Reputation: 174
Need help accessing a DropDownList through a class
I'm trying to figure out how to access and store the selection from a dropdownlist to use in a SELECT command in the mainSQL class.
here are the specifics.
The DropDownList (on a page called Page.aspx):
<asp:DropDownList
ID="selectInfo1"
runat="server"
AutoPostBack="True"
DataTextField="Info1"
DataValueField="Info1Key"
DataSourceID="SqlDB" >
</asp:DropDownList>
The function where I'm trying to access the DDL (in a seperate class file):
public List<ListInfo> getList()
{
List<ListInfo> sList = new List<ListInfo>();
ListInfo objList = null;
//This is where I need to declare a variable called Info1Key and set it to the value of the ddl!
string queryString = "SELECT [UniqueID], [Date], [Info1], [Info2], [Info3] FROM [ReportedSales] WHERE ([Info1] = ' " + Info1Key + "') ORDER BY [Date]";
using (SqlConnection connection = new SqlConnection(sqlConString))
{
using (SqlCommand command = new SqlCommand(queryString, connection))
{
command.Connection.Open();
using (SqlDataReader dataReader = command.ExecuteReader())
{
while (dataReader.Read())
{
objList = new ListInfo();
objList.ID = Convert.ToInt16(dataReader["UniqueID"]);
objList.Date = Convert.ToDateTime(dataReader["Date"]);
objList.Info1 = (dataReader["Info1"] as int?) ?? 0;
objList.Info2 = (dataReader["Info2"] as int?) ?? 0;
objList.Info3 = (dataReader["Info3"] as int?) ?? 0;
sList.Add(objList);
}
}
}
}
return sList;
}
This is the only function (im pretty sure) that calls the getList method--
private void FillListActivity()
{
List<ListInfo> objList = new List<ListInfo>();
objList = new mainSQL().getList();
ReportingGV.DataSource = objList;
ReportingGV.DataBind();
}
NEW PROBLEM-- GV is no longer changing when I change the DDL.
One way that I could fix that was change the Page_Load in Page.aspx.cs as follows:
Originally:
protected void Page_Load(object sender, EventArgs e)
{
if(!isPostBack)
{
FillSalesActivity();
}
}
Working, but will I have problems?:
protected void Page_Load(object sender, EventArgs e)
{
FillSalesActivity();
}
Upvotes: 2
Views: 1106
Answers (1)
Reputation: 219016
You don't want your external classes to know or care anything about UI elements (such as drop down lists). They should be as UI-agnostic as possible.
Instead, what you want to do in this case is pass the value to the function. So you'd change the function signature to something like this:
public List<ListInfo> getList(string Info1Key)
{
// The code is the same, just use the Info1Key parameter that's been passed to the function.
}
And then you'd call the function like this:
private void FillSalesActivity()
{
List<SalesInfo> objSalesList = new List<SalesInfo>();
objSalesList = new mainSQL().getSalesList(selectInfo1.SelectedValue);
SalesReportingGV.DataSource = objSalesList;
SalesReportingGV.DataBind();
}
A few things to note:
- You'll want to include error-checking on your page to make sure there's a value
SelectedValuebefore bothering to call the function. - You should really look into SQL injection vulnerabilities, because your code has one. Never implicitly trust a value coming from the client, even if it's from a drop down list and you think you control those. You don't. The client can send any value they want if they choose to, and that value can contain SQL code which your function would merrily run against your database with all the permissions it needs. Look into using "parameterized queries" or, even better, an ORM framework. Something like Linq To Sql has a pretty quick setup and low learning curve and gets you a lot of functionality.
Upvotes: 4
Related Questions
- Bind a Class to Dropdownlist in ASP.NET
- Accessing Information From Drop Down List
- How to access dropdownlist in static method
- Can't access dropdownlist in code behind
- DropDownList inaccessible
- asp.net - problems getting dropdownlist
- DropDownList error 'does not exist in the in the list of items' ASP.NET C#
- dropdown list as reference arugment to a class
- working with dropdownlist in asp.net c#
- asp.net dropdownlist