Wrox Programmer Forums
|
BOOK: Beginning ASP.NET 3.5 : in C# and VB BOOK ISBN: 978-0-470-18759-3
This is the forum to discuss the Wrox book Beginning ASP.NET 3.5: In C# and VB by Imar Spaanjaars; ISBN: 9780470187593
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning ASP.NET 3.5 : in C# and VB BOOK ISBN: 978-0-470-18759-3 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old October 31st, 2011, 03:52 AM
Authorized User
 
Join Date: Sep 2011
Posts: 24
Thanks: 7
Thanked 0 Times in 0 Posts
Default Connection strings

I am using asp.net2.0
Through my webpage created
I want to open a table in sql server database and check whether the data entered by the user in text box in webpage exists in the table. I am using an oledb data connection.How to create data connection and query the database
how can i do all these things in the code behind file using C#.
In vb I use the following code and it works.what to do it to work in C#.
Code:
  Protected Sub Page_Init(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Init
        db = Server.CreateObject("ADODB.Connection")
        db.Open("Provider=SQLOLEDB;Data Source=something;Password=pwd;User ID=sa;Initial Catalog=something")

    End Sub
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

    End Sub
    Public Sub clearall()
        txtCmpnyname.Text = String.Empty
        txtUname.Text = String.Empty
        txtPwd.Text = String.Empty

    End Sub
    Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnLogin.Click
        If txtCmpnyname.Text = String.Empty Then

            MsgBox("Plese fill company name", MsgBoxStyle.Information, "Login page")
            txtCmpnyname.Focus()
            Exit Sub


        End If
        If txtUname.Text = String.Empty Then
            MsgBox("Please fill username", MsgBoxStyle.Information, "Login page")
            txtUname.Focus()
            Exit Sub


        End If
        If txtPwd.Text = String.Empty Then
            MsgBox("Please fill password", MsgBoxStyle.Information, "Login page")
            txtPwd.Focus()
            Exit Sub


        End If
        Dim rec As String
        rec = "select Companyname,user_id, password from companydet where user_id='" & Trim(txtUname.Text) & " ' and password='" & Trim(txtPwd.Text) & " 'and companyname='" & Trim(txtCmpnyname.Text) & "'"
        rs.open(rec, db, 3, 3)
        If rs.eof Then
            MsgBox("Incorrect company name,username or password", MsgBoxStyle.Information, "Login page")
            rs.close()
            clearall()
            txtCmpnyname.Focus()

            Exit Sub


        End If



        If Trim(rs.fields("user_id").value) <> Trim(txtUname.Text) Then
            MsgBox("Check your capskey lock", MsgBoxStyle.Information, "Login page")
            txtUname.Text = String.Empty
            txtPwd.Text = String.Empty
            txtUname.Focus()
            Exit Sub

        End If




        If Trim(rs.fields("password").value) <> Trim(txtPwd.Text) Then
            MsgBox(" Check your capskey lock", MsgBoxStyle.Information, "Login page")
            txtPwd.Text = String.Empty
            txtPwd.Focus()
            rs.Close()
            Exit Sub


        End If
        clearall()

        Response.Redirect("Default2.aspx")

    End Sub

    Protected Sub btnExit_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnExit.Click
please provide some examples
 
Old October 31st, 2011, 08:32 AM
Imar's Avatar
Wrox Author
 
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
Default

Hi there,

You can http://converter.telerik.com to convert your code to C#. However, you need more than just a conversion. Some tips:

1. Since this is about ASP.NET 2, and not about my book Beginning ASP.NET 3.5, you're better off posting questions like these in a generic ASP.NET 2 category: http://p2p.wrox.com/asp-net-asp-12/

2. Your code is open to SQL Injection meaning anybody could log in without knowing a password. Even worse, they could take over your machine.

3. Running under the SA account is a bad idea as it has way too many privileges. This is even more problematic if your code is open to SQL Injection attacks.

4. Don't use MsgBox in ASP.NET It appears to work on your machine as the Server and the Client are the same. However, MsgBox appears on the server, and not in the client's browser.Send JavaScript to the client instead that uses alert or other ways to present a message to the user.

5. Don't use ADODB.Connection. This is the old / COM way of doing things used in classic ASP years ago. Instead, use ADO.NET.

6. Consider using the Validation controls so you don't have to validate each field by hand.

Hope this helps,

Imar
__________________
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Follow me on Twitter

Author of Beginning ASP.NET 4.