Click here to Skip to main content
14,735,478 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I have a nested gridview. On the top-level grid, I have a button that should call a stored procedure and and put that data into the nested gridview.

Here is my ASPX page code
<form id="form1" runat="server">
<asp:GridView ID="gvCustomers" runat="server" AutoGenerateColumns="false" CssClass="Grid"
    DataKeyNames="ID" OnRowDataBound="OnRowDataBound">
                <asp:Button Text="Expand" runat="server" OnClick="Select" CommandArgument='<%#Eval("ID") %>' />
                <asp:Panel ID="pnlOrders" runat="server" Style="display: none">
                    <asp:GridView ID="gvOrders" runat="server" AutoGenerateColumns="false" CssClass = "ChildGrid">
                            <asp:BoundField ItemStyle-Width="135px" DataField="Label" HeaderText="Label" />
                            <asp:BoundField ItemStyle-Width="150px" DataField="IDs" HeaderText="IDs" />

                            <asp:BoundField ItemStyle-Width="150px" DataFormatString="${0:###,###,###.00}" DataField="Total" HeaderText=Total" />
        <asp:BoundField ItemStyle-Width="150px" DataField="Source" HeaderText="Source" />
        <asp:BoundField ItemStyle-Width="150px" DataField="Label" HeaderText="Label" />
        <asp:BoundField ItemStyle-Width="150px" DataFormatString="${0:###,###,###.00}" DataField="Total20" HeaderText="Total20" />
        <asp:BoundField ItemStyle-Width="150px" DataFormatString="${0:###,###,###.00}" DataField="Total1" HeaderText="Total1" />
        <asp:BoundField ItemStyle-Width="150px" DataFormatString="{0:P1}"  DataField="Average_Fee_PCT" HeaderText="Average Fee" />

Here is my C# code
protected void Select(object sender, EventArgs e)
    string ID = (sender as Button).CommandArgument;

            Response.Write("<script>console.log('ID...." + ID + "');</script>");
        GridView gvOrders = e.Row.FindControl("gvOrders") as GridView;          
        gvOrders.DataSource = GetData(string.Format("exec ReturnDataSingle '" + ID + "', '"+ DateTime.Now.ToString("yyyy-MM-dd") + "'"));


Here is the error message I am getting
'System.EventArgs' does not contain a definition for 'Row' and no extension method 'Row' accepting a first argument of type 'System.EventArgs' could be found 

Can someone help me figure out how I would be able to add the stored procedure data to the gvOrders gridview based off that button click?

What I have tried:

I can't seem to figure out how to add that data into the table from the button click.
Updated 30-Sep-20 23:34pm
Richard Deeming 1-Oct-20 4:31am
GetData(string.Format("exec ReturnDataSingle '" + ID + "', '"+ DateTime.Now.ToString("yyyy-MM-dd") + "'"))

You've written a method which will force you to write code which is vulnerable to SQL Injection[^]. NEVER use string concatenation / interpolation / string.Format to build a SQL query. ALWAYS use a parameterized query.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]

1 solution

Try using the naming container:
protected void Select(object sender, EventArgs e)
    Button button = (Button)sender;
    string ID = button.CommandArgument;
    GridView gvOrders = (GridView)button.NamingContainer.FindControl("gvOrders");
But make sure you fix your GetData method so that you can pass the query parameters properly to avoid a SQL Injection[^] vulnerability.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900