Click here to Skip to main content
14,922,431 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
All aspects of my code works and runs properly but I realized the URL for my HyperLinkField is too long to display properly. How do I set the text property to the word "View". As you can see below I've already set the text property to "View" but the dynamically created URL over writes the text.
ASP
<div id="first" style="float:left;">
             <asp:GridView ID="GridView3" runat="server" AutoGenerateColumns="False" CellPadding="4" CellSpacing="1" HorizontalAlign="Center">
                    <Columns>
                        <asp:BoundField DataField="AccountNo" HeaderText="AccountNo" SortExpression="AccountNo" />
                        <asp:BoundField DataField="State" HeaderText="State" SortExpression="State" />
                        <asp:BoundField DataField="DocumentType" HeaderText="DocumentType" SortExpression="DocumentType" />
                        <asp:BoundField DataField="Error_MSG" HeaderText="Error_MSG" SortExpression="Error_MSG" />
                        <asp:BoundField DataField="Intent" HeaderText="Intent" SortExpression="Intent" />
                        <asp:BoundField DataField="LoadDate" HeaderText="LoadDate" SortExpression="LoadDate" />
                        <asp:HyperLinkField DataTextField="EncryptedURL" DataNavigateUrlFields="EncryptedURL" Text="View"  HeaderText="EncryptedURL"/>
                    </Columns>
             </asp:GridView>
       </div><pre lang="c#">


Here's the code behind that fires off in the page load event

C#
using (SqlConnection con = new SqlConnection("Data Source=test;Initial Catalog=test;User ID=te;Password=great"))
{
    lblAcct.Text = Request.QueryString["Account"];
    con.Open();
    SqlCommand cmd = new SqlCommand(" Select * from test.dbo.test where AccountNo = '" + lblAcct.Text + "'", con);
    SqlDataReader dr = cmd.ExecuteReader();
    GridView3.DataSource = dr;
    GridView3.DataBind();
    con.Close();
}


What I have tried:

Again, I have already tried setting the text property to "View" but since the data is dynamically added to the gridview the text gets over written.

Any thoughts?
Posted
Updated 20-Dec-16 5:33am

1 solution

You've set both the Text and the DataTextField properties. The DataTextField will overwrite the Text value with the value from the data source.

Remove the DataTextField property, and it should start using the Text property instead:
ASP.NET
<asp:HyperLinkField DataNavigateUrlFields="EncryptedURL" Text="View"  HeaderText="EncryptedURL"/>


However, you have a serious security vulnerability[^] in your code. You should fix that immediately, and review any other database code you've written to check for and fix the vulnerability.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

C#
string account = Request.QueryString["Account"];
lblAcct.Text = Server.HtmlEncode(account); // Encode the value to avoid cross-site scripting

using (SqlConnection con = new SqlConnection("Data Source=test;Initial Catalog=test;User ID=te;Password=great"))
using (SqlCommand cmd = new SqlCommand("Select * from test.dbo.test where AccountNo = @AccountNo", con))
{
    cmd.Parameters.AddWithValue("@AccountNo", account); // Use parameters to avoid SQL Injection
    
    con.Open();
    using (SqlDataReader dr = cmd.ExecuteReader())
    {
        GridView3.DataSource = dr;
        GridView3.DataBind();
    }
}
   
Comments
MadDog23 20-Dec-16 11:45am
   
Wow that was simple. Thanks for the resolution and the advice Richard.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900