ObjectDataSource与sqldatasource的区别

ObjectDataSource控制��K不直接�c�Y料�熘��g�M行�B接，可以通�^��I�瘴锛�的�{用，���F���Y料�斓牟僮鳌�

一、ObjectDataSource控制�的���重要�傩�
    SelectMethod：ObjectDataSource控制��绦胁樵��r�{用的方法名。
   DeleteMethod：ObjectDataSource控制��绦�h除�r�{用的方法名。
    UpdateMethod：ObjectDataSource控制��绦懈�新�r�{用的方法名。
    InsertMethod：ObjectDataSource控制��绦胁迦�r�{用的方法名。

二、ObjectDataSource控制�的���重要方法
    Select()：�{用SelectMethod�M行查�
    Insert()：�{用InsertMethod�M行插入
    Update()：�{用UpdateMethod�M行更新
   Delete()：�{用DeleteMethod�M行�h除

三、ObjectDataSource控制�的���重要的子元素
    InsertParameters：��InsertMethod的方法提供���
    UpdateParameters：��UpdateMethod的方法提供���
    DeleteParameters：��DeleteMethod的方法提供���
    SelectParameters：��SelectMethod的方法提供���
   
四、�e例
    1.配置�B接字串
    2.����I�漳＝M（此�我用�Y料�斓�insert/update/delete/select�硖娲�，在���H��用中，�I�漳＝M�h比此�}�s）
        在此�I�展δ苣＝M用的是SQLDataSource物件�x取�Y料的，��然也可以用ADO.NET�碜x取���
        public class FruitDA
        {
            private SqlDataSource sd;
            public FruitDA()
            {
                sd = new SqlDataSource();
                sd.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["conn1"].ToString();;
            }
            public DataView select()
            {
                sd.SelectCommand = "select * from fruit";
                sd.DataSourceMode = SqlDataSourceMode.DataSet;
                DataView ds = (DataView)sd.Select(DataSourceSelectArguments.Empty);
                return ds;
            }
            public void update(string ids,string name,decimal price,string source,string stack)
            {
                sd.UpdateCommand = "update fruit set name = @name,price = @price,source = @source,stack = @stack where ids = @ids";
                sd.UpdateParameters.Add("ids", TypeCode.String, ids);
                sd.UpdateParameters.Add("name",TypeCode.String,name);
                sd.UpdateParameters.Add("price", TypeCode.Decimal, price.ToString());
                sd.UpdateParameters.Add("source",TypeCode.String,source);
                sd.UpdateParameters.Add("stack",TypeCode.String,stack);
                sd.Update();
            }
            public void insert(string ids, string name, decimal price, string source, string stack)
            {
                sd.InsertCommand = "insert into fruit (ids,name,price,source,stack) values(@ids,@name,@price,@source,@stack)";
                sd.InsertParameters.Add("ids", TypeCode.String, ids);
                sd.InsertParameters.Add("name", TypeCode.String, name);
                sd.InsertParameters.Add("price", TypeCode.Decimal, price.ToString());
                sd.InsertParameters.Add("source", TypeCode.String, source);
                sd.InsertParameters.Add("stack", TypeCode.String, stack);
                sd.Insert();
            }
            public void delete(string ids)
            {
                sd.DeleteCommand = "delete from fruit where ids = @ids";
                sd.DeleteParameters.Add("ids",TypeCode.String,ids);
                sd.Delete();
            }
        }
    3.配置ObjectDataSource和GridView，���Fupdate/select/delete功能
        <asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" DataKeyNames="ids" DataSourceID="s">
            <Columns>
                <asp:CommandField ShowDeleteButton="True" ShowEditButton="True" />
                <asp:BoundField DataField="ids" />
                <asp:BoundField DataField="name" />
                <asp:BoundField DataField="price" />
                <asp:BoundField DataField="source" />
                <asp:BoundField DataField="stack" />
            </Columns>
        </asp:GridView>
        <asp:ObjectDataSource ID="s" runat="server" SelectMethod="select" TypeName="FruitDA" DeleteMethod="delete" UpdateMethod="update" InsertMethod="insert" >
            <DeleteParameters>
                <asp:Parameter Name="ids" Type="String" />
            </DeleteParameters>
            <UpdateParameters>
                <asp:Parameter Name="ids" Type="String" />
                <asp:Parameter Name="name" Type="String" />
                <asp:Parameter Name="price" Type="Decimal" />
                <asp:Parameter Name="source" Type="String" />
                <asp:Parameter Name="stack" Type="String" />
            </UpdateParameters>
            <InsertParameters>
                <asp:ControlParameter Name="ids" ControlID = "txtIds" Type="String" />
                <asp:ControlParameter Name="name" ControlID = "txtName" Type="String" />
                <asp:ControlParameter Name="price" ControlID = "txtPrice" Type="Decimal" />
                <asp:ControlParameter Name="source" ControlID = "txtSource" Type="String" />
                <asp:ControlParameter Name="stack" ControlID = "txtStack" Type="String" />
            </InsertParameters>
        </asp:ObjectDataSource>
        <asp:TextBox ID="txtIds" runat="server"></asp:TextBox>
        <asp:TextBox ID="txtName" runat="server"></asp:TextBox>
        <asp:TextBox ID="txtPrice" runat="server"></asp:TextBox>
        <asp:TextBox ID="txtSource" runat="server"></asp:TextBox>
        <asp:TextBox ID="txtStack" runat="server"></asp:TextBox><br />
        <asp:Button ID="Button1" runat="server" Text="Insert" OnClick="Button1_Click" />
    4.���F插入功能的代�a
         protected void Button1_Click(object sender, EventArgs e)
        {
            s.Insert();
        }           

