开发者

Is there a way to use a parameterized filter on a DataView?

Is there a way to use a parameterized filter on a Da开发者_如何学JAVAtaView?

I want to filter rows in a DataView based on a users' search criteria. When doing SQL lookups I can use parameters which help resolve issues with both strange characters and protects against SQL injection. While weird things from a user won’t return or harm data with my view, it will prevent a search from executing property.

If I have DataView DV, how do I set the row filter so that input “test’test” doesn’t escape the search string dv.rowfilter= “col like ‘” & searchtext & “’”?

[EDIT]

Since this just isn't possible I decided to use Linq with a regular expression.


I don't think it's possible to use parameters with a DataView. You can do a simple string replace to escape single quotes.

dv.rowfilter= “col like ‘%” & searchtext.Replace("'", "''") & “%’”

or use String.Format which, personally, i think is a little cleaner.

dv.rowfilter= String.Format(“col like ‘%{0}%’”, searchtext.Replace("'", "''"));
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