPDATE itemTable SET property = (property + 1) WHERE id = '" + itemID + "', sqlConn")
        sqlComm.ExecuteNonQuery()

        sqlConn.Close()
    End If

End Sub

Basically, it doesn't work and I don't get it. I've been trying to figure this out for a few days now and I can't see what I've done wrong. As you can see I'm trying to manually update a field in my database with the value of (originalvalue)+1 when the user clicks the buttonfield of the corresponding row.

I guess what I'm asking is if anyone can point out any mistakes, please do, or if there's a better way to do this (without having to go through all the DAL/BLL BS) please tell it to me.

Thank you very much!

Improve this question
3
  • 1
    Have you tried stepping through this with the debugger to see what value your itemID has and whether the code even gets run at all? Commented May 14, 2011 at 4:08
  • Sorry about the noobness about the following statement, but why does Visual Studio act like I've selected 'view the aspx page in a browser' when I click the debug button? No items appear in the 'Locals' window as well. Commented May 14, 2011 at 15:34
  • Your sql is vulnerable to injection attacks Commented Mar 14, 2012 at 4:11

3 Answers 3

Reset to default
1

I've solved my own problem! Look at the code:

Sub GridView1_RowCommand(ByVal sender As Object, ByVal e As GridViewCommandEventArgs)

    // If multiple buttons are used in a GridView control, use the
    // CommandName property to determine which button was clicked.
    If e.CommandName = "commandname" Then

        // Convert the row index stored in the CommandArgument
        // property to an Integer.
        Dim index = Convert.ToInt32(e.CommandArgument)

        // Retrieve the row that contains the button clicked 
        // by the user from the Rows collection.
        Dim row = GridView1.Rows(index)

        // Calculate the new value.
        Dim tb = CType(row.FindControl("Label1"), Label)
        Dim newint As Integer = Convert.ToDouble(tb.Text) + 1

        // Get the id of the idea.
        Dim id As Integer = Convert.ToInt32( _
        GridView1.DataKeys(index).Value)

        //Manual update to the database.
        Dim con As New SqlConnection("connectionstring")
        Dim cmd As New SqlCommand("UPDATE ideatable SET field = " & (newint.ToString) & " WHERE id = " & (id.ToString), con)
        con.Open()
        cmd.ExecuteNonQuery()
        con.Close()

        //Refresh the page.
        Page.Response.Redirect("default.aspx")

    End If

End Sub

And remember to set OnRowCommand="GridView1_RowCommand" for the gridview in the aspx file code too, I forgot about that earlier! :/

I'm so happy, thanks for all the help offered! Hope this answer helps someone like me who got stuck.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I think there is problem in your sentence :- Try Below one at place of your Statement

Dim sqlComm As New SqlCommand("UPDATE itemTable SET property = (property + 1) WHERE id = " + itemID + "", sqlConn)

Improve this answer

1 Comment

Hi Sanjay, yes there definitely was a mistake there. But still, after making the changes, the button doesn't work. All I get is a quick refresh of the screen and no updates to my database values...
0

Watch the string you are generating and try to execute it manually and then what happens the table gets UPDATE or not.

Because I Think The "ItemId" is not there in your table.

Try to do This in SQL Server "Select * From itemTable Where id = ItemId" Because i think that the itemId is not there in your table.

Improve this answer

2 Comments

I don't get it. How can the ItemID not be in the table? I mean, isn't my code dynamically getting the ItemID that belongs to the row of the button that the user clicked? So within this context this button should exist... Unless that statement is actually wrong and does not really return an ID? Or that that statement has really to be of a String value instead of an Integer because of the adding into the SQLcommand later on. Sorry I'm ranting here, but just laying my thoughts out. And thanks for this answer, appreciate it!
That is why i am asking u that first check that what is the value of the ItemID in your code. And then check that ID in in your table that it is exist or not.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.