lingers says:
if
(chk.Checked)
{
if
(acceptedCylinder ==
"[]"
)
{
using
(SqlCommand cmd =
new
SqlCommand(
"UPDATE issuesheet SET cylinders=@cylinders where pid='"
+ pid +
"'"
, con))
{
cmd.Parameters.AddWithValue(
"@cylinders"
,
"['"
+ number.Trim() +
"']"
);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
ClientScript.RegisterStartupScript(
this
.GetType(),
"Popup"
,
"ShowPopup('Record Inserted successfully.');"
,
true
);
}
else
{
List<
string
> CylinderNo = acceptedCylinder.Replace(
"["
,
""
).Replace(
"]"
,
""
).Replace(
"'"
,
""
).Split(',').ToList();
CylinderNo.Add(number);
using
(SqlCommand cmd =
new
SqlCommand(
"UPDATE issuesheet SET cylinders=@cylinders where pid='"
+ pid +
"'"
, con))
{
cmd.Parameters.AddWithValue(
"@cylinders"
,
"['"
+
string
.Join(
"','"
, CylinderNo.Distinct()) +
"']"
);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
ClientScript.RegisterStartupScript(
this
.GetType(),
"Popup"
,
"ShowPopup('Record Updated Successfully.');"
,
true
);
}
}
else
{
if
(!
string
.IsNullOrEmpty(acceptedCylinder))
{
List<
string
> CylinderNo = acceptedCylinder.Replace(
"["
,
""
).Replace(
"]"
,
""
).Replace(
"'"
,
""
).Split(',').ToList();
CylinderNo.Remove(number);
using
(SqlCommand cmd =
new
SqlCommand(
"UPDATE issuesheet SET cylinders=@cylinders where pid='"
+ pid +
"' "
, con))
{
cmd.Parameters.AddWithValue(
"@cylinders"
, CylinderNo.Distinct().Count() > 0 ?
"['"
+
string
.Join(
"','"
, CylinderNo.Distinct()) +
"']"
:
"[]"
);
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
ClientScript.RegisterStartupScript(
this
.GetType(),
"Popup"
,
"ShowPopup('Record Deleted Successfully.');"
,
true
);
}
}
In this code you are updating the colun value with single quote. So its inserting values in single quote in the database e.g ['23a','23b']
You neet to modify the code to insert double quote.
protected void OnChckedChanged(object sender, EventArgs e)
{
CheckBox chk = (CheckBox)sender;
GridViewRow row = (GridViewRow)chk.NamingContainer;
string number = row.Cells[2].Text;
string pid = Label27.Text;
string constring = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constring))
{
string acceptedCylinder = GetAcceptedCylinder(pid);
if (chk.Checked)
{
if (acceptedCylinder == "[]")
{
using (SqlCommand cmd = new SqlCommand("UPDATE issuesheet SET cylinders=@cylinders where pid='" + pid + "'", con))
{
cmd.Parameters.AddWithValue("@cylinders", "[\"" + number.Trim() + "\"]");
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
ClientScript.RegisterStartupScript(this.GetType(), "Popup", "ShowPopup('Record Inserted successfully.');", true);
}
else
{
List<string> CylinderNo = acceptedCylinder.Replace("[", "").Replace("]", "").Replace("\"", "").Split(',').ToList();
CylinderNo.Add(number);
using (SqlCommand cmd = new SqlCommand("UPDATE issuesheet SET cylinders=@cylinders where pid='" + pid + "'", con))
{
cmd.Parameters.AddWithValue("@cylinders", "[\"" + string.Join("\",\"", CylinderNo.Distinct()) + "\"]");
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
ClientScript.RegisterStartupScript(this.GetType(), "Popup", "ShowPopup('Record Updated Successfully.');", true);
}
}
else
{
if (!string.IsNullOrEmpty(acceptedCylinder))
{
List<string> CylinderNo = acceptedCylinder.Replace("[", "").Replace("]", "").Replace("\"", "").Split(',').ToList();
CylinderNo.Remove(number);
using (SqlCommand cmd = new SqlCommand("UPDATE issuesheet SET cylinders=@cylinders where pid='" + pid + "' ", con))
{
cmd.Parameters.AddWithValue("@cylinders", CylinderNo.Distinct().Count() > 0 ? "[\"" + string.Join("\",\"", CylinderNo.Distinct()) + "\"]" : "[]");
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
ClientScript.RegisterStartupScript(this.GetType(), "Popup", "ShowPopup('Record Deleted Successfully.');", true);
}
}
}
}