Sep
18
2006
Codebehind databinding - howto part 2
Posted by admin under
In practice
In part 1 we created a gridview and programatically fed it with a stored procedure resultset from SQL Server.
Now lets see what happens when the visitor clicks the Edit link or New Customer link. The NavigateUrl was set to editcust.aspx in our gridview DataBound handler:
protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
{
if (e.Row.RowType == DataControlRowType.DataRow)
{
DataRowView row = e.Row.DataItem as DataRowView;
...
...
HyperLink hlEdit = e.Row.FindControl("hlEdit") as HyperLink;
if (hlEdit != null)
hlEdit.NavigateUrl = "editcust.aspx?id=" + row["id"].ToString();
...
...
}
}
So when clicked on "Edit" for a row we will be transferred to editcust.aspx?id=<id>. For "New" we are just taken to editcust.aspx (no id parameter). The key thing here to keep our projects manageble is to use the same page for insert and update (just as we did with the stored procedure).
Before diving into the code - lets see how the page should look like:
First we define the GUI:
<form id="form1" runat="server">
<div>
<h1 runat="server" id="header"></h1>
Name:<br />
<asp:TextBox ID="txtName" runat="server"></asp:TextBox><br />
<asp:Button ID="btnUpdate" runat="server" Text="Save" OnClick="btnUpdate_Click" />
</div>
</form>
By setting runat="server" for our h1 tag we will be able to modify it from our codebehind code - cause we do want it to say "Edit customer" and "New customer" depending on the context.
Ok, in Page_Load we need to determine if we are inserting a new record or updating an existing. While checking the whether Request["id"] parameter is present might be good enough, we do need some more information if we are updating an existing customer. We need to retrieve the customername and fill the textbox.
if (!IsPostBack)
{
DataRow row = GetDataRow();
if (row == null)
{
header.InnerText = "New customer";
}
else
{
header.InnerText = "Edit customer";
txtName.Text = row["custname"].ToString();
}
}
We call a function GetDataRow - and if that return null we are in "insert mode" - otherwise the datarow is filled and we use it to set the textbox: txtName.Text = row["custname"].ToString();
And here's our GetDataRow()
We call the stored procedure cust_OpenCust - feeding it the Request["id"]. This will return the current customer record to edit. First we do some sanity checks - if Request["id"] isn't present at all then we do know it is an "insert" taking place - so we just return null directly back to Page_Load.
Our last piece of code: what happens when the user clicks the button:
Aside from the Page.IsValid check which I will discuss later we just call the cust_SaveCustomer stored proedure feeding it with -1 (new) or the existing customers id and txtName.Text. And finally we redirect back to default.aspx which is the list of all existing customers.
Always use a if ( Page.IsValid ) check.
Why? In our example it's of no use - we use no validation at all (at least a RequiredFieldValidator for the name might have been good, right?). And the day we decide to use client side validations, we might still see that empty/invalid data gets inserted into our database. Simply put - client side validation needs JavaScript. If a visitor doesn't have that enabled, no client side validatin will occur. And if we doesn't call Page.IsValid before saving no validation will occur at all. Cause the truth is Page.IsValid will call the validator functions on the serverside if needed and therefore ensure the same validation is performed regardless of whether Javascript is enabled or not.
So basically, don't rely on JavaScript functions. Use them to enhance the visitors GUI, but nothing more.