I have a textbox with multiline feature active. I query the names entered in this textbox from the database and print the result to the Gridview1 object.
However, when I use the code below, it only adds the result of the last name in the textbox to the gridview. I want the results obtained at the same time to be displayed collectively in a single gridview.
For example, I want the surnames of 10 names to be displayed collectively in 1 gridview. Thanks to everyone who helped.
protected void btntoplusorgu_Click(object sender, EventArgs e)
{
var satırlar = txttoplu.Text.Split(new[] { 'r', 'n' });
foreach (var veri in satırlar)
{
string baglanti = ConfigurationManager
.ConnectionStrings["TAKS"].ConnectionString;
using (SqlConnection con = new SqlConnection(baglanti))
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
StringBuilder sbCommand = new
StringBuilder("Select * from Veriler where 1 = 1");
if (veri.ToString() != "")
{
sbCommand.Append(" AND Tckn=@Tckn");
SqlParameter paramtckn = new
SqlParameter("@Tckn", veri.ToString());
cmd.Parameters.Add(paramtckn);
}
else
{
}
cmd.CommandText = sbCommand.ToString();
cmd.CommandType = CommandType.Text;
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
GridView1.DataSource = rdr;
GridView1.DataBind();
}
}
}
2
Answers
Your interest and response are truly excellent. I apologize for returning late. Unfortunately, there is no regular intern in the student dormitory. Unfortunately, I do not understand the source of the term "General" in the codes. Would it be a bad thing if I asked you to edit my codes according to the way you suggested?
You can add multiple parameters, and still enjoy SQL injection safe code.
So, say this markup:
And our code behind can be this:
And the result looks like this:
So, note how we are free to add parameters to the SQL command object, and there is not really any requirement to have any existing SQL in that command object during the time your code adds parameters.
And as a FYI, the helper routine MyRstP() is a general (global) routine that I use over and over to save some keyboards every time I have a SQL query to pull data.
That routine used was thus this: