在插入单一的点击muliple记录按钮动态 | 在插入单一的点击muliple记录按钮动态

本文介绍了在插入单一的点击muliple记录按钮动态的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我有2表像....

1] Assign_Subjects

Faculty_Id      varchar(20)
Course_Id       varchar(20)
Semester        varchar(20)
Subject_Id      varchar(20)
Subject_Name    varchar(50)
Time            varchar(50)

INSERT INTO Assign_Subjects Values("F1","BCA",2,"DS","Data Structure","10-11")
INSERT INTO Assign_Subjects Values("F1","BCA",2,"C","C Programming","11-12")
INSERT INTO Assign_Subjects Values("F1","BCA",1,"QB","Q Basic","1-2")
INSERT INTO Assign_Subjects Values("F2","BCA",3,"SS","System Structure","10-11")
INSERT INTO Assign_Subjects Values("F2","BCA",3,"AC","Accountancy","11-12")

2] Exam_Result

Result_Id           int(Auto no and PK)
Enroll_Number       varchar(50) Checked
Student_Name        varchar(100)    Checked
Course_Id           varchar(50) Checked
Semester            varchar(50) Checked
Subject_Id          varchar(50) Checked
Subject_Name        varchar(50) Checked
MarksObtained       numeric(18, 0)  Checked
Exam_Type           varchar(50) Checked

i.m giving general idea what i want is....

NOTE: Subjects appears as per assigning not fix number of subjects it may be 3 or 5 or more

so, How's it possible for me to do so.....??

all amswers are most welcome.....

解决方案

If you dont know the exact no of subjects to enter the marks - how are we supposed to generate a query to do it?

Never the less to show you to protect against SQL Injection attacks you put you SQL in Stored Procs:

create PROCEDURE [dbo].[pr_GetAssignedSubjectsByFacultyIdAndSemester]
@FacultyID int,
@Semester nvarchar(MAX)
AS
BEGIN
SET NOCOUNT ON;
SELECT [Faculty], [Subjects],[CreatedBy],[CreatedDate],[ModifiedBy],[ModifiedDate]
 FROM [dbo].[tblNotSure]
WHERE [FacultyID] = @FacultyID
AND [Semester] = @Semester
AND [IsDeleted] = 0
END

Then in code we call the stored procedure, notice the Parameterised Commands, this prevents SQL Injection attacks. For example say we typed in the semester ddl/textbox (or using FireBug to edit the elements value) 1 UNION SELECT * FROM Master.Users - executing this ad-hoc SQL could return the list of SQL user accounts but passed though a parameterised command avoids the problem:

public static aClassCollection GetAssignedSubjectsByFacultyIdAndSemester(int facultyId, string semester)
{
var newClassCollection = new aClassCollection();
    using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["sqlConn"].ConnectionString))
    {
        using (var command = new SqlCommand("pr_GetAssignedSubjectsByFacultyIdAndSemester", connection))
        {
            try
            {
                command.CommandType = CommandType.StoredProcedure;
                command.Parameters.AddWithValue("@facultyId", facultyId);
                command.Parameters.AddWithValue("@semester", semester);
                connection.Open();
                SqlDataReader dr = command.ExecuteReader();
                while (dr.Read())
                {
                    newClassCollection.Add(new Class(){vals = dr["vals"].ToString()});
                }
            }
            catch (SqlException sqlEx)
            {
             //at the very least log the error
            }
            finally
            {
             //This isn't needed as we're using the USING statement which is deterministic                    finalisation, but I put it here (in this answer) to explain the Using...
                connection.Close();
            }
        }
    }

    return newClassCollection;
}

这篇关于在插入单一的点击muliple记录按钮动态的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！