I want to be able to use a QueryString parameter with a control parameter in an OR Clause on the ASPX page.
The below works for QueryString Parameter
Select * From Data1
WHERE ([Customer Name] = #C)
AND ([Order Number] = #O)
AND ('AD\' + Salesperson_AD_User_ID = #U)
AND ([Warehouse Id] = #W)
AND ([Use Description] is NOT NULL)
<SelectParameters>
<asp:querystringparameter QueryStringField="C" Name="C" />
<asp:querystringparameter QueryStringField="O" Name="O" />
<asp:querystringparameter QueryStringField="U" Name="U" />
<asp:querystringparameter QueryStringField="W" Name="W" />
</SelectParameters>
Below does not work
select * From Data1
WHERE ([Customer Name] = #Customer_Name OR [Customer Name] = #C)
AND ([Order Number] = #Order_Number OR [Order Number] = #O)
AND ('AD\' + Salesperson_AD_User_ID = #username OR'AD\' + Salesperson_AD_User_ID = #U)
AND ([Warehouse Id] = #Warehouse_Id OR [Warehouse Id] = #W)
AND ([Use Description] IS NOT NULL)
The full name is the control parameter (textbox, dropdown, etc.)
(#Customer_Name, #Order_Number, #username, #Warehouse_Id)
and the letter is the Querystring
(#C,#O,#W, #U)
<SelectParameters>
<asp:controlparameter ControlID="DropDownListCustomer" PropertyName="SelectedValue" Name="Customer_Name" />
<asp:querystringparameter QueryStringField="C" Name="C" />
<asp:controlparameter ControlID="DropDownListContract" PropertyName="SelectedValue" Name="Order_Number" />
<asp:querystringparameter QueryStringField="O" Name="O" />
<asp:controlparameter ControlID="UserID" PropertyName="Text" Name="username" />
<asp:querystringparameter QueryStringField="U" Name="U" />
<asp:controlparameter ControlID="DropDownListLocation" PropertyName="SelectedValue" Name="Warehouse_Id" />
<asp:querystringparameter QueryStringField="W" Name="W" />
</SelectParameters>
How can I add An OR Clause to default to the control if the QueryString is not provided or if the QueryString contains a value use it?
My query looks like this:
<asp:SqlDataSource ID="UpdateFullNameSQL" runat="server" ConnectionString="<%$ ConnectionStrings:UserQueries %>" ProviderName="<%$ ConnectionStrings:UserQueries.ProviderName %>"
UpdateCommand="update users set firstname = :changefirstname, lastname = :changelastname where username = :currentusername">
<UpdateParameters>
<asp:ControlParameter ControlID="ChangeFirstNameBox" Name="changefirstname" PropertyName="Text" Type="Empty" />
<asp:ControlParameter ControlID="ChangeLastNameBox" Name="changelastname" PropertyName="Text" Type="Empty" />
</UpdateParameters>
<SelectParameters>
<asp:ControlParameter ControlID="UsernameBox" Name="currentusername" PropertyName="Text" Type="Empty" />
</SelectParameters>
</asp:SqlDataSource>
So I have two parameters that I want to update from and one parameter that I want to use to change the data where it matches withthe selectparameter's data. And when I want to execute it, it shows an ORA-01008 exception.
My code-behind only has a updatefullnamesql.update(); function.
What am I missing here/doing wrong?
In update command you should use # instead of :. I.E.:
UpdateCommand="update users set firstname = #changefirstname,
lastname = #changelastname where username = #currentusername;"
Additionally you have to specify the #currentusername as update parameter
<UpdateParameters>
...
<asp:ControlParameter ControlID="UsernameBox"
Name="currentusername" PropertyName="Text" Type="Empty" />
</UpdateParameters>
Ok so i have sorted the difference of Dates, it's working great. The problem i am facing now is that when i click on date from the Calender (AJAX calender that appears when you click on TextBox) It adds Date along with the null time to database. I only want Date not Time.
Please note: that the DataType of AdmitDate and DischargeDate is set to datetime.
