DetailsView.ItemUpdating DetailsView.ItemUpdating DetailsView.ItemUpdating DetailsView.ItemUpdating Event

定義

DetailsView コントロール内の Update ボタンがクリックされた場合に、更新操作前に発生します。Occurs when an Update button within a DetailsView control is clicked, but before the update operation.

public:
 event System::Web::UI::WebControls::DetailsViewUpdateEventHandler ^ ItemUpdating;
public event System.Web.UI.WebControls.DetailsViewUpdateEventHandler ItemUpdating;
member this.ItemUpdating : System.Web.UI.WebControls.DetailsViewUpdateEventHandler 
Public Custom Event ItemUpdating As DetailsViewUpdateEventHandler 

次のコード例は、使用する方法を示します、ItemUpdatingイベントにデータ ソースのレコードが更新される前に、ユーザーが入力した値を HTML エンコードします。The following code example demonstrates how to use the ItemUpdating event to HTML-encode the values entered by the user before a record is updated in the data source.


<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
  void CustomerDetail_ItemInserted(object sender, 
    DetailsViewInsertedEventArgs e)
  {
    // Refresh the GridView control after a new record is inserted 
    // in the DetailsView control.
    CustomersView.DataBind();
  }

  void CustomerDetail_ItemInserting(object sender, 
    DetailsViewInsertEventArgs e)
  {
    // Iterate though the values entered by the user and HTML encode 
    // the values. This helps prevent malicious values from being 
    // stored in the data source.
    for (int i = 0; i < e.Values.Count; i++)
    {
      if (e.Values[i] != null)
      {
        e.Values[i] = Server.HtmlEncode(e.Values[i].ToString());
      }
    }
  }

  void CustomerDetail_ItemUpdated(object sender, 
    DetailsViewUpdatedEventArgs e)
  {
    // Refresh the GridView control after a new record is updated 
    // in the DetailsView control.
    CustomersView.DataBind();
  }

  void CustomerDetail_ItemUpdating(object sender, 
    DetailsViewUpdateEventArgs e)
  {
    // Iterate though the values entered by the user and HTML encode 
    // the values. This helps prevent malicious values from being 
    // stored in the data source.
    for (int i = 0; i < e.NewValues.Count; i++)
    {
      if (e.NewValues[i] != null)
      {
        e.NewValues[i] = Server.HtmlEncode(e.NewValues[i].ToString());
      }
    }
  }

