Select Parameters in SQL data source

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

---

• From: "Alan" <Alan.Littlewood@xxxxxxxxx>
• Date: 28 Aug 2006 03:39:12 -0700

---

Hi,
I'm having a problem inserting a parameter into an SQL Select statement
with <asp:ControlParameter>. This should be very simple, but for some
reason it just isn't working:

<%-- Get username and put it in the textbox --%>
<% Session("UserName") =
HttpContext.Current.User.Identity.Name.ToString%>
<% UserField.Text = Session("UserName")%>

<%-- Display the data --%>
<asp:GridView ID="GridView1" runat="server"
DataSourceID="SqlDataSource1" />

<%-- Set up the data source --%>
<asp:SqlDataSource ID="SqlDataSource1" runat="server"
ConnectionString="<%$ ConnectionStrings:dConnect %>"
ProviderName="<%$ ConnectionStrings:dConnect.ProviderName
%>" SelectCommand="SELECT a, b FROM x WHERE username = ?">
<SelectParameters>
<asp:ControlParameter ControlID="UserField"
PropertyName="Text" Type="string" />
</SelectParameters>
</asp:SqlDataSource>

<%-- textbox --%>
<asp:textbox ID="UserField" runat="server"/>

If I hardcode the username into the Select statement, or if I set the
DefaultValue of the ControlParameter, it works ok, but I need to be
able to insert the username of whoever's logged on at the time. I'm
using ODBC and MySQL.

If anyone has any ideas on this I'd be very grateful.

Cheers,

Alan

.

---

• Follow-Ups:
  • Re: Select Parameters in SQL data source
    • From: KJ

• Prev by Date: Re: no 'option' in aspx file means 'option'="false"?
• Next by Date: Re: ASP.NET and Flash
• Previous by thread: Gridview and DatasourceID
• Next by thread: Re: Select Parameters in SQL data source
• Index(es):
  • Date
  • Thread

---

Relevant Pages Loging Script ... It seems there is something wrong with my script for the reason that ... it always returns, UserName NOT found. ... $sql = check; ... (comp.lang.php) Re: Problems adding users ... I had to do some SQL surgery this afternoon that may or may not help. ... A domain username was ... First we tried to rename the user, but WSS ... >> account in the AD was never deleted, the account name for this user was ... (microsoft.public.sharepoint.windowsservices) RE: How to evade white spaces in a SQL injection ... The 2nd one is more likely since they're proably adding the ' character to ... So you'd enter '+1-- as the username. ... +1 tells sql to add 1 to a character field, which it can't do, the -- ... comments out the remainder of the query so it doesn't get parsed. ... (Pen-Test) Re: Need help with "User does not exist" error ... You may have some old remnants in SQL. ... Try searching for both the username and the ... been added to several WSS sites. ... "User Management" as the misspelled username. ... (microsoft.public.sharepoint.windowsservices) Append/copy calling a module switches data ... I've taken the SQL from the previous posting (graciously ... When I run the query just by itself it does create a copy and put "dlongton" ... leaving the UserName in the original record as it was ... CreatedBy) in the original record and the newly copied record...it's driving ... (microsoft.public.access.queries)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > DotNet  > microsoft.public.dotnet.framework.aspnet  > 2006-08