about the custom button

2
votes

I want to make a button(C# winform):

The code in the usercontrol:

public partial class UserControl1 : Button
{
    string sqlstr;

    [Description("SQL STRING")]
    [DefaultValue(typeof(string), "")]
    public string SqlStr
    {
        get { return sqlstr; }

        set { sqlstr = value; }
    }

    private void button1_Click(object sender, EventArgs e)

// if I change this into overide OnClick( EventArgs e) the problem still //exist

    {
        base.OnClick(e);
        String connstr = @"Provider=OraOLEDB.Oracle;data source=***;user id=***;password=***;";
        OleDbConnection conn = new OleDbConnection(connstr);
        string str = this.sqlstr;
        try
        {
            conn.Open();
            OleDbCommand cmd = new OleDbCommand(str, conn);
            cmd.ExecuteNonQuery();
        }
        catch (Exception ee)
        {
            MessageBox.Show(ee.Message);
        }
        finally
        {
            conn.Close();
        }

    }

}

The code in the main frame:

        this.btn_del = new mybutton.UserControl1();

        this.btn_del.Click += new System.EventHandler(this.btn_del_Click);

        ......

        private void btn_del_Click(object sender, EventArgs e)
        {
            string txtid =txt_id.Text;// a label called txt_id in my frame
            string strsql = "delete from myTable where id='" + txtid + "'";
             btn_del.SqlStr = strsql;
        }

Why doesn't the custom button work when the mainframe has more than one button? (only one button receive the SqlStr, others receive nothing) if there is another button in the frame private void btn_insert_Click(object sender, EventArgs e) { string txtid =txt_id.Text;// a label called txt_id in my frame string strsql = "insert into mytable (...)values (...)"; btn_insert.SqlStr = strsql; }

the SqlStr can not be received by the usercontrol

1
c#buttonuser-controls
Metro? WinForms? WPF? Silverlight? ASP.Net? MonoTouch?SLaks
You have a SQL injection vulnerability.SLaks
typing in 3' or 1=1; -- into your txt_id textbox would cause bad things to happenAdam Rackis
How specifically does it not work when more than one button is in a frame? Does it report an error? Does it execute the wrong SQL?competent_tech
It is pretty unclear how you hope the button1_Click event handler to run. You must override OnClick instead.Hans Passant

1 Answers

0
votes

I'ts not clear what you're trying to accomplish here. But I'll try to explain what's happening.

public class UserControl1 : Button {

    string sqlstr;

    [Description("SQL STRING")]
    [DefaultValue(typeof (string), "")]
    public string SqlStr {
        get { return sqlstr; }
        set { sqlstr = value; }
    }

    protected override void OnClick(System.EventArgs e) {
        base.OnClick(e);
        MessageBox.Show(sqlstr);
    }
}

I've simplified the code to only prove the UserControl receives the correct sql statement. After you've created the class and built the project, you should be able to drag a UserControl1 from the Toolbox onto your form, name it btn_del, and double click it to create the event handler:

void btn_del_Click(object sender, EventArgs e) {
    string txtid = txt_id.Text;
    string strsql = "delete from myTable where id='" + txtid + "'";
    btn_del.SqlStr = strsql;
}

Now, when the button gets clicked, execution starts with the overridden OnClick. Its first line is

base.OnClick(e);

Part of the base's OnClick method will be to execute any event handlers attached to its Click event. Therefor, it will execute the btn_del_Click method. This method will set the control's SqlStr property. When btn_del_Click has finished, execution of the overridden OnClick method will continue. It will show the sql statement that was saved in the SqlStr property.

I've tried it with two buttons and two event handlers. When I click the Delete button, the delete statement will show. When I click the Insert button, the insert statement will show.

I'm not sure if that's what you expect. If it's not, please explain what you expect to happen. If it is, but you're seeing something else happen, please tell us what's happening.