Created
April 27, 2011 09:46
-
-
Save anonymous/943987 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="C#" AutoEventWireup="true" CodeFile="NumericSqlDropDL.aspx.cs" Inherits="NumericSqlDropDL" EnableViewStateMac="false" %> | |
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | |
| <html xmlns="http://www.w3.org/1999/xhtml"> | |
| <head runat="server"> | |
| <title></title> | |
| </head> | |
| <body> | |
| <form id="form1" runat="server"> | |
| <div> | |
| <asp:DropDownList ID="DropDownList1" runat="server"> | |
| </asp:DropDownList> | |
| <br /> | |
| <asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click" /> | |
| <br /> | |
| <asp:Label ID="Label1" runat="server" Text="Label"></asp:Label> | |
| <br /> | |
| <asp:GridView ID="GridView1" runat="server"> | |
| </asp:GridView> | |
| </div> | |
| </form> | |
| </body> | |
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Web; | |
| using System.Web.UI; | |
| using System.Web.UI.WebControls; | |
| using System.Data.Sql; | |
| using System.Data; | |
| using System.Data.SqlClient; | |
| public partial class NumericSqlDropDL : System.Web.UI.Page | |
| { | |
| protected void Page_Load(object sender, EventArgs e) | |
| { | |
| if (!Page.IsPostBack) | |
| { | |
| SqlConnection cnx = new SqlConnection("Data Source=.\\SQLEXPRESS;Initial Catalog=TestStringInjection;Integrated Security=True"); | |
| String sql = "select * from meteo"; | |
| SqlCommand cmd = new SqlCommand(sql, cnx); | |
| cnx.Open(); | |
| SqlDataAdapter da = new SqlDataAdapter(cmd); | |
| DataSet ds = new DataSet(); | |
| da.Fill(ds); | |
| DropDownList1.DataSource = ds; | |
| DropDownList1.DataTextField = "Nom"; | |
| DropDownList1.DataValueField = "Id_Ville"; | |
| DropDownList1.DataBind(); | |
| } | |
| } | |
| protected void Button1_Click(object sender, EventArgs e) | |
| { | |
| SqlConnection cnx = new SqlConnection("Data Source=.\\SQLEXPRESS;Initial Catalog=TestStringInjection;Integrated Security=True"); | |
| String sql = "select * from meteo where Id_Ville=" + DropDownList1.SelectedItem.Value; | |
| SqlCommand cmd = new SqlCommand(sql, cnx); | |
| cnx.Open(); | |
| GridView1.EnableViewState = false; | |
| SqlDataReader dr = cmd.ExecuteReader(); | |
| GridView1.DataSource = dr; | |
| GridView1.DataBind(); | |
| dr.Close(); | |
| cnx.Close(); | |
| } | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment