Is it possible to create an embeded SQL statement that is created based on what the user selects, and then attaching it as the datasource to the report?
Something like:
string SQL = "Select CustomerID, CustomerName from Customer where CustomerID = 1 and CustomerID = 3 and CustomerID = 8"
report1.datasource = SQL;
Something like:
string SQL = "Select CustomerID, CustomerName from Customer where CustomerID = 1 and CustomerID = 3 and CustomerID = 8"
report1.datasource = SQL;
8 Answers, 1 is accepted
0
Chris Gillies
Top achievements
Rank 1
Rank 1
answered on 16 Jul 2008, 09:46 AM
Such approach is a strictly no-no. This way anyone with enough knowledge of sql would be able to inject whatever code he wishes.
- http://msdn.microsoft.com/en-us/magazine/cc163917.aspx
- http://msdn.microsoft.com/en-us/library/ms998271.aspx
0
tony
Top achievements
Rank 1
Rank 1
answered on 08 Sep 2008, 09:26 PM
Hi ,
I also need to dynamic change 'Data Source' because of dynamic SQL select comand created after some input data from user. Just wondering that,
Did anyone had this solution yet? If yes, Can you share 'Syntax' for how to do this? Thanks!!
I also need to dynamic change 'Data Source' because of dynamic SQL select comand created after some input data from user. Just wondering that,
Did anyone had this solution yet? If yes, Can you share 'Syntax' for how to do this? Thanks!!
0
Chris Gillies
Top achievements
Rank 1
Rank 1
answered on 09 Sep 2008, 07:27 AM
Check this video out: http://www.telerik.com/support/videos/preview/b221i-cm-b221c-kcb.aspx
0
tony
Top achievements
Rank 1
Rank 1
answered on 09 Sep 2008, 12:14 PM
Thanks Chris for this great video. It is for input 'Parameter' into a window application. I would change into a SQL select command , and my quetion is
what is sytax for replace this SQL select command and then fill data in web application and C#.
In video, syntax is:
ReportViewer1.Report = New Report1();
...
ReportViewer1.RefreshReport();
(their is no RefreshReport in web application)
Need syntax for put SQL select command back to report, and
Fill Data , and Refresh Report.
Please advice.
what is sytax for replace this SQL select command and then fill data in web application and C#.
In video, syntax is:
ReportViewer1.Report = New Report1();
...
ReportViewer1.RefreshReport();
(their is no RefreshReport in web application)
Need syntax for put SQL select command back to report, and
Fill Data , and Refresh Report.
Please advice.
0
Chris Gillies
Top achievements
Rank 1
Rank 1
answered on 09 Sep 2008, 01:14 PM
Tony,
The Web ReportViewer does not have RefreshReport() method since it is being refresh on each postback and therefore it does not need such a method.
As for changing the select statement, you can overwrite the select command directly by getting reference to the sqlDataAdapter1. Note that this is no different than changing the select statement for DataGrid etc. so not sure how this is related to Reporting directly - you can google to find more info on the matter. Here is how you can bind the report programmatically - it should give you clues on how to do it (http://www.telerik.com/help/reporting/programmaticcreatingareport.html).
Cheers
The Web ReportViewer does not have RefreshReport() method since it is being refresh on each postback and therefore it does not need such a method.
As for changing the select statement, you can overwrite the select command directly by getting reference to the sqlDataAdapter1. Note that this is no different than changing the select statement for DataGrid etc. so not sure how this is related to Reporting directly - you can google to find more info on the matter. Here is how you can bind the report programmatically - it should give you clues on how to do it (http://www.telerik.com/help/reporting/programmaticcreatingareport.html).
Cheers
0
tony
Top achievements
Rank 1
Rank 1
answered on 09 Sep 2008, 02:20 PM
Thanks Chris!
Actually after my create MyDataset. I use
ReportViewer1.Datasource = MyDataset;
It generate a error for Do not contain defination
for 'Datasource' , What will be the correct syntax for
put my MyDataset back to ReportViewer1?
Actually after my create MyDataset. I use
ReportViewer1.Datasource = MyDataset;
It generate a error for Do not contain defination
for 'Datasource' , What will be the correct syntax for
put my MyDataset back to ReportViewer1?
0
Hello Tony,
You should use ReportViewer1.Report.DataSource instead. Please use the intellisense to check if a property/method exists and re-build your project to make sure it can be compiled, before posting an inquiry.
Regards,
Steve
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.
You should use ReportViewer1.Report.DataSource instead. Please use the intellisense to check if a property/method exists and re-build your project to make sure it can be compiled, before posting an inquiry.
Regards,
Steve
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.
0
tony
Top achievements
Rank 1
Rank 1
answered on 11 Sep 2008, 07:46 PM
Thanks for your informations.
If there is additional resource or sample which can help to
'Driven/control a report by dynamic SQL command' will be appreciate.
If there is additional resource or sample which can help to
'Driven/control a report by dynamic SQL command' will be appreciate.