How to get dropdown( which is dynamic) value present inside grid-view into button click function?

Question

0.00/5 (No votes)

See more:

Hi,i have added dynamic drop down list to the grid-view  columns starting from 5th column in row databound.Now i want to save those dropdown values to the database using button click function.When i tried doing so,by getting the droodown selected value in button click ,its taking null value.Please help me out in this.

What I have tried:

protected void Button1_Click(object sender, EventArgs e)
       {
          foreach (GridViewRow row in GridView1.Rows)
           {
              // int devopsid = (int)GridView1.DataKeys[row.RowIndex].Value;
               if (row.RowType == DataControlRowType.DataRow)
               {
                   // string ddlValue = row.Cells[5].Text;

                   //    foreach (DropDownList ddl in GridView1.Rows)
                   //   {

                   // for (int j = 0; j < GridView1.Rows.Count; j++)
                   // {
                   for (int i = 5; i < row.Cells.Count; i++)
                    {
                   //string str = ht[devopsid].ToString(); GridView1_ddl5_0
                   //var ddl1 = (DropDownList)dataRow.Cells[3].FindControl("ddl1");
                   DropDownList ddl1 = row.Cells[i].FindControl("ddl") as DropDownList;

                  // for (int i = 5; i < row.Cells.Count; i++) {
                      // DropDownList ddl = (DropDownList)((Control)).NamingContainer.FindControl("ddl");
                     //  String selectedValue = ddl.SelectedValue;
                       if (GridView1.HeaderRow.Cells[i].Text == DropDownList1.SelectedItem.Text.Trim())

                               {

                           string query = " update devopstable set  " + GridView1.HeaderRow.Cells[i].Text + "  = '"+ddl1.SelectedItem.Value+"' ";
                                   SqlCommand cmd = new SqlCommand(query, cnn1);
                                   cnn1.Open();
                                   //  cmd.Parameters.AddWithValue("@devopsid", devopsid);
                                   cmd.ExecuteNonQuery();
                                   cnn1.Close();
                              }
                           //}
                       }
                   }
             //  }
           }
       }

and below is row databound event.

protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
      {
          // int devopsid = Convert.ToInt16(GridView1.DataKeys[RowIndex].Values["devopsid"].ToString());
          if (e.Row.RowType == DataControlRowType.DataRow)
          {
              for (int i = 5; i < e.Row.Cells.Count; i++)
              {
                  DropDownList ddl = new DropDownList();
                  ddl.ID = "ddl" + i;
                  // ddl.SelectedIndex = 0;

                  ddl.Items.Add("Yes");
                  ddl.Items.Add("No");
                  ddl.DataBind();
                  e.Row.Cells[i].Controls.Add(ddl);

              }




          }



      }

Posted 11-Oct-18 0:17am

Member 14011135

Updated 11-Oct-18 3:14am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Accepted Answer · 2018-10-11T03:14:00

Quote:

ddl.ID = "ddl" + i;
...
row.Cells[i].FindControl("ddl")

You create the lists with the IDs ddl5, ddl6, etc.; but you're trying to find a control with the ID ddl, without the numeric suffix.

Add the suffix in your FindControl call:

DropDownList ddl1 = row.Cells[i].FindControl("ddl" + i) as DropDownList;

string query = " update devopstable set  " + GridView1.HeaderRow.Cells[i].Text + "  = '"+ddl1.SelectedItem.Value+"' ";

Don't do it like that! Your code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Unfortunately, you can't use a parameter to represent a column name. You'll need to verify that there is no way for the user to control the column name.

string columnName = GridView1.HeaderRow.Cells[i].Text; // TODO: Validate this column name!
string query = "UPDATE devopstable SET [" + columnName + "] = @Value";
using (SqlCommand cmd = new SqlCommand(query, cnn1))
{
    cmd.Parameters.AddWithValue("@Value", ddl1.SelectedItem.Value);
    
    cnn1.Open();
    cmd.ExecuteNonQuery();
    cnn1.Close();
}

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]