共用方式為


DetailsView.ItemUpdating 事件

定義

發生於按一下 DetailsView 控制項內的 [更新] 按鈕時,但在更新作業之前。

public:
 event System::Web::UI::WebControls::DetailsViewUpdateEventHandler ^ ItemUpdating;
public event System.Web.UI.WebControls.DetailsViewUpdateEventHandler ItemUpdating;
member this.ItemUpdating : System.Web.UI.WebControls.DetailsViewUpdateEventHandler 
Public Custom Event ItemUpdating As DetailsViewUpdateEventHandler 

事件類型

範例

下列程式碼範例示範如何使用 事件,在資料來源中更新記錄之前,使用 ItemUpdating 事件來 HTML 編碼使用者輸入的值。


<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
  void CustomerDetail_ItemInserted(object sender, 
    DetailsViewInsertedEventArgs e)
  {
    // Refresh the GridView control after a new record is inserted 
    // in the DetailsView control.
    CustomersView.DataBind();
  }

  void CustomerDetail_ItemInserting(object sender, 
    DetailsViewInsertEventArgs e)
  {
    // Iterate though the values entered by the user and HTML encode 
    // the values. This helps prevent malicious values from being 
    // stored in the data source.
    for (int i = 0; i < e.Values.Count; i++)
    {
      if (e.Values[i] != null)
      {
        e.Values[i] = Server.HtmlEncode(e.Values[i].ToString());
      }
    }
  }

  void CustomerDetail_ItemUpdated(object sender, 
    DetailsViewUpdatedEventArgs e)
  {
    // Refresh the GridView control after a new record is updated 
    // in the DetailsView control.
    CustomersView.DataBind();
  }

  void CustomerDetail_ItemUpdating(object sender, 
    DetailsViewUpdateEventArgs e)
  {
    // Iterate though the values entered by the user and HTML encode 
    // the values. This helps prevent malicious values from being 
    // stored in the data source.
    for (int i = 0; i < e.NewValues.Count; i++)
    {
      if (e.NewValues[i] != null)
      {
        e.NewValues[i] = Server.HtmlEncode(e.NewValues[i].ToString());
      }
    }
  }

  void CustomerDetail_ItemDeleted(object sender, 
    DetailsViewDeletedEventArgs e)
  {
    // Refresh the GridView control after a new record is updated 
    // in the DetailsView control.
    CustomersView.DataBind();
  }
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>
      DetailsView Example</title>
</head>
<body>
  <form id="Form1" runat="server">
    <h3>
      DetailsView Example</h3>
    <table cellspacing="10">
      <tr>
        <td>
          <!-- Use a GridView control in combination with      -->
          <!-- a DetailsView control to display master-detail  -->
          <!-- information. When the user selects a store from -->
          <!-- GridView control, the customers//s detailed     -->
          <!-- information is displayed in the DetailsView     -->
          <!-- control.                                        -->
          <asp:GridView ID="CustomersView" DataSourceID="Customers" 
            AutoGenerateColumns="False"
            DataKeyNames="CustomerID" runat="server">
            <HeaderStyle BackColor="Blue" ForeColor="White" />
            <Columns>
              <asp:CommandField ShowSelectButton="True" />
              <asp:BoundField DataField="ContactName" 
                HeaderText="ContactName" />
              <asp:BoundField DataField="CompanyName" 
                HeaderText="CompanyName" />
            </Columns>
          </asp:GridView>
        </td>
        <td valign="top">
          <asp:DetailsView ID="CustomerDetail" 
            DataSourceID="Details" AutoGenerateRows="false"
            AutoGenerateInsertButton="true" 
            AutoGenerateEditButton="true" 
            AutoGenerateDeleteButton="true"
            EmptyDataText="No records." 
            DataKeyNames="CustomerID" GridLines="Both" 
            OnItemInserted="CustomerDetail_ItemInserted"
            OnItemInserting="CustomerDetail_ItemInserting" 
            OnItemUpdated="CustomerDetail_ItemUpdated"
            OnItemUpdating="CustomerDetail_ItemUpdating" 
            OnItemDeleted="CustomerDetail_ItemDeleted"
            runat="server">
            <HeaderStyle BackColor="Navy" ForeColor="White" />
            <RowStyle BackColor="White" />
            <AlternatingRowStyle BackColor="LightGray" />
            <EditRowStyle BackColor="LightCyan" />
            <Fields>
              <asp:BoundField DataField="CustomerID" HeaderText="CustomerID" ReadOnly="True" />
              <asp:BoundField DataField="ContactName" HeaderText="ContactName" />
              <asp:BoundField DataField="ContactTitle" HeaderText="ContactTitle" />
              <asp:BoundField DataField="CompanyName" HeaderText="CompanyName" />
              <asp:BoundField DataField="Address" HeaderText="Address" />
              <asp:BoundField DataField="City" HeaderText="City" />
              <asp:BoundField DataField="Region" HeaderText="Region" />
              <asp:BoundField DataField="PostalCode" HeaderText="PostalCode" />
              <asp:BoundField DataField="Country" HeaderText="Country" />
              <asp:BoundField DataField="Phone" HeaderText="Phone" />
              <asp:BoundField DataField="Fax" HeaderText="Fax" />
            </Fields>
          </asp:DetailsView>
        </td>
      </tr>
    </table>
    <!-- This example uses Microsoft SQL Server and connects -->
    <!-- to the Northwind sample database.                   -->
    <!-- It is strongly recommended that each data-bound     -->
    <!-- control uses a separate data source control.        -->
    <asp:SqlDataSource ID="Customers" runat="server" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      SelectCommand="SELECT [CompanyName], [ContactName], [CustomerID] 
        FROM [Customers]">
    </asp:SqlDataSource>
    <!-- Add a filter to the data source control for the     -->
    <!-- DetailsView control to display the details of the   -->
    <!-- store selected in the GridView control.             -->
    <asp:SqlDataSource ID="Details" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      runat="server" 
      SelectCommand="SELECT * FROM [Customers] 
        WHERE ([CustomerID] = @CustomerID)"
      DeleteCommand="DELETE FROM [Customers] 
        WHERE [CustomerID] = @CustomerID"
      InsertCommand="INSERT INTO [Customers] ([CustomerID], 
        [CompanyName], [ContactName], [ContactTitle], [Address], 
        [City], [Region], [PostalCode], [Country], [Phone], [Fax]) 
        VALUES (@CustomerID, @CompanyName, @ContactName, @ContactTitle, 
        @Address, @City, @Region, @PostalCode, @Country, @Phone, @Fax)"
      UpdateCommand="UPDATE [Customers] SET [CompanyName] = @CompanyName, 
        [ContactName] = @ContactName, [ContactTitle] = @ContactTitle, 
        [Address] = @Address, [City] = @City, [Region] = @Region, 
        [PostalCode] = @PostalCode, [Country] = @Country, 
        [Phone] = @Phone, [Fax] = @Fax 
        WHERE [CustomerID] = @CustomerID">
      <SelectParameters>
        <asp:ControlParameter ControlID="CustomersView" 
          Name="CustomerID" PropertyName="SelectedValue"
          Type="String" />
      </SelectParameters>
      <DeleteParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
      </DeleteParameters>
      <UpdateParameters>
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
        <asp:Parameter Name="CustomerID" Type="String" />
      </UpdateParameters>
      <InsertParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
      </InsertParameters>
    </asp:SqlDataSource>
  </form>
</body>
</html>
<%@ Page Language="VB" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
  Sub CustomerDetail_ItemInserted(ByVal sender As Object, _
    ByVal e As DetailsViewInsertedEventArgs)
    ' Refresh the GridView control after a new record is inserted in 
    ' the DetailsView control.
    CustomersView.DataBind()
  End Sub
  
