在单击按钮上动态插入多个记录

本文关键字：记录插入动态单击按钮 | 更新日期: 2023-09-27 18:33:04

我有 2 个表，比如....

在这里，管理员根据课程和学期将科目分配给院系。

1] Assign_Subjects

Faculty_Id      varchar(20)     
Course_Id       varchar(20)     
Semester        varchar(20)     
Subject_Id      varchar(20)     
Subject_Name    varchar(50)     
Time            varchar(50)
INSERT INTO Assign_Subjects Values("F1","BCA",2,"DS","Data Structure","10-11")
INSERT INTO Assign_Subjects Values("F1","BCA",2,"C","C Programming","11-12")
INSERT INTO Assign_Subjects Values("F1","BCA",1,"QB","Q Basic","1-2")
INSERT INTO Assign_Subjects Values("F2","BCA",3,"SS","System Structure","10-11")
INSERT INTO Assign_Subjects Values("F2","BCA",3,"AC","Accountancy","11-12")

在这里，教师确实为学生插入标记

2] Exam_Result

Result_Id           int(Auto no and PK)
Enroll_Number       varchar(50) Checked
Student_Name        varchar(100)    Checked
Course_Id           varchar(50) Checked
Semester            varchar(50) Checked
Subject_Id          varchar(50) Checked
Subject_Name        varchar(50) Checked
MarksObtained       numeric(18, 0)  Checked
Exam_Type           varchar(50) Checked

现在我的问题是如何在单击按钮时将所有分配的主题标记插入到Exam_Result

我给出我想要的一般想法是....

在 FillResult.aspx 中，这里我希望所有带有文本框(或任何其他可能的方式，如网格视图/dalalist 等(的主题名称由管理员和按钮(onClick 事件(分配来填充标记......

注意：主题显示为分配而不是固定科目数量，可能是 3 或 5 或更多

那么，我怎么可能这样做.....？？

通过网格视图，编辑模板或存储的过程????

非常欢迎所有Amswers.....

在单击按钮上动态插入多个记录

如果您不知道输入标记的主题的确切数量 - 我们应该如何生成查询来执行此操作？

为了向您展示

如何防止SQL注入攻击，您将SQL放在存储过程中：

create PROCEDURE [dbo].[pr_GetAssignedSubjectsByFacultyIdAndSemester]
@FacultyID int,
@Semester nvarchar(MAX)
AS
BEGIN
SET NOCOUNT ON;
SELECT [Faculty], [Subjects],[CreatedBy],[CreatedDate],[ModifiedBy],[ModifiedDate]
 FROM [dbo].[tblNotSure]
WHERE [FacultyID] = @FacultyID
AND [Semester] = @Semester
AND [IsDeleted] = 0
END

然后在代码中，我们调用存储过程，注意参数化命令，这可以防止SQL注入攻击。例如，假设我们在学期中输入ddl/textbox(或使用FireBug编辑元素值( 1 联合选择 * 从 Master.Users - 执行此临时 SQL 可以返回 SQL 用户帐户列表，但通过参数化命令传递可避免此问题：

public static aClassCollection GetAssignedSubjectsByFacultyIdAndSemester(int facultyId, string semester)
{
var newClassCollection = new aClassCollection();
    using (var connection = new SqlConnection(ConfigurationManager.ConnectionStrings["sqlConn"].ConnectionString))
    {
        using (var command = new SqlCommand("pr_GetAssignedSubjectsByFacultyIdAndSemester", connection))
        {
            try
            {
                command.CommandType = CommandType.StoredProcedure;
                command.Parameters.AddWithValue("@facultyId", facultyId);
                command.Parameters.AddWithValue("@semester", semester);
                connection.Open();
                SqlDataReader dr = command.ExecuteReader();
                while (dr.Read())
                {
                    newClassCollection.Add(new Class(){vals = dr["vals"].ToString()});
                }
            }
            catch (SqlException sqlEx)
            {
             //at the very least log the error
            }
            finally
            {
             //This isn't needed as we're using the USING statement which is deterministic                    finalisation, but I put it here (in this answer) to explain the Using...
                connection.Close();
            }
        }
    }
    return newClassCollection;
}