0

I have a 10 column DataTable that pulls data from a SQL database. I am trying to give an in-line edit option that when pressing a cell in the table, a pop up window opens and you are able to edit the specific value in the cell.

My problem is that I need to find the name of the column so I know what value to change in the database. I found a way to get the column number (zero based), the number of the row I am editing and of course the new value I wish to change to.

My SQL update string looks like this: 

"UPDATE " + tableName + " SET ??? = " + "'" + newVal + "'" + " WHERE [UserName] = " + id;

and as you can see I have no idea what to write instead of the "???".

Hope I was clear with my explanation.

Maybe this will help: as I said, I know the number of the column that is trying to be edited using: 

var col = $(this).parent().children().index($(this));
WillardSolutions
  • 2,316
  • 4
  • 28
  • 38
Chezi Zarur
  • 11
  • 1
  • 3
  • Show us what you have tried so far to get the column name. – dcreight May 09 '16 at 18:38
  • Your sql string looks very suspicious. Have you ever heard about sql injection? You might want to read up about it as your code looks wide open. – Sean Lange May 09 '16 at 18:41
  • @dcreight, i haven't found any thing successful to get the column name. i did find this: http://stackoverflow.com/questions/17885667/sql-server-select-column-by-number but i don't thing that dynamic SQL is the way for me here. must be something simpler out there. – Chezi Zarur May 09 '16 at 19:23
  • @SeanLange, heard about it, didn't try it. ill check that out. is there a way using SQL injection? – Chezi Zarur May 09 '16 at 19:27
  • SQL injection is a BAD thing....not a good thing. http://bobby-tables.com/ – Sean Lange May 09 '16 at 19:35
  • I've thought of a way to bypass my problem: build a little array with 0->10 in one column and the names of the columns in the other. That way i could "convert" the number of the column to the name. kind of stupid but i think it will work. Any comments? – Chezi Zarur May 10 '16 at 07:50
  • I think the concept of editing a row of data one cell at a time seems crazy. I would suggest you edit the entire row in one operation. Then you need to fix the sql injection vulnerability. – Sean Lange May 10 '16 at 13:00
  • @SeanLange, You are right, but in this case a need both "editing a row of data one cell at a time" and "editing the entire row in one operation". the latter I already have. tnx – Chezi Zarur May 10 '16 at 13:28

0 Answers0