Here is my C# code:
string str = "update Patient set Department= #Department,Ward=#Ward,Bed=#Bed,Status=#Status,AdmitDate=#AdmitDate,DischargeDate=#DischargeDate, NumOfDays=#NumOfDays where PID = '" + TextBox3.Text + "'";
cmd = new SqlCommand(str, con);
con.Open();
cmd.Parameters.AddWithValue("#Department", DropDownList4.SelectedItem.Text);
cmd.Parameters.AddWithValue("#Ward", DropDownList3.SelectedItem.Text);
cmd.Parameters.AddWithValue("#Bed", DropDownList1.SelectedItem.Text);
cmd.Parameters.AddWithValue("#Status", DropDownList2.SelectedItem.Text);
cmd.Parameters.AddWithValue("#AdmitDate", TextBox1.Text);
DateTime AdmitDate = DateTime.Parse(TextBox1.Text);
// AdmitDate.ToString("d");
AdmitDate.ToShortDateString();
cmd.Parameters.AddWithValue("#DischargeDate", TextBox2.Text);
DateTime DischargeDate = DateTime.Parse(TextBox2.Text);
// DischargeDate.ToString("d");
DischargeDate.ToShortDateString();
var diff = (DischargeDate - AdmitDate).Days;
cmd.Parameters.AddWithValue("#NumOfDays", diff);
cmd.ExecuteNonQuery();
con.Close();
As you can see i tried 2 methods, they don't give any error but don't work the way they are supposed to. I tried some other things as well (mentioned here and on other sites) but they didn't work either. Any kind of help will be appreciated.
Additional Info: I am using SQL server 2008 R2 with VS2013.
EDIT: here is my SQL table structure:
CREATE TABLE [dbo].[Patient] (
[PID] INT IDENTITY (1, 1) NOT NULL,
[Department] NVARCHAR (50) NULL,
[Ward] NVARCHAR (50) NULL,
[Bed] NVARCHAR (50) NULL,
[Status] NVARCHAR (50) NULL,
[AdmitDate] DATETIME NULL,
[DischargeDate] DATETIME NULL,
[NumOfDays] INT NULL,
CONSTRAINT [PK__Patient__C57755200BC6C43E] PRIMARY KEY CLUSTERED ([PID] ASC)
i have removed the fields that are not relevant.
EDIT: my gridview code:
<div id="mbody"> <br />
<div class="gview">
<asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" DataSourceID="SqlDataSource1" HeaderStyle-HorizontalAlign="Center" FooterStyle-HorizontalAlign="Center" CssClass="gview" DataKeyNames="PID" Width="613px">
<Columns>
<asp:CommandField ShowDeleteButton="True" />
<asp:BoundField DataField="PID" HeaderText="PID" SortExpression="PID" InsertVisible="False" ReadOnly="True" />
<asp:BoundField DataField="Pname" HeaderText="Pname" SortExpression="Pname" />
<asp:BoundField DataField="Gender" HeaderText="Gender" SortExpression="Gender" />
<asp:BoundField DataField="Department" HeaderText="Department" SortExpression="Department" />
<asp:BoundField DataField="Ward" HeaderText="Ward" SortExpression="Ward" />
<asp:BoundField DataField="Bed" HeaderText="Bed" SortExpression="Bed" />
<asp:BoundField DataField="Status" HeaderText="Status" SortExpression="Status" />
<asp:BoundField DataField="AdmitDate" HeaderText="AdmitDate" SortExpression="AdmitDate" />
<asp:BoundField DataField="DischargeDate" HeaderText="DischargeDate" SortExpression="DischargeDate" />
<asp:BoundField DataField="NumOfDays" HeaderText="NumOfDays" SortExpression="NumOfDays" />
</Columns>
<asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:SMCConnectionString %>" SelectCommand="SELECT [PID], [Pname], [Gender], [Department], [Ward], [Bed], [Status], [AdmitDate], [DischargeDate], [NumOfDays] FROM [Patient]" DeleteCommand="DELETE FROM [Patient] WHERE [PID] = #PID" InsertCommand="INSERT INTO [Patient] ([Pname], [Gender], [Department], [Ward], [Bed], [Status], [AdmitDate], [DischargeDate], [NumOfDays]) VALUES (#Pname, #Gender, #Department, #Ward, #Bed, #Status, #AdmitDate, #DischargeDate, #NumOfDays)" UpdateCommand="UPDATE [Patient] SET [Pname] = #Pname, [Gender] = #Gender, [Department] = #Department, [Ward] = #Ward, [Bed] = #Bed, [Status] = #Status, [AdmitDate] = #AdmitDate, [DischargeDate] = #DischargeDate, [NumOfDays] = #NumOfDays WHERE [PID] = #PID">
<DeleteParameters>
<asp:Parameter Name="PID" Type="Int32" />
</DeleteParameters>
<InsertParameters>
<asp:Parameter Name="Pname" Type="String" />
<asp:Parameter Name="Gender" Type="String" />
<asp:Parameter Name="Department" Type="String" />
<asp:Parameter Name="Ward" Type="String" />
<asp:Parameter Name="Bed" Type="String" />
<asp:Parameter Name="Status" Type="String" />
<asp:Parameter Name="AdmitDate" Type="DateTime" />
<asp:Parameter Name="DischargeDate" Type="DateTime" />
<asp:Parameter Name="NumOfDays" Type="Int32" />
</InsertParameters>
<UpdateParameters>
<asp:Parameter Name="Pname" Type="String" />
<asp:Parameter Name="Gender" Type="String" />
<asp:Parameter Name="Department" Type="String" />
<asp:Parameter Name="Ward" Type="String" />
<asp:Parameter Name="Bed" Type="String" />
<asp:Parameter Name="Status" Type="String" />
<asp:Parameter Name="AdmitDate" Type="DateTime" />
<asp:Parameter Name="DischargeDate" Type="DateTime" />
<asp:Parameter Name="NumOfDays" Type="Int32" />
<asp:Parameter Name="PID" Type="Int32" />
</UpdateParameters>
</asp:SqlDataSource>
</div>
From what I understand you want to save up the only date part of the datetime you can do that as below:
DateTime AdmitDate = DateTime.Parse(TextBox1.Text);
cmd.Parameters.AddWithValue("#AdmitDate", AdmitDate.ToShortDateString());
DateTime DischargeDate = DateTime.Parse(TextBox2.Text);
cmd.Parameters.AddWithValue("#DischargeDate", DischargeDate.ToShortDateString());
In your code you are not assigning the ToShortDateString() value to anything that's why the changes aren't reflecting.
