Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Jun 16, 2006 05:36 PM|LINK
First off - you're trying to use inline codeblocks, it seems, like in the old Classic ASP days. It's no longer done this way in ASP.Net. Since ASP.Net is event-driven, all code code is in event handlers (subs/functions). In this case, what you'd probably
need to do is to create/Dim some global variables in your page (outside any events), and inside the Page_Load event, assign the variable names, just like you did
Therefore, you would not use a code block segment, either, in the SelectCommand property of a SQLDataSource control. That is for the SQL statement or Stored Procedure name only.
Also - if you haven't heard about SQL Injection attacks, you need to learn now....instead of using concatenated SQL statements, the answer to SQL Injection attacks, in this case, is parameterized queries. Check out this 2 part tutorial on Parameterized Queries
That being said, you can use a SQL statement (Select [Field list] from [Table name] where
Then, inside your SQLDataSource, use the parameters section to assign where the data for each parameter is coming from.