    ControlParameter：以表�慰刂祈�的�傩灾底����
    FormParameter：以表�慰刂祈�的id作����
    CookieParameter：以Cookie值作����
    SessionParameter：以Session值作����
    QuaryStringParameter：以查�字串作����
    ProfileParameter：以��性化�O置的�热葑����
    在ado.net1.1中好象中只有一�N��殿�型，�槭颤N要在�@�Y出�F�@�N多的��殿�型？
    1、�z查��档�碓搭�型，防止篡改Cookie或QuaryString的值�M地攻��
    2、���档拈L度�M行�z查
    3、�ψ⑷胧焦�舻拇��a�M行安全�理
   
    ��蹬e例：
    1 .ControParameter
    protected void Button1_Click(object sender, EventArgs e)
    {
        SqlDataSource1.SelectCommand = "select * from fruit where ids = @ids";
          //ddl是下拉清��
        ControlParameter param = new ControlParameter("ids", "ddl", "SelectedItem.Value");
       
        SqlDataSource1.SelectParameters.Clear();
        SqlDataSource1.SelectParameters.Add(param);
    }

    2.SessionParameter
    protected void Button2_Click(object sender, EventArgs e)
    {
        Session["data"] = txtIds.Text;
        SqlDataSource1.SelectCommand = "select * from fruit where ids = @ids";
        SessionParameter param = new SessionParameter("ids", "data");
        SqlDataSource1.SelectParameters.Clear();
        SqlDataSource1.SelectParameters.Add(param);
       
    }
   
    3.CookieParameter
    protected void Button3_Click(object sender, EventArgs e)
    {
        Response.Cookies.Add(new HttpCookie("data",txtIds.Text));
        SqlDataSource1.SelectCommand = "select * from fruit where ids = @ids";
        CookieParameter param = new CookieParameter("ids", "data");
        SqlDataSource1.SelectParameters.Clear();
        SqlDataSource1.SelectParameters.Add(param);
    }
    4.QuryStringParameter
    protected void Button4_Click(object sender, EventArgs e)
    {
        Response.Redirect("default5.aspx?id="+txtIds.Text);
    }
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            if (Request.QueryString["id"] != null)
            {
                Response.Cookies.Add(new HttpCookie("data", txtIds.Text));
                SqlDataSource1.SelectCommand = "select * from fruit where ids = @ids";
                QueryStringParameter param = new QueryStringParameter("ids", "id");
                SqlDataSource1.SelectParameters.Clear();
                SqlDataSource1.SelectParameters.Add(param);
            }
        }
    }
   
    5.FormParameter
    protected void Button5_Click(object sender, EventArgs e)
    {
        SqlDataSource1.SelectCommand = "select * from fruit where ids = @ids";
        FormParameter param = new FormParameter("ids", "ddl");
        SqlDataSource1.SelectParameters.Clear();
        SqlDataSource1.SelectParameters.Add(param);
    }