0

I am trying to insert a comment using repeater Control

my code in html

 <asp:Repeater ID="repConcerns" runat="server" OnItemCommand="post"  >
           <ItemTemplate >           
             <div class="row col-md-12">


                         <div class="col-sm-2" style="background-color:#808080">
                         <asp:Image ID="Image1" runat="server" ImageUrl='<%#Eval("Pathh") %>' width="90px" Height="90px" CssClass="img-circle" title='<%#Eval("Name") %>'/>&nbsp;<br/><asp:LinkButton ID="LinkButton1" runat="server" Text='<%#Eval("Name") %>'  CssClass="btn btn-info btn-sm" CommandName="btnMessage" CommandArgument='<%#Eval("Username") %>'></asp:LinkButton><br/>                    

                              </div> 
                       <div class="col-sm-10" style="background-color:#808080" >
                         <asp:Label ID="Label1" width="100%" style="padding:7px;" runat="server" Enabled="false" Text='<%#Eval("Title") %>'> </asp:Label>
                         <asp:TextBox ID="txtMessage" placeholder="Empty Post" width="100%" style="padding:7px;" runat="server" Text='<%#Eval("Detail") %>' TextMode="MultiLine" Enabled="false" Height="100px"> </asp:TextBox>
                         <asp:HiddenField ID="HiddenField1" runat="server" Value='<%#Eval("Sno") %>' />
                        <div class="bar"></div> 

                           <asp:TextBox ID="txtcomment" runat="server" CssClass="form-control form-control-sm" placeholder="Comment / Write Openion Suggestion" TextMode="MultiLine" Height="40px"></asp:TextBox>
                           <asp:LinkButton ID="btn" runat="server"  CssClass="btn btn-primary" CommandName="comment" CommandArgument='<%#Eval("Sno") %>' >Post</asp:LinkButton>
                       </div>



              </div> 
               <div  style="padding-bottom:10px;"></div>

                 <%--<br /> --%>                     
           </ItemTemplate>
        </asp:Repeater>

and C# code

 protected void post(object source, RepeaterCommandEventArgs e)
{

    if(e.CommandName== "comment")
    {
        a = e.CommandArgument.ToString();

        SqlConnection con = new SqlConnection(strconn);
        SqlCommand com = new SqlCommand();
        com.CommandText = "insert into Comments(Sno,Comment,Username)values('" +a+ "','" + txtcomment.Text  + "','" + username + "')";
        con.Open();


    }
}

I do not know how to insert into table "Comment". I have made a "Page" in which their are wall posts. I have included an option for Comment. The comment button appears as it should with every post. But i do not know how to insert comment in table "Comment". i am trying to insert comment with corresponding "Sno" of Posts saved in HiddenField. But when i try to write Text Box id there "txtcomment.text" it gives me error. How do i insert.

Amaan Imtiyaz
  • 35
  • 6
  • Just to let you know your SQL is vulnerable to an SQL injection attack. You should parameterise the query. – SBFrancies Jan 14 '18 at 10:18
  • it is not for practical application, but for college project. Kindly help @SBFrancies – Amaan Imtiyaz Jan 14 '18 at 10:58
  • @AmaanImtiyaz even so, you should get into good habits early, and use parameters. Who knows, maybe even doing it this way could lose you marks if the person assessing it is conscious about security. – ADyson Jan 14 '18 at 11:16
  • To get the textbox you have to use the FindControl method of the repeater. Lots of examples of that online and in previous SO questions. It doesn't have a direct ID because it can be repeated, and therefore there is no single one ID which could represent all possible copies of the button. And your query won't run because you're not executing it. Go and look at an ADO.NET tutorial. – ADyson Jan 14 '18 at 11:16
  • @SBFrancies, i surely do it, i just do not have time. I have submission tomorrow. So. I am great full for your advise – Amaan Imtiyaz Jan 14 '18 at 12:27
  • @SBFrancies: Error ExecuteNonQuery: Connection property has not been initialized. – Amaan Imtiyaz Jan 15 '18 at 13:53
  • @SBFrancies , i dont get the value of txt.Text, i placed a break point on the line, while username and Sno have values txt.text don't – Amaan Imtiyaz Jan 15 '18 at 14:19
  • @AmaanImtiyaz if the TextBox control was found (txt was not null) then txt.Text should have the value of what was written in the textbox. Are you definitely not over writing the value anywhere? – SBFrancies Jan 15 '18 at 14:21
  • @SBFrancies , not that i know of. This also seems to me, How could i overwrite the value. – Amaan Imtiyaz Jan 15 '18 at 15:05
  • @SBFrancies , but though thanks for the help. I appreciate it. – Amaan Imtiyaz Jan 15 '18 at 15:06
  • @AmaanImtiyaz for example you could be reloading the repeater in the page load event. – SBFrancies Jan 15 '18 at 15:17

1 Answers1

1

I've made some amendments to you original code - note the comments:

protected void post(object source, RepeaterCommandEventArgs e)
{

    if(e.CommandName== "comment")
    {
        //Find TextBox Control
        TextBox txt = (TextBox)e.Item.FindControl("txtcomment");
        var sno = e.CommandArgument.ToString();

        SqlConnection con = new SqlConnection(strconn);
        SqlCommand com = new SqlCommand();
        com.CommandText = "INSERT INTO Comments(Sno,Comment,Username) VALUES (@SNO, @COMMENT, @USERNAME)";
        com.Connection = con;

        //Add Command Parameters
        com.Parameters.AddWithValue("@SNO", sno);
        com.Parameters.AddWithValue("@COMMENT", txt.Text);
        com.Parameters.AddWithValue("@USERNAME", username);

        con.Open();

        //Execute Command
        com.ExecuteNonQuery();
    }
}
SBFrancies
  • 3,987
  • 2
  • 14
  • 37