How can I get update stock from in gridview textbox

Question

0.00/5 (No votes)

See more:

i want to update my stock in asp.net using Vb.net in sql database and the way im updating its update Datagridview value From

DataField

<asp:BoundField DataField="Price" HeaderText="Price" ItemStyle-CssClass="price" ItemStyle-Width="10%"/>

But not updating from Textbox Field in Gridview

<asp:TemplateField HeaderText="Quantity" ItemStyle-Width="10%">
            <ItemTemplate>
                <asp:TextBox ID="txtQuantity" runat="server"></asp:TextBox>
            </ItemTemplate>
        </asp:TemplateField>

What I have tried:

Design view code

 <asp:GridView ID="GridView1" runat="server" CssClass="table table-responsive table-striped footable" PageSize="20" Style="max-width: 100%" AutoGenerateColumns="false" AutoGenerateDeleteButton="True" OnRowEditing="OnRowEditing" OnRowCancelingEdit="OnRowCancelingEdit" AutoGenerateEditButton="True">
    <Columns>
         <asp:BoundField DataField="ID" HeaderText="ID" ItemStyle-Width="10%"/>
        <asp:BoundField DataField="Item" HeaderText="Item" ItemStyle-Width="50%"/>
        <asp:BoundField DataField="Price" HeaderText="Price" ItemStyle-CssClass="price" ItemStyle-Width="10%"/>

        <asp:TemplateField HeaderText="Quantity" ItemStyle-Width="10%">
            <ItemTemplate>
                <asp:TextBox ID="txtQuantity" runat="server"></asp:TextBox>
            </ItemTemplate>
        </asp:TemplateField>
        <asp:TemplateField HeaderText="Total" ItemStyle-Width="20%">
            <ItemTemplate>
                <asp:Label ID="lblTotal" runat="server" Text="0"></asp:Label>
            </ItemTemplate>
        </asp:TemplateField>
    </Columns>
</asp:GridView>

Code Side

Private Sub updatestock()
        Dim con As SqlConnection
        con = New SqlConnection(ConfigurationManager.ConnectionStrings("constrng").ConnectionString)

        Dim strQ As String = String.Empty
        Try

            For Each Isold As GridViewRow In GridView1.Rows
                If Isold.Cells(0).Text IsNot Nothing Then
                    Dim pID As String
                    Dim Inveupdate = New SqlCommand(strQ, con)
                    pID = Isold.Cells(0).Text.ToString()
                    Inveupdate.CommandText = "UPDATE Stock SET quanitity = quanitity + '" & Isold.Cells(4).Text.ToString() & "' WHERE Productid =  '812003751810'"
                    Inveupdate.CommandType = CommandType.Text
                    con.Open()
                    Inveupdate.ExecuteNonQuery()
                    Inveupdate.Parameters.Clear()
                    Inveupdate.Dispose()
                    con.Close()
                End If
            Next

        Catch ex As Exception

        End Try

    End Sub

Posted 15-Sep-20 3:58am

Naqash Younis

Add a Solution

Comments

F-ES Sitecore 15-Sep-20 10:00am

You're not referencing the txtQuantity control in your updatestock function. Google how to use FindControl with GridView to get a reference to the control.

Richard Deeming 15-Sep-20 10:55am

Inveupdate.CommandText = "UPDATE Stock SET quanitity = quanitity + '" & Isold.Cells(4).Text.ToString() & "' WHERE Productid =  '812003751810'"

Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)