And you might want to change your query to use it parametrized values to avoid SQL injection. Here is more info on it
string str = "update Patient set Department = #Department, Ward = #Ward, Bed = #Bed, Status = #Status, AdmitDate = #AdmitDate, DischargeDate = #DischargeDate, NumOfDays = #NumOfDays where PID = #PID";
cmd.Parameters.AddWithValue("#PID", TextBox3.Text);
UPDATE
As from your comments it is clear that the date you are showing up in the UI is showing time because you need to make sure that the value is converted to to only date before setting it to the UI control.
OR
If you have full control of the tables and you never ever want to store time then the ultimate solution would be Change the DateTime to the Date.
In this case to when you fetch it and if you store it in the DateTime type variable it will add the Time part to it. So you have to apply the .ToShortDateString() before assigning it to the UI control.
UPDATE
TO change the UI you need to put the DataformatString property of the boundfield of the date columns. In your gridview for these 2 lines add the DataformatString property with the value {0:MM/dd/yyyy}
<asp:BoundField DataField="AdmitDate" HeaderText="AdmitDate" SortExpression="AdmitDate" DataFormatString="{0:MM/dd/yyyy}"/>
<asp:BoundField DataField="DischargeDate" HeaderText="DischargeDate" SortExpression="DischargeDate" DataFormatString="{0:MM/dd/yyyy}"/>
If you want only date part to be stored in DB then use datatype of column as date.
For example -
DECLARE #date1 date= '02-24-15 23:20:51'; -- will take only the date
SELECT #date1 AS 'date1'
Will have -
date1
--------------
2015-02-24
EDIT-
From your edition and of table structure I ran simple test and it is working fine.
CREATE TABLE #Patient (
[PID] INT IDENTITY (1, 1) NOT NULL,
[Department] NVARCHAR (50) NULL,
[Ward] NVARCHAR (50) NULL,
[Bed] NVARCHAR (50) NULL,
[Status] NVARCHAR (50) NULL,
[AdmitDate] Date NULL,
[DischargeDate] Date NULL,
[NumOfDays] INT NULL
);
Insert into #Patient Values('ABC','Ward1','Bed2','Active','02-24-15 23:20:51','02-26-15 23:20:51',2);
Select * from #Patient;
Results-
PID Department Ward Bed Status AdmitDate DischargeDate NumOfDays
----------- -------------------------------------------------- -------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ---------- ------------- -----------
1 ABC Ward1 Bed2 Active 2015-02-24 2015-02-26 2
If you check I modified datetime data type to date
[AdmitDate] Date NULL,
[DischargeDate] Date NULL,
Accordimg to :
the DataType of AdmitDate and DischargeDate is set to datetime.
you can't insert only date-part to these column.if you tried then it'll automatically save the time as a 12:00 AM(starting time of the day).
if you really want to insert only date then change the column datatype to date.
ALTER TABLE table_name
ALTER COLUMN column_name datatype
See:Alter_Table_datatype
DateTime AdmitDate = DateTime.Parse(TextBox1.Text);
string admitDate = AdmitDate.Date; // it gives you only Date
If you want only Date in SQL SERVER means you need to change the datatype of the column from datetime to date.
