0

There is a gridview in my webform. If I add records in it then it does not display on the front end but gets saved in the database. I think I have to add insert join to two tables because while displaying the gridview I have used select join, that's why it's not showing in front end.

The first query is in my code and second query is 

insert into SubmenuRec(Menu_ID, SubMenu_id) Values(@MenuID,@SubMenu_id)

Can I use join here for displaying new added records in table, and if yes then how?

  protected void GridView1_RowCommand(object sender, GridViewCommandEventArgs e)
    {
        if (e.CommandName.Equals("AddNew"))
        {
            TextBox txtSubMenu_id = (TextBox)GridView1.FooterRow.FindControl("txtftrSubMenu_id");
            TextBox txtSubmenu_name = (TextBox)GridView1.FooterRow.FindControl("txtfSubmenu_name");
            String strConnString = ConfigurationManager.ConnectionStrings["CallcenterConnectionString"].ConnectionString;
            SqlConnection con = new SqlConnection(strConnString);
            con.Open();
            SqlCommand cmd =
            new SqlCommand(
            "insert into Submenu(SubMenu_id,Submenu_name) values('" + txtSubMenu_id.Text + "','" + txtSubmenu_name.Text + "')", con);
            int result = cmd.ExecuteNonQuery();
            con.Close();

            if (result == 1)
            {

                lblresult.Text = " Details inserted successfully";
            }
            else
            {
                lblresult.Text = " Details not inserted";
            }
        }
    }
Manfred Radlwimmer
  • 13,257
  • 13
  • 53
  • 62
user31
  • 9
  • 1
  • 7
  • 2
    You need to reexecute the query that loads the gridview. But first and foremost learn about Sql Injection. This code is a disaster waiting to happen http://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work – Steve May 04 '17 at 10:07
  • @Steve disaster..? why...? its a simple code...if it is possible and if u knw how to do then can u pls help – user31 May 04 '17 at 10:08
  • 4
    Read carefully at the link posted in the comment above. Sql Injection is really easy to exploit and the damages are very serious. – Steve May 04 '17 at 10:11
  • is there any other way to do this – user31 May 04 '17 at 10:19
  • 1
    You use parameterized queries to pass values directly to the database engine avoiding the parser to be tricked into executing multiple queries – Steve May 04 '17 at 10:22

0 Answers0