  void CustomerDetail_ItemDeleted(object sender, 
    DetailsViewDeletedEventArgs e)
  {
    // Refresh the GridView control after a new record is updated 
    // in the DetailsView control.
    CustomersView.DataBind();
  }
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>
      DetailsView Example</title>
</head>
<body>
  <form id="Form1" runat="server">
    <h3>
      DetailsView Example</h3>
    <table cellspacing="10">
      <tr>
        <td>
          <!-- Use a GridView control in combination with      -->
          <!-- a DetailsView control to display master-detail  -->
          <!-- information. When the user selects a store from -->
          <!-- GridView control, the customers//s detailed     -->
          <!-- information is displayed in the DetailsView     -->
          <!-- control.                                        -->
          <asp:GridView ID="CustomersView" DataSourceID="Customers" 
            AutoGenerateColumns="False"
            DataKeyNames="CustomerID" runat="server">
            <HeaderStyle BackColor="Blue" ForeColor="White" />
            <Columns>
              <asp:CommandField ShowSelectButton="True" />
              <asp:BoundField DataField="ContactName" 
                HeaderText="ContactName" />
              <asp:BoundField DataField="CompanyName" 
                HeaderText="CompanyName" />
            </Columns>
          </asp:GridView>
        </td>
        <td valign="top">
          <asp:DetailsView ID="CustomerDetail" 
            DataSourceID="Details" AutoGenerateRows="false"
            AutoGenerateInsertButton="true" 
            AutoGenerateEditButton="true" 
            AutoGenerateDeleteButton="true"
            EmptyDataText="No records." 
            DataKeyNames="CustomerID" GridLines="Both" 
            OnItemInserted="CustomerDetail_ItemInserted"
            OnItemInserting="CustomerDetail_ItemInserting" 
            OnItemUpdated="CustomerDetail_ItemUpdated"
            OnItemUpdating="CustomerDetail_ItemUpdating" 
            OnItemDeleted="CustomerDetail_ItemDeleted"
            runat="server">
            <HeaderStyle BackColor="Navy" ForeColor="White" />
            <RowStyle BackColor="White" />
            <AlternatingRowStyle BackColor="LightGray" />
            <EditRowStyle BackColor="LightCyan" />
            <Fields>
              <asp:BoundField DataField="CustomerID" HeaderText="CustomerID" ReadOnly="True" />
              <asp:BoundField DataField="ContactName" HeaderText="ContactName" />
              <asp:BoundField DataField="ContactTitle" HeaderText="ContactTitle" />
              <asp:BoundField DataField="CompanyName" HeaderText="CompanyName" />
              <asp:BoundField DataField="Address" HeaderText="Address" />
              <asp:BoundField DataField="City" HeaderText="City" />
              <asp:BoundField DataField="Region" HeaderText="Region" />
              <asp:BoundField DataField="PostalCode" HeaderText="PostalCode" />
              <asp:BoundField DataField="Country" HeaderText="Country" />
              <asp:BoundField DataField="Phone" HeaderText="Phone" />
              <asp:BoundField DataField="Fax" HeaderText="Fax" />
            </Fields>
          </asp:DetailsView>
        </td>
      </tr>
    </table>
    <!-- This example uses Microsoft SQL Server and connects -->
    <!-- to the Northwind sample database.                   -->
    <!-- It is strongly recommended that each data-bound     -->
    <!-- control uses a separate data source control.        -->
    <asp:SqlDataSource ID="Customers" runat="server" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      SelectCommand="SELECT [CompanyName], [ContactName], [CustomerID] 
        FROM [Customers]">
    </asp:SqlDataSource>
    <!-- Add a filter to the data source control for the     -->
    <!-- DetailsView control to display the details of the   -->
    <!-- store selected in the GridView control.             -->
    <asp:SqlDataSource ID="Details" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      runat="server" 
      SelectCommand="SELECT * FROM [Customers] 
        WHERE ([CustomerID] = @CustomerID)"
      DeleteCommand="DELETE FROM [Customers] 
        WHERE [CustomerID] = @CustomerID"
      InsertCommand="INSERT INTO [Customers] ([CustomerID], 
        [CompanyName], [ContactName], [ContactTitle], [Address], 
        [City], [Region], [PostalCode], [Country], [Phone], [Fax]) 
        VALUES (@CustomerID, @CompanyName, @ContactName, @ContactTitle, 
        @Address, @City, @Region, @PostalCode, @Country, @Phone, @Fax)"
      UpdateCommand="UPDATE [Customers] SET [CompanyName] = @CompanyName, 
        [ContactName] = @ContactName, [ContactTitle] = @ContactTitle, 
        [Address] = @Address, [City] = @City, [Region] = @Region, 
        [PostalCode] = @PostalCode, [Country] = @Country, 
        [Phone] = @Phone, [Fax] = @Fax 
        WHERE [CustomerID] = @CustomerID">
      <SelectParameters>
        <asp:ControlParameter ControlID="CustomersView" 
          Name="CustomerID" PropertyName="SelectedValue"
          Type="String" />
      </SelectParameters>
      <DeleteParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
      </DeleteParameters>
      <UpdateParameters>
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
        <asp:Parameter Name="CustomerID" Type="String" />
      </UpdateParameters>
      <InsertParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
      </InsertParameters>
    </asp:SqlDataSource>
  </form>
</body>
</html>
<%@ Page Language="VB" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
  Sub CustomerDetail_ItemInserted(ByVal sender As Object, _
    ByVal e As DetailsViewInsertedEventArgs)
    ' Refresh the GridView control after a new record is inserted in 
    ' the DetailsView control.
    CustomersView.DataBind()
  End Sub
  
  Sub CustomerDetail_ItemInserting(ByVal sender As Object, _
    ByVal e As DetailsViewInsertEventArgs)
    ' Iterate though the values entered by the user and HTML encode 
    ' the values. This helps prevent malicious values from being 
    ' stored in the data source.
    For i As Integer = 0 To e.Values.Count - 1
      If e.Values(i) IsNot Nothing Then
        e.Values(i) = Server.HtmlEncode(e.Values(i).ToString())
      End If
    Next
  End Sub
  