I have a listview
<asp:ListView ID="ListViewNews" runat="server" DataSourceID="SqlDataSourceAddNews" DataKeyNames="Id" InsertItemPosition="LastItem" OnItemCommand="ListViewNews_ItemCommand">
<InsertItemTemplate>
<asp:FileUpload ID="FileUpload2" runat="server" />
</InsertItemTemplate>
and the sqldatasource:
<asp:SqlDataSource runat="server" ID="SqlDataSourceAddNews"
ConnectionString='<%$ ConnectionStrings:ConnectionStringSchool %>'
DeleteCommand="DELETE FROM [News] WHERE [Id] = #Id"
InsertCommand="INSERT INTO News(TITLE, SUMMARY, TEXT, DATETIME, PHOTO, [FILE])
VALUES (#TITLE, #SUMMARY, #TEXT, #DATETIME, #PHOTO, #FILE)"
SelectCommand="SELECT * FROM [News] ORDER BY DATETIME DESC">
<DeleteParameters>
<asp:Parameter Name="Id" Type="Int32"></asp:Parameter>
</DeleteParameters>
<InsertParameters>
<asp:Parameter Name="TITLE" Type="String"></asp:Parameter>
<asp:Parameter Name="SUMMARY" Type="String"></asp:Parameter>
<asp:Parameter Name="TEXT" Type="String"></asp:Parameter>
<asp:Parameter Name="DATETIME" Type="DateTime"></asp:Parameter>
<asp:Parameter Name="PHOTO" Type="String"></asp:Parameter>
<asp:Parameter Name="FILE" Type="String"></asp:Parameter>
</InsertParameters>
</asp:SqlDataSource>
I want to get the id of insert command to name the uploaded photo
protected void ListViewNews_ItemCommand(object sender, ListViewCommandEventArgs e)
{
if (e.CommandName == "Insert")
{
string strID= ....get id here....;
FileUpload fu2 = (FileUpload)ListViewNews.InsertItem.FindControl("FileUpload2");
if (fu2.HasFile)
{
string aut = strID + ".jpg";
fu2.SaveAs(Server.MapPath("~/images/NewsPhotos/" + aut));
}
}
}
Any idea for a simple solution how to get the id here?
Try this,
Change your insert command to:
InsertCommand="INSERT INTO News(TITLE, SUMMARY, TEXT, DATETIME, PHOTO, [FILE])
VALUES (#TITLE, #SUMMARY, #TEXT, #DATETIME, #PHOTO, #FILE);
SELECT #Id = SCOPE_IDENTITY();"
Add New Output Parameter to InsertParameters List
<asp:Paramter Direction="Output" Name="Id" Type="Int32" />
Move your file saving code to SQLDataSource Inserted method, you cannot access this generated id in ItemCommand Event directly
protected void SqlDataSourceAddNews_Inserted(object sender, EventArgs e)
{
string strId = e.Command>parameters("#Id").Value.ToString();
FileUpload fu2 = (FileUpload)ListViewNews.InsertItem.FindControl("FileUpload2");
if (fu2.HasFile)
{
string aut = strID + ".jpg";
fu2.SaveAs(Server.MapPath("~/images/NewsPhotos/" + aut));
}
}
In the code-behind I want to apply a dynamic where clause for the entitydatasource, but I want this where to be like and not equal. I have this code working which is equal I want an equivalence code that somehow translates this into a Like statement.
EntityDataSource1.WhereParameters.Add("Name", TypeCode.String, tbxSearch.Text);
Solution after reading Jupaol comment :
Xaml:
<WhereParameters>
<asp:ControlParameter ControlID="tbxSearch" Name="Name" Type="String" />
</WhereParameters>
Code Behind: (on load event)
if (string.IsNullOrEmpty(tbxSearch.Text))
{
this.EntityDataSource1.Where = "1=1"; //fetch all data if empty
}
else
{
this.EntityDataSource1.Where = "it.Name like '%' + #Name + '%'"; //filter
}
In that code you are only adding a parameter, the place where you need to define your like comparison, is in the where clause
The code you posted can be translated into:
<asp:EntityDataSource runat="server" ID="eds"
.....
Where="it.fname like '%' + #Name + '%'"
<WhereParameters>
<asp:ControlParameter ControlID="tbxSearch" Name="Name" DefaultValue="" />
</WhereParameters>
To Add the where in code behind:
this.eds.Where = "it.fname like '%' + #Name + '%'";
Edit1:
For some reason, if I place the parameter declaration like yours (in code), it is not working, however if I place the parameter in the markup like this:
<WhereParameters>
<asp:ControlParameter ControlID="tbxSearch" Name="Name" Type="String" DefaultValue="" />
</WhereParameters>
And in Page_Load
this.eds.Where = "it.fname like '%' + #Name + '%'";
It works