Export (0) Print
Expand All

FormParameter Class

Binds the value of an HTTP request Form field to a parameter object.

System.Object
  System.Web.UI.WebControls.Parameter
    System.Web.UI.WebControls.FormParameter

Namespace:  System.Web.UI.WebControls
Assembly:  System.Web (in System.Web.dll)

public class FormParameter : Parameter

The FormParameter type exposes the following members.

  NameDescription
Public methodFormParameter()Initializes a new unnamed instance of the FormParameter class.
Protected methodFormParameter(FormParameter)Initializes a new instance of the FormParameter class with the values of the instance specified by the original parameter.
Public methodFormParameter(String, String)Initializes a new named instance of the FormParameter class, using the specified string to identify which form variable field to bind to.
Public methodFormParameter(String, DbType, String)Initializes a new instance of the FormParameter class, using the specified string to identify which form variable field to bind to.
Public methodFormParameter(String, TypeCode, String)Initializes a new named and strongly typed instance of the FormParameter class, using the specified string to identify which form variable to bind to.
Top

  NameDescription
Public propertyConvertEmptyStringToNullGets or sets a value indicating whether the value that the Parameter object is bound to should be converted to null if it is String.Empty. (Inherited from Parameter.)
Public propertyDbTypeGets or sets the database type of the parameter. (Inherited from Parameter.)
Public propertyDefaultValueSpecifies a default value for the parameter, should the value that the parameter is bound to be uninitialized when the Evaluate method is called. (Inherited from Parameter.)
Public propertyDirectionIndicates whether the Parameter object is used to bind a value to a control, or the control can be used to change the value. (Inherited from Parameter.)
Public propertyFormFieldGets or sets the name of the form variable that the parameter binds to.
Protected propertyIsTrackingViewStateGets a value indicating whether the Parameter object is saving changes to its view state. (Inherited from Parameter.)
Public propertyNameGets or sets the name of the parameter. (Inherited from Parameter.)
Public propertySizeGets or sets the size of the parameter. (Inherited from Parameter.)
Public propertyTypeGets or sets the type of the parameter. (Inherited from Parameter.)
Public propertyValidateInputGets or sets a value that indicates whether the client input in the parameter is validated.
Protected propertyViewStateGets a dictionary of state information that allows you to save and restore the view state of a Parameter object across multiple requests for the same page. (Inherited from Parameter.)
Top

  NameDescription
Protected methodCloneReturns a duplicate of the current FormParameter instance. (Overrides Parameter.Clone().)
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodEvaluateUpdates and returns the value of the FormParameter object. (Overrides Parameter.Evaluate(HttpContext, Control).)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetDatabaseTypeGets the DbType value that is equivalent to the CLR type of the current Parameter instance. (Inherited from Parameter.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodLoadViewStateRestores the data source view's previously saved view state. (Inherited from Parameter.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Protected methodOnParameterChangedCalls the OnParametersChanged method of the ParameterCollection collection that contains the Parameter object. (Inherited from Parameter.)
Protected methodSaveViewStateSaves the changes to the Parameter object's view state since the time the page was posted back to the server. (Inherited from Parameter.)
Protected methodSetDirtyMarks the Parameter object so its state will be recorded in view state. (Inherited from Parameter.)
Public methodToStringConverts the value of this instance to its equivalent string representation. (Inherited from Parameter.)
Protected methodTrackViewStateCauses the Parameter object to track changes to its view state so they can be stored in the control's ViewState object and persisted across requests for the same page. (Inherited from Parameter.)
Top

  NameDescription
Explicit interface implemetationPrivate methodICloneable.CloneReturns a duplicate of the current Parameter instance. (Inherited from Parameter.)
Explicit interface implemetationPrivate propertyIStateManager.IsTrackingViewStateInfrastructure. Gets a value indicating whether the Parameter object is saving changes to its view state. (Inherited from Parameter.)
Explicit interface implemetationPrivate methodIStateManager.LoadViewStateInfrastructure. Restores the data source view's previously saved view state. (Inherited from Parameter.)
Explicit interface implemetationPrivate methodIStateManager.SaveViewStateInfrastructure. Saves the changes to the Parameter object's view state since the time the page was posted back to the server. (Inherited from Parameter.)
Explicit interface implemetationPrivate methodIStateManager.TrackViewStateInfrastructure. Causes the Parameter object to track changes to its view state so they can be stored in the control's ViewState object and persisted across requests for the same page. (Inherited from Parameter.)
Top

You can use the FormParameter class to bind the value of a form variable in the Form collection to a parameter used in a parameterized query or command. Controls that bind data to the parameter might throw an exception if a FormParameter is specified but no corresponding form variable is passed. They might also display no data if the form variable is passed with no corresponding value. Set the DefaultValue to avoid these situations where appropriate.

The FormParameter class provides the FormField property, which identifies the name of the form variable to bind to, in addition to those inherited from the Parameter class.

Important noteImportant

The FormParameter does not validate the value passed by the form element in any way; it uses the raw value. In most cases you can validate the value of the FormParameter before it is used by a data source control by handling an event, such as the Selecting, Updating, Inserting, or Deleting event exposed by the data source control you are using. If the value of the parameter does not pass your validation tests, you can cancel the data operation by setting the Cancel property of the associated CancelEventArgs class to true.

The following code example demonstrates how to insert data into a database using the SqlDataSource control and a simple ASP.NET Web page. The current data in the data table is displayed in the DropDownList control. You can add new records by entering values in the TextBox controls and clicking the button. When the button is clicked, the specified values are inserted into the database, and the DropDownList is refreshed.

Security noteSecurity Note

This example has a text box that accepts user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.

<%@Page  Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">
private void InsertShipper (object source, EventArgs e) {
  SqlDataSource1.Insert();
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
  <head runat="server">
    <title>ASP.NET Example</title>
</head>
<body>
    <form id="form1" runat="server">

      <asp:dropdownlist
        id="DropDownList1"
        runat="server"
        datasourceid="SqlDataSource1"
        datatextfield="CompanyName"
        datavaluefield="ShipperID" />

<!-- Security Note: The SqlDataSource uses a FormParameter,
     Security Note: which does not perform validation of input from the client.
     Security Note: To validate the value of the FormParameter, handle the Inserting event. -->

      <asp:sqldatasource
        id="SqlDataSource1"
        runat="server"
        connectionstring="<%$ ConnectionStrings:MyNorthwind %>"
        selectcommand="SELECT CompanyName,ShipperID FROM Shippers"
        insertcommand="INSERT INTO Shippers (CompanyName,Phone) VALUES (@CoName,@Phone)">
          <insertparameters>
            <asp:formparameter name="CoName" formfield="CompanyNameBox" />
            <asp:formparameter name="Phone"  formfield="PhoneBox" />
          </insertparameters>
      </asp:sqldatasource>

      <br /><asp:textbox
           id="CompanyNameBox"
           runat="server" />

      <asp:RequiredFieldValidator
        id="RequiredFieldValidator1"
        runat="server"
        ControlToValidate="CompanyNameBox"
        Display="Static"
        ErrorMessage="Please enter a company name." />

      <br /><asp:textbox
           id="PhoneBox"
           runat="server" />

      <asp:RequiredFieldValidator
        id="RequiredFieldValidator2"
        runat="server"
        ControlToValidate="PhoneBox"
        Display="Static"
        ErrorMessage="Please enter a phone number." />

      <br /><asp:button
           id="Button1"
           runat="server"
           text="Insert New Shipper"
           onclick="InsertShipper" />

    </form>
  </body>
</html>

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft