1

I have a web application and I need to find the check box inside a listview to check whether it is checked or not in order to delete the selected data. And I am having delete button to do so. But when ever I am pressing the button it is not getting inside the listview code and cannot find the checkbox. Here is my sample code:

protected void btnDelete_Click(object sender, EventArgs e)
{
    try
    {

        foreach (ListViewDataItem Ldi in ListView1.Items)
        {
            if (Ldi.ItemType == ListViewItemType.DataItem)
            {
                CheckBox cb = (CheckBox)(Ldi.FindControl("chkBxSelect"));
                HiddenField hdnFldCandidateID = (HiddenField)(Ldi.FindControl("hdnFldCandidateID"));
                string candidateID = hdnFldCandidateID.Value;

                if (cb.Checked)
                {
                    con.Open();
                    query = "delete from candidates where candidate_id=" + candidateID + "";
                    cmd = new SqlCommand(query, con);
                    cmd.ExecuteNonQuery();
                    con.Close();
                    Response.Redirect("candidate-search");
                }
                else
                {
                    ShowAlert("Please select one cadidate to Delete");
                }
            }


        }
    }
    catch (Exception ex)
    {
        Response.Write("Error:" + ex);
    }
    finally
    {
        con.Close();
    }
}
barsan
  • 2,431
  • 16
  • 45
  • 62
  • What would happen if I changed the value of the hidden field on your web form to `'1'; drop table candidates;`? Please look into parameterized queries on Google or on [SO Why do we always prefer using parameters in SQL statements?](http://stackoverflow.com/a/7505895/1260204) – Igor Feb 26 '16 at 16:40

0 Answers0