DetailsView.ItemUpdating Evento

Definizione

Spazio dei nomi:

System.Web.UI.WebControls

Assembly:

System.Web.dll

Si verifica quando viene fatto clic su un pulsante Aggiorna in un controllo DetailsView, ma prima dell'operazione di aggiornamento.

public:
 event System::Web::UI::WebControls::DetailsViewUpdateEventHandler ^ ItemUpdating;

public event System.Web.UI.WebControls.DetailsViewUpdateEventHandler ItemUpdating;

member this.ItemUpdating : System.Web.UI.WebControls.DetailsViewUpdateEventHandler 

Public Custom Event ItemUpdating As DetailsViewUpdateEventHandler 

Tipo evento

DetailsViewUpdateEventHandler

Esempio

Nell'esempio di codice seguente viene illustrato come usare l'evento ItemUpdating per codificaRE HTML i valori immessi dall'utente prima che un record venga aggiornato nell'origine dati.

<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
  void CustomerDetail_ItemInserted(object sender, 
    DetailsViewInsertedEventArgs e)
  {
    // Refresh the GridView control after a new record is inserted 
    // in the DetailsView control.
    CustomersView.DataBind();
  }

  void CustomerDetail_ItemInserting(object sender, 
    DetailsViewInsertEventArgs e)
  {
    // Iterate though the values entered by the user and HTML encode 
    // the values. This helps prevent malicious values from being 
    // stored in the data source.
    for (int i = 0; i < e.Values.Count; i++)
    {
      if (e.Values[i] != null)
      {
        e.Values[i] = Server.HtmlEncode(e.Values[i].ToString());
      }
    }
  }

  void CustomerDetail_ItemUpdated(object sender, 
    DetailsViewUpdatedEventArgs e)
  {
    // Refresh the GridView control after a new record is updated 
    // in the DetailsView control.
    CustomersView.DataBind();
  }

  void CustomerDetail_ItemUpdating(object sender, 
    DetailsViewUpdateEventArgs e)
  {
    // Iterate though the values entered by the user and HTML encode 
    // the values. This helps prevent malicious values from being 
    // stored in the data source.
    for (int i = 0; i < e.NewValues.Count; i++)
    {
      if (e.NewValues[i] != null)
      {
        e.NewValues[i] = Server.HtmlEncode(e.NewValues[i].ToString());
      }
    }
  }