  Sub CustomerDetail_ItemInserting(ByVal sender As Object, _
    ByVal e As DetailsViewInsertEventArgs)
    ' Iterate though the values entered by the user and HTML encode 
    ' the values. This helps prevent malicious values from being 
    ' stored in the data source.
    For i As Integer = 0 To e.Values.Count - 1
      If e.Values(i) IsNot Nothing Then
        e.Values(i) = Server.HtmlEncode(e.Values(i).ToString())
      End If
    Next
  End Sub
  
  Sub CustomerDetail_ItemUpdated(ByVal sender As Object, _
    ByVal e As DetailsViewUpdatedEventArgs)
    ' Refresh the GridView control after a new record is updated 
    ' in the DetailsView control.
    CustomersView.DataBind()
  End Sub
  
  Sub CustomerDetail_ItemUpdating(ByVal sender As Object, _
    ByVal e As DetailsViewUpdateEventArgs)
    ' Iterate though the values entered by the user and HTML encode 
    ' the values. This helps prevent malicious values from being 
    ' stored in the data source.
    For i As Integer = 0 To e.NewValues.Count - 1
      If e.NewValues(i) IsNot Nothing Then
        e.NewValues(i) = Server.HtmlEncode(e.NewValues(i).ToString())
      End If
    Next
  End Sub
  