  Sub CustomerDetail_ItemUpdated(ByVal sender As Object, _
    ByVal e As DetailsViewUpdatedEventArgs)
    ' Refresh the GridView control after a new record is updated 
    ' in the DetailsView control.
    CustomersView.DataBind()
  End Sub
  
  Sub CustomerDetail_ItemUpdating(ByVal sender As Object, _
    ByVal e As DetailsViewUpdateEventArgs)
    ' Iterate though the values entered by the user and HTML encode 
    ' the values. This helps prevent malicious values from being 
    ' stored in the data source.
    For i As Integer = 0 To e.NewValues.Count - 1
      If e.NewValues(i) IsNot Nothing Then
        e.NewValues(i) = Server.HtmlEncode(e.NewValues(i).ToString())
      End If
    Next
  End Sub
  
  Sub CustomerDetail_ItemDeleted(ByVal sender As Object, _
    ByVal e As DetailsViewDeletedEventArgs)
    ' Refresh the GridView control after a new record is updated 
    ' in the DetailsView control.
    CustomersView.DataBind()
  End Sub
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>DetailsView Example</title>
</head>
<body>
  <form id="Form1" runat="server">
    <h3>DetailsView Example</h3>
    <table cellspacing="10">
      <tr>
        <td>
          <!-- Use a GridView control in combination with      -->
          <!-- a DetailsView control to display master-detail  -->
          <!-- information. When the user selects a store from -->
          <!-- GridView control, the customers's detailed      -->
          <!-- information is displayed in the DetailsView     -->
          <!-- control.                                        -->
          <asp:GridView ID="CustomersView" DataSourceID="Customers" 
            AutoGenerateColumns="False"
            DataKeyNames="CustomerID" runat="server">
            <HeaderStyle BackColor="Blue" ForeColor="White" />
            <Columns>
              <asp:CommandField ShowSelectButton="True" />
              <asp:BoundField DataField="ContactName" 
                HeaderText="ContactName" />
              <asp:BoundField DataField="CompanyName" 
                HeaderText="CompanyName" />
            </Columns>
          </asp:GridView>
        </td>
        <td valign="top">
          <asp:DetailsView ID="CustomerDetail" DataSourceID="Details" 
            AutoGenerateRows="false"
            AutoGenerateInsertButton="true" 
            AutoGenerateEditButton="true" 
            AutoGenerateDeleteButton="true"
            EmptyDataText="No records." 
            DataKeyNames="CustomerID" GridLines="Both" 
            OnItemInserted="CustomerDetail_ItemInserted"
            OnItemInserting="CustomerDetail_ItemInserting" 
            OnItemUpdated="CustomerDetail_ItemUpdated"
            OnItemUpdating="CustomerDetail_ItemUpdating" 
            OnItemDeleted="CustomerDetail_ItemDeleted"
            runat="server">
            <HeaderStyle BackColor="Navy" ForeColor="White" />
            <RowStyle BackColor="White" />
            <AlternatingRowStyle BackColor="LightGray" />
            <EditRowStyle BackColor="LightCyan" />
            <Fields>
              <asp:BoundField DataField="CustomerID" HeaderText="CustomerID" 
                ReadOnly="True" />
              <asp:BoundField DataField="ContactName" HeaderText="ContactName" />
              <asp:BoundField DataField="ContactTitle" HeaderText="ContactTitle" />
              <asp:BoundField DataField="CompanyName" HeaderText="CompanyName" />
              <asp:BoundField DataField="Address" HeaderText="Address" />
              <asp:BoundField DataField="City" HeaderText="City" />
              <asp:BoundField DataField="Region" HeaderText="Region" />
              <asp:BoundField DataField="PostalCode" HeaderText="PostalCode" />
              <asp:BoundField DataField="Country" HeaderText="Country" />
              <asp:BoundField DataField="Phone" HeaderText="Phone" />
              <asp:BoundField DataField="Fax" HeaderText="Fax" />
            </Fields>
          </asp:DetailsView>
        </td>
      </tr>
    </table>
    <!-- This example uses Microsoft SQL Server and connects -->
    <!-- to the Northwind sample database.                   -->
    <!-- It is strongly recommended that each data-bound     -->
    <!-- control uses a separate data source control.        -->
    <asp:SqlDataSource ID="Customers" runat="server" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      SelectCommand="SELECT [CompanyName], [ContactName], [CustomerID] 
        FROM [Customers]">
    </asp:SqlDataSource>
    <!-- Add a filter to the data source control for the     -->
    <!-- DetailsView control to display the details of the   -->
    <!-- store selected in the GridView control.             -->
    <asp:SqlDataSource ID="Details" 
      ConnectionString=
        "<%$ ConnectionStrings:NorthwindConnectionString %>"
      runat="server" 
      SelectCommand="SELECT * FROM [Customers] 
        WHERE ([CustomerID] = @CustomerID)"
      DeleteCommand="DELETE FROM [Customers] 
        WHERE [CustomerID] = @CustomerID"
      InsertCommand="INSERT INTO [Customers] ([CustomerID], 
        [CompanyName], [ContactName], [ContactTitle], [Address], 
        [City], [Region], [PostalCode], [Country], [Phone], [Fax]) 
        VALUES (@CustomerID, @CompanyName, @ContactName, 
        @ContactTitle, @Address, @City, @Region, @PostalCode, 
        @Country, @Phone, @Fax)"
      UpdateCommand="UPDATE [Customers] SET 
        [CompanyName] = @CompanyName, 
        [ContactName] = @ContactName, [ContactTitle] = @ContactTitle, 
        [Address] = @Address, [City] = @City, [Region] = @Region, 
        [PostalCode] = @PostalCode, [Country] = @Country, 
        [Phone] = @Phone, [Fax] = @Fax 
        WHERE [CustomerID] = @CustomerID">
      <SelectParameters>
        <asp:ControlParameter ControlID="CustomersView" 
          Name="CustomerID" PropertyName="SelectedValue"
          Type="String" />
      </SelectParameters>
      <DeleteParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
      </DeleteParameters>
      <UpdateParameters>
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
        <asp:Parameter Name="CustomerID" Type="String" />
      </UpdateParameters>
      <InsertParameters>
        <asp:Parameter Name="CustomerID" Type="String" />
        <asp:Parameter Name="CompanyName" Type="String" />
        <asp:Parameter Name="ContactName" Type="String" />
        <asp:Parameter Name="ContactTitle" Type="String" />
        <asp:Parameter Name="Address" Type="String" />
        <asp:Parameter Name="City" Type="String" />
        <asp:Parameter Name="Region" Type="String" />
        <asp:Parameter Name="PostalCode" Type="String" />
        <asp:Parameter Name="Country" Type="String" />
        <asp:Parameter Name="Phone" Type="String" />
        <asp:Parameter Name="Fax" Type="String" />
      </InsertParameters>
    </asp:SqlDataSource>
  </form>
</body>
</html>

