How to set text property for dynamically created hyperlinkfield

Question

0.00/5 (No votes)

See more:

All aspects of my code works and runs properly but I realized the URL for my HyperLinkField is too long to display properly. How do I set the text property to the word "View". As you can see below I've already set the text property to "View" but the dynamically created URL over writes the text.

ASP

<div id="first" style="float:left;">
             <asp:GridView ID="GridView3" runat="server" AutoGenerateColumns="False" CellPadding="4" CellSpacing="1" HorizontalAlign="Center">
                    <Columns>
                        <asp:BoundField DataField="AccountNo" HeaderText="AccountNo" SortExpression="AccountNo" />
                        <asp:BoundField DataField="State" HeaderText="State" SortExpression="State" />
                        <asp:BoundField DataField="DocumentType" HeaderText="DocumentType" SortExpression="DocumentType" />
                        <asp:BoundField DataField="Error_MSG" HeaderText="Error_MSG" SortExpression="Error_MSG" />
                        <asp:BoundField DataField="Intent" HeaderText="Intent" SortExpression="Intent" />
                        <asp:BoundField DataField="LoadDate" HeaderText="LoadDate" SortExpression="LoadDate" />
                        <asp:HyperLinkField DataTextField="EncryptedURL" DataNavigateUrlFields="EncryptedURL" Text="View"  HeaderText="EncryptedURL"/>
                    </Columns>
             </asp:GridView>
       </div><pre lang="c#">

Here's the code behind that fires off in the page load event

C#

using (SqlConnection con = new SqlConnection("Data Source=test;Initial Catalog=test;User ID=te;Password=great"))
{
    lblAcct.Text = Request.QueryString["Account"];
    con.Open();
    SqlCommand cmd = new SqlCommand(" Select * from test.dbo.test where AccountNo = '" + lblAcct.Text + "'", con);
    SqlDataReader dr = cmd.ExecuteReader();
    GridView3.DataSource = dr;
    GridView3.DataBind();
    con.Close();
}

What I have tried:

Again, I have already tried setting the text property to "View" but since the data is dynamically added to the gridview the text gets over written.

Any thoughts?

Posted 20-Dec-16 5:13am

MadDog23

Updated 20-Dec-16 5:33am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Accepted Answer · 2016-12-20T05:33:00

You've set both the Text and the DataTextField properties. The DataTextField will overwrite the Text value with the value from the data source.

Remove the DataTextField property, and it should start using the Text property instead:

ASP.NET

<asp:HyperLinkField DataNavigateUrlFields="EncryptedURL" Text="View"  HeaderText="EncryptedURL"/>

However, you have a serious security vulnerability[^] in your code. You should fix that immediately, and review any other database code you've written to check for and fix the vulnerability.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

C#

string account = Request.QueryString["Account"];
lblAcct.Text = Server.HtmlEncode(account); // Encode the value to avoid cross-site scripting

using (SqlConnection con = new SqlConnection("Data Source=test;Initial Catalog=test;User ID=te;Password=great"))
using (SqlCommand cmd = new SqlCommand("Select * from test.dbo.test where AccountNo = @AccountNo", con))
{
    cmd.Parameters.AddWithValue("@AccountNo", account); // Use parameters to avoid SQL Injection
    
    con.Open();
    using (SqlDataReader dr = cmd.ExecuteReader())
    {
        GridView3.DataSource = dr;
        GridView3.DataBind();
    }
}