Problem when paging filter values with Textbox

Question

When I filter some value by an textbox it the first page goes well ofc but the moment that I change to the second page it kinda refreshs and Give me all values again... Codebehind:

 protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["Nome"] == null)
            {

                Response.Redirect("Login.aspx");
            }
            if (!Page.IsPostBack)
            {
                bindgrid();
            } 


        }

        private void bindgrid()
        {
            SqlConnection con = new SqlConnection();
            con.ConnectionString = ConfigurationManager.ConnectionStrings["ConStr1"].ToString();
            con.Open();

            SqlCommand cmd = new SqlCommand();
            cmd.CommandText = "Select * from [Movimentos]";
            cmd.Connection = con;

            DataSet ds = new DataSet();
            SqlDataAdapter da = new SqlDataAdapter(cmd);
            da.Fill(ds);
            Sqldata.DataSource = ds;
            Sqldata.DataBind();


        }
        protected void Button1_Click(object sender, EventArgs e)
        {
            void bindgrid()
            {
                SqlConnection con = new SqlConnection();
                con.ConnectionString = ConfigurationManager.ConnectionStrings["ConStr1"].ToString();
                con.Open();

                SqlCommand cmd = new SqlCommand();
                cmd.CommandText = "Select * from [Movimentos]";
                cmd.Connection = con;

                DataSet ds = new DataSet();
                SqlDataAdapter da = new SqlDataAdapter(cmd);
                da.Fill(ds);
                Sqldata.DataSource = ds;


            }
        }
        protected void Sqldata_PreRender(object sender, EventArgs e)
        {
            Label1.Text = "Mostrando a página " + (Sqldata.PageIndex + 1).ToString() + " de " + Sqldata.PageCount.ToString();

        }
        protected void Sqldata_PageIndexChanging(object sender, GridViewPageEventArgs e)
        {



                Sqldata.PageIndex = e.NewPageIndex;
                Sqldata.DataSource = (SqlDataSource1);
                SqlDataSource1.DataBind();


        }

        protected void ButnPesquisar_Click(object sender, EventArgs e)
        {
            string filter = "";
            string command = "SELECT * FROM Movimentos WHERE";


            if (textDataMovimento.Text != "")
            {
                filter = filter + "  [Data Movimento] LIKE '%" + textDataMovimento.Text + "%' AND";
            }
            if (TextDataValor.Text != "")
            {
                filter = filter + " [Data Valor] LIKE '%" + TextDataValor.Text + "%' AND";
            }
            if (TextDescricao.Text != "")
            {
                filter = filter + " [Descrição] LIKE '%" + TextDescricao.Text + "%' AND";
            }
            if (TextValor.Text != "")
            {
                filter = filter + " [Valor] LIKE '%" + TextValor.Text + "%' AND";
            }
            if (textTipodeMovimento.Text != "")
            {
                filter = filter + " [Tipo de Movimento] LIKE '%" + textTipodeMovimento.Text + "%' AND";
            }
            if (filter.Length > 0)
            {
                Sqldata.DataSource = SqlDataSource1;
                string FinalFilter = filter.Remove(filter.Length - 3);
                SqlDataSource1.SelectCommand = command + FinalFilter;
                Sqldata.DataBind();
            }
            else
            {
                Sqldata.DataBind();
            }



        }

Any solution? I wasn't able to find any answers cause it looks like no one is using multi textbox's to filter... I Think that's something about the databind right? I tried to take remove change to anothers place but didnt work

[How does the SQL injection from the “Bobby Tables” XKCD comic work?](https://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work) — Wiktor Zychla, May 22 '19 at 10:39
@WiktorZychla Where did I "remove" the data from the table?~ — PuppyPoop, May 22 '19 at 10:44
@PuppyPoop you didn't. The point is that it provides an entry point for someone else to attempt to do so, by typing (carefully formed) SQL statements into your textbox. You should learn to use SQL parameters to guard against this vulnerability. — ADyson, May 22 '19 at 11:02
Anyway... "kinda refreshs and Give me all values again"...is that the best you can say? Have you done any debugging to try and narrow down the issue? — ADyson, May 22 '19 at 11:03
@ADyson Basically when I try to go to the second page or it shows the same data as the first page or refresh the gridview — PuppyPoop, May 22 '19 at 13:08
Yes you've already said that. But that's a symptom, from the user's point of view, not the result of a programmer investigating their code in detail. Start thinking like a programmer, not a user. Have you stepped through your code with the Visual Studio debugger to see what your variable values are, to see how/where it might be passing the wrong filter data? — ADyson, May 22 '19 at 13:16
From just looking at the code, it seems to me that the filtering only happens when you press the Butn_Pesiquar. When the Sqldata_PageIndexChanging happens, you just re-bind the data to the original data source, without taking any account of the filter options. I think you need to move the filtering code into a separate function which you can call from both the button click and the page changing event, so that the filter is always applied to the datasource each time you refresh. — ADyson, May 22 '19 at 13:19

Problem when paging filter values with Textbox

0 Answers0