  void CustomerDetail_ItemDeleted(object sender, 
    DetailsViewDeletedEventArgs e)
  {
    // Refresh the GridView control after a new record is updated 
    // in the DetailsView control.
    CustomersView.DataBind();
  }
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>
      DetailsView Example</title>
</head>
<body>
  <form id="Form1" runat="server">
    <h3>
      DetailsView Example</h3>
    <table cellspacing="10">
      <tr>
        <td>
          <!-- Use a GridView control in combination with      -->
          <!-- a DetailsView control to display master-detail  -->
          <!-- information. When the user selects a store from -->
          <!-- GridView control, the customers//s detailed     -->
          <!-- information is displayed in the DetailsView     -->
          <!-- control.                                        -->
          <asp:GridView ID="CustomersView" DataSourceID="Customers" 
            AutoGenerateColumns="False"
            DataKeyNames="CustomerID" runat="server">
            <HeaderStyle BackColor="Blue" ForeColor="White" />
            <Columns>
              <asp:CommandField ShowSelectButton="True" />
              <asp:BoundField DataField="ContactName" 
                HeaderText="ContactName" />
              <asp:BoundField DataField="CompanyName" 
                HeaderText="CompanyName" />
            </Columns>
          </asp:GridView>
        </td>
        <td valign="top">
          <asp:DetailsView ID="CustomerDetail" 
            DataSourceID="Details" AutoGenerateRows="false"
            AutoGenerateInsertButton="true" 
            AutoGenerateEditButton="true" 
            AutoGenerateDeleteButton="true"
            EmptyDataText="No records." 
            DataKeyNames="CustomerID" GridLines="Both" 
            OnItemInserted="CustomerDetail_ItemInserted"
            OnItemInserting="CustomerDetail_ItemInserting" 
            OnItemUpdated="CustomerDetail_ItemUpdated"
            OnItemUpdating="CustomerDetail_ItemUpdating" 
            OnItemDeleted="CustomerDetail_ItemDeleted"
            runat="server">
            <HeaderStyle BackColor="Navy" ForeColor="White" />
            <RowStyle BackColor="White" />
            <AlternatingRowStyle BackColor="LightGray" />
            <EditRowStyle BackColor="LightCyan" />
            <Fields>
              <asp:BoundField DataField="CustomerID" HeaderText="CustomerID" ReadOnly="True" />
              <asp:BoundField DataField="ContactName" HeaderText="ContactName" />
              <asp:BoundField DataField="ContactTitle" HeaderText="ContactTitle" />
              <asp:BoundField DataField="CompanyName" HeaderText="CompanyName" />
              <asp:BoundField DataField="Address" HeaderText="Address" />
              <asp:BoundField DataField="City" HeaderText="City" />
              <asp:BoundField DataField="Region" HeaderText="Region" />
              <asp:BoundField DataField="PostalCode" HeaderText="PostalCode" />
              <asp:BoundField DataField="Country" HeaderText="Country" />
              <asp:BoundField DataField="Phone" HeaderText="Phone" />
              <asp:BoundField DataField="Fax" HeaderText="Fax" />
            </Fields>
          </asp:DetailsView>
        </td>
      </tr>
    </table>
    <!-- This example uses Microsoft SQL Server and connects -->
    <!-- to the Northwind sample database.                   -->
    <!-- It is strongly recommended that each data-bound     -->
    <!-- control uses a separate data source control.        -->
    <asp:SqlDataSource ID="Customers" runat="server" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      SelectCommand="SELECT [CompanyName], [ContactName], [CustomerID] 
        FROM [Customers]">
    </asp:SqlDataSource>
    <!-- Add a filter to the data source control for the     -->
    <!-- DetailsView control to display the details of the   -->
    <!-- store selected in the GridView control.             -->
    <asp:SqlDataSource ID="Details" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      runat="server" 
      SelectCommand="SELECT * FROM [Customers] 
        WHERE ([CustomerID] = @CustomerID)"
      DeleteCommand="DELETE FROM [Customers] 
        WHERE [CustomerID] = @CustomerID"
      InsertCommand="INSERT INTO [Customers] ([CustomerID], 
        [CompanyName], [ContactName], [ContactTitle], [Address], 
        [City], [Region], [PostalCode], [Country], [Phone], [Fax]) 
        VALUES (@CustomerID, @CompanyName, @ContactName, @ContactTitle, 
        @Address, @City, @Region, @PostalCode, @Country, @Phone, @Fax)"
      UpdateCommand="UPDATE [Customers] SET [CompanyName] = @CompanyName, 
        [ContactName] = @ContactName, [ContactTitle] = @ContactTitle, 
        [Address] = @Address, [City] = @City, [Region] = @Region, 
        [PostalCode] = @PostalCode, [Country] = @Country, 
        [Phone] = @Phone, [Fax] = @Fax 
        WHERE [CustomerID] = @CustomerID">
      <SelectParameters>
        <asp:ControlParameter ControlID="CustomersView" 
          Name="CustomerID" PropertyName="SelectedValue"
          Type="String" />
      </SelectParameters>
      <DeleteParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
      </DeleteParameters>
      <UpdateParameters>
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
        <asp:Parameter Name="CustomerID" Type="String" />
      </UpdateParameters>
      <InsertParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
      </InsertParameters>
    </asp:SqlDataSource>
  </form>
</body>
</html>

<%@ Page Language="VB" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
  Sub CustomerDetail_ItemInserted(ByVal sender As Object, _
    ByVal e As DetailsViewInsertedEventArgs)
    ' Refresh the GridView control after a new record is inserted in 
    ' the DetailsView control.
    CustomersView.DataBind()
  End Sub
  
  Sub CustomerDetail_ItemInserting(ByVal sender As Object, _
    ByVal e As DetailsViewInsertEventArgs)
    ' Iterate though the values entered by the user and HTML encode 
    ' the values. This helps prevent malicious values from being 
    ' stored in the data source.
    For i As Integer = 0 To e.Values.Count - 1
      If e.Values(i) IsNot Nothing Then
        e.Values(i) = Server.HtmlEncode(e.Values(i).ToString())
      End If
    Next
  End Sub
  
  Sub CustomerDetail_ItemUpdated(ByVal sender As Object, _
    ByVal e As DetailsViewUpdatedEventArgs)
    ' Refresh the GridView control after a new record is updated 
    ' in the DetailsView control.
    CustomersView.DataBind()
  End Sub
  
  Sub CustomerDetail_ItemUpdating(ByVal sender As Object, _
    ByVal e As DetailsViewUpdateEventArgs)
    ' Iterate though the values entered by the user and HTML encode 
    ' the values. This helps prevent malicious values from being 
    ' stored in the data source.
    For i As Integer = 0 To e.NewValues.Count - 1
      If e.NewValues(i) IsNot Nothing Then
        e.NewValues(i) = Server.HtmlEncode(e.NewValues(i).ToString())
      End If
    Next
  End Sub
  
  Sub CustomerDetail_ItemDeleted(ByVal sender As Object, _
    ByVal e As DetailsViewDeletedEventArgs)
    ' Refresh the GridView control after a new record is updated 
    ' in the DetailsView control.
    CustomersView.DataBind()
  End Sub
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>DetailsView Example</title>
</head>
<body>
  <form id="Form1" runat="server">
    <h3>DetailsView Example</h3>
    <table cellspacing="10">
      <tr>
        <td>
          <!-- Use a GridView control in combination with      -->
          <!-- a DetailsView control to display master-detail  -->
          <!-- information. When the user selects a store from -->
          <!-- GridView control, the customers's detailed      -->
          <!-- information is displayed in the DetailsView     -->
          <!-- control.                                        -->
          <asp:GridView ID="CustomersView" DataSourceID="Customers" 
            AutoGenerateColumns="False"
            DataKeyNames="CustomerID" runat="server">
            <HeaderStyle BackColor="Blue" ForeColor="White" />
            <Columns>
              <asp:CommandField ShowSelectButton="True" />
              <asp:BoundField DataField="ContactName" 
                HeaderText="ContactName" />
              <asp:BoundField DataField="CompanyName" 
                HeaderText="CompanyName" />
            </Columns>
          </asp:GridView>
        </td>
        <td valign="top">
          <asp:DetailsView ID="CustomerDetail" DataSourceID="Details" 
            AutoGenerateRows="false"
            AutoGenerateInsertButton="true" 
            AutoGenerateEditButton="true" 
            AutoGenerateDeleteButton="true"
            EmptyDataText="No records." 
            DataKeyNames="CustomerID" GridLines="Both" 
            OnItemInserted="CustomerDetail_ItemInserted"
            OnItemInserting="CustomerDetail_ItemInserting" 
            OnItemUpdated="CustomerDetail_ItemUpdated"
            OnItemUpdating="CustomerDetail_ItemUpdating" 
            OnItemDeleted="CustomerDetail_ItemDeleted"
            runat="server">
            <HeaderStyle BackColor="Navy" ForeColor="White" />
            <RowStyle BackColor="White" />
            <AlternatingRowStyle BackColor="LightGray" />
            <EditRowStyle BackColor="LightCyan" />
            <Fields>
              <asp:BoundField DataField="CustomerID" HeaderText="CustomerID" 
                ReadOnly="True" />
              <asp:BoundField DataField="ContactName" HeaderText="ContactName" />
              <asp:BoundField DataField="ContactTitle" HeaderText="ContactTitle" />
              <asp:BoundField DataField="CompanyName" HeaderText="CompanyName" />
              <asp:BoundField DataField="Address" HeaderText="Address" />
              <asp:BoundField DataField="City" HeaderText="City" />
              <asp:BoundField DataField="Region" HeaderText="Region" />
              <asp:BoundField DataField="PostalCode" HeaderText="PostalCode" />
              <asp:BoundField DataField="Country" HeaderText="Country" />
              <asp:BoundField DataField="Phone" HeaderText="Phone" />
              <asp:BoundField DataField="Fax" HeaderText="Fax" />
            </Fields>
          </asp:DetailsView>
        </td>
      </tr>
    </table>
    <!-- This example uses Microsoft SQL Server and connects -->
    <!-- to the Northwind sample database.                   -->
    <!-- It is strongly recommended that each data-bound     -->
    <!-- control uses a separate data source control.        -->
    <asp:SqlDataSource ID="Customers" runat="server" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      SelectCommand="SELECT [CompanyName], [ContactName], [CustomerID] 
        FROM [Customers]">
    </asp:SqlDataSource>
    <!-- Add a filter to the data source control for the     -->
    <!-- DetailsView control to display the details of the   -->
    <!-- store selected in the GridView control.             -->
    <asp:SqlDataSource ID="Details" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      runat="server" 
      SelectCommand="SELECT * FROM [Customers] 
        WHERE ([CustomerID] = @CustomerID)"
      DeleteCommand="DELETE FROM [Customers] 
        WHERE [CustomerID] = @CustomerID"
      InsertCommand="INSERT INTO [Customers] ([CustomerID], 
        [CompanyName], [ContactName], [ContactTitle], [Address], 
        [City], [Region], [PostalCode], [Country], [Phone], [Fax]) 
        VALUES (@CustomerID, @CompanyName, @ContactName, 
        @ContactTitle, @Address, @City, @Region, @PostalCode, 
        @Country, @Phone, @Fax)"
      UpdateCommand="UPDATE [Customers] SET 
        [CompanyName] = @CompanyName, 
        [ContactName] = @ContactName, [ContactTitle] = @ContactTitle, 
        [Address] = @Address, [City] = @City, [Region] = @Region, 
        [PostalCode] = @PostalCode, [Country] = @Country, 
        [Phone] = @Phone, [Fax] = @Fax 
        WHERE [CustomerID] = @CustomerID">
      <SelectParameters>
        <asp:ControlParameter ControlID="CustomersView" 
          Name="CustomerID" PropertyName="SelectedValue"
          Type="String" />
      </SelectParameters>
      <DeleteParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
      </DeleteParameters>
      <UpdateParameters>
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
        <asp:Parameter Name="CustomerID" Type="String" />
      </UpdateParameters>
      <InsertParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
      </InsertParameters>
    </asp:SqlDataSource>
  </form>
</body>
</html>

Commenti

L'evento ItemUpdating viene generato quando viene fatto clic su un pulsante Aggiorna all'interno di un DetailsView controllo, ma prima dell'operazione di aggiornamento. In questo modo è possibile fornire un gestore eventi che esegue una routine personalizzata, ad esempio l'annullamento dell'operazione di aggiornamento, ogni volta che si verifica questo evento.

Un DetailsViewUpdateEventArgs oggetto viene passato al gestore eventi, che consente di determinare l'indice del record aggiornato e di indicare che l'operazione di aggiornamento deve essere annullata. Per annullare l'operazione di aggiornamento, impostare la Cancel proprietà su true. È anche possibile modificare le Keysraccolte , OldValuese NewValues , se necessario, prima che i valori vengano passati all'origine dati. Un modo comune per usare queste raccolte consiste nel codificare HTML i valori forniti dall'utente prima che vengano archiviati nell'origine dati. Ciò consente di evitare attacchi di inserimento di script.

Per altre informazioni su come gestire gli eventi, vedere la gestione e generazione di eventi.

Vedi anche

• DetailsViewUpdateEventArgs
• Cancel
• Keys
• NewValues
• OldValues
• ItemUpdated
• OnItemUpdating(DetailsViewUpdateEventArgs)