注釈

ItemUpdatingとき内の Update ボタン イベントが発生、DetailsViewコントロールをクリックすると、更新操作前にします。The ItemUpdating event is raised when an Update button within a DetailsView control is clicked, but before the update operation. これにより、このイベントが発生するたびに、更新操作のキャンセルなどのカスタムのルーチンを実行するイベント ハンドラーを提供できます。This allows you to provide an event handler that performs a custom routine, such as canceling the update operation, whenever this event occurs.

ADetailsViewUpdateEventArgsオブジェクトが更新されるレコードのインデックスを確認して、更新操作をキャンセルするかを示すことができます、イベント ハンドラーに渡されます。A DetailsViewUpdateEventArgs object is passed to the event handler, which allows you to determine the index of the record being updated and to indicate that the update operation should be canceled. 更新操作をキャンセルするには、設定、Cancelプロパティをtrueします。To cancel the update operation, set the Cancel property to true. 操作することも、 KeysOldValues、およびNewValuesコレクション、必要に応じて、データ ソースに値が渡される前にします。You can also manipulate the Keys, OldValues, and NewValues collections, if necessary, before the values are passed to the data source. これらのコレクションを使用する一般的な方法では、データ ソースに格納する前に、ユーザーによって指定された値に HTML エンコードです。A common way to use these collections is to HTML-encode the values supplied by the user before they are stored in the data source. これは、スクリプト インジェクション攻撃を防ぐのに役立ちます。This helps to prevent script injection attacks.

イベントを処理する方法の詳細については、次を参照してください。処理とイベントの発生します。For more information about how to handle events, see Handling and Raising Events.

適用対象

こちらもご覧ください