  Sub CustomerDetail_ItemDeleted(ByVal sender As Object, _
    ByVal e As DetailsViewDeletedEventArgs)
    ' Refresh the GridView control after a new record is updated 
    ' in the DetailsView control.
    CustomersView.DataBind()
  End Sub
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>DetailsView Example</title>
</head>
<body>
  <form id="Form1" runat="server">
    <h3>DetailsView Example</h3>
    <table cellspacing="10">
      <tr>
        <td>
          <!-- Use a GridView control in combination with      -->
          <!-- a DetailsView control to display master-detail  -->
          <!-- information. When the user selects a store from -->
          <!-- GridView control, the customers's detailed      -->
          <!-- information is displayed in the DetailsView     -->
          <!-- control.                                        -->
          <asp:GridView ID="CustomersView" DataSourceID="Customers" 
            AutoGenerateColumns="False"
            DataKeyNames="CustomerID" runat="server">
            <HeaderStyle BackColor="Blue" ForeColor="White" />
            <Columns>
              <asp:CommandField ShowSelectButton="True" />
              <asp:BoundField DataField="ContactName" 
                HeaderText="ContactName" />
              <asp:BoundField DataField="CompanyName" 
                HeaderText="CompanyName" />
            </Columns>
          </asp:GridView>
        </td>
        <td valign="top">
          <asp:DetailsView ID="CustomerDetail" DataSourceID="Details" 
            AutoGenerateRows="false"
            AutoGenerateInsertButton="true" 
            AutoGenerateEditButton="true" 
            AutoGenerateDeleteButton="true"
            EmptyDataText="No records." 
            DataKeyNames="CustomerID" GridLines="Both" 
            OnItemInserted="CustomerDetail_ItemInserted"
            OnItemInserting="CustomerDetail_ItemInserting" 
            OnItemUpdated="CustomerDetail_ItemUpdated"
            OnItemUpdating="CustomerDetail_ItemUpdating" 
            OnItemDeleted="CustomerDetail_ItemDeleted"
            runat="server">
            <HeaderStyle BackColor="Navy" ForeColor="White" />
            <RowStyle BackColor="White" />
            <AlternatingRowStyle BackColor="LightGray" />
            <EditRowStyle BackColor="LightCyan" />
            <Fields>
              <asp:BoundField DataField="CustomerID" HeaderText="CustomerID" 
                ReadOnly="True" />
              <asp:BoundField DataField="ContactName" HeaderText="ContactName" />
              <asp:BoundField DataField="ContactTitle" HeaderText="ContactTitle" />
              <asp:BoundField DataField="CompanyName" HeaderText="CompanyName" />
              <asp:BoundField DataField="Address" HeaderText="Address" />
              <asp:BoundField DataField="City" HeaderText="City" />
              <asp:BoundField DataField="Region" HeaderText="Region" />
              <asp:BoundField DataField="PostalCode" HeaderText="PostalCode" />
              <asp:BoundField DataField="Country" HeaderText="Country" />
              <asp:BoundField DataField="Phone" HeaderText="Phone" />
              <asp:BoundField DataField="Fax" HeaderText="Fax" />
            </Fields>
          </asp:DetailsView>
        </td>
      </tr>
    </table>
    <!-- This example uses Microsoft SQL Server and connects -->
    <!-- to the Northwind sample database.                   -->
    <!-- It is strongly recommended that each data-bound     -->
    <!-- control uses a separate data source control.        -->
    <asp:SqlDataSource ID="Customers" runat="server" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      SelectCommand="SELECT [CompanyName], [ContactName], [CustomerID] 
        FROM [Customers]">
    </asp:SqlDataSource>
    <!-- Add a filter to the data source control for the     -->
    <!-- DetailsView control to display the details of the   -->
    <!-- store selected in the GridView control.             -->
    <asp:SqlDataSource ID="Details" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      runat="server" 
      SelectCommand="SELECT * FROM [Customers] 
        WHERE ([CustomerID] = @CustomerID)"
      DeleteCommand="DELETE FROM [Customers] 
        WHERE [CustomerID] = @CustomerID"
      InsertCommand="INSERT INTO [Customers] ([CustomerID], 
        [CompanyName], [ContactName], [ContactTitle], [Address], 
        [City], [Region], [PostalCode], [Country], [Phone], [Fax]) 
        VALUES (@CustomerID, @CompanyName, @ContactName, 
        @ContactTitle, @Address, @City, @Region, @PostalCode, 
        @Country, @Phone, @Fax)"
      UpdateCommand="UPDATE [Customers] SET 
        [CompanyName] = @CompanyName, 
        [ContactName] = @ContactName, [ContactTitle] = @ContactTitle, 
        [Address] = @Address, [City] = @City, [Region] = @Region, 
        [PostalCode] = @PostalCode, [Country] = @Country, 
        [Phone] = @Phone, [Fax] = @Fax 
        WHERE [CustomerID] = @CustomerID">
      <SelectParameters>
        <asp:ControlParameter ControlID="CustomersView" 
          Name="CustomerID" PropertyName="SelectedValue"
          Type="String" />
      </SelectParameters>
      <DeleteParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
      </DeleteParameters>
      <UpdateParameters>
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
        <asp:Parameter Name="CustomerID" Type="String" />
      </UpdateParameters>
      <InsertParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
      </InsertParameters>
    </asp:SqlDataSource>
  </form>
</body>
</html>

備註

ItemUpdating按一下控制項內的 DetailsView [更新] 按鈕,但在更新作業之前,就會引發事件。 這可讓您提供事件處理常式來執行自訂常式,例如每當發生此事件時取消更新作業。

DetailsViewUpdateEventArgs物件會傳遞至事件處理常式,可讓您判斷要更新之記錄的索引,並指出應該取消更新作業。 若要取消更新作業,請將 Cancel 屬性設定為 true 。 您也可以在值傳遞至資料來源之前,視需要操作 KeysOldValuesNewValues 集合。 使用這些集合的常見方式是先將使用者所提供的值 HTML 編碼,再儲存在資料來源中。 這有助於防止腳本插入式攻擊。

如需如何處理事件的詳細資訊,請參閱 處理和引發事件

適用於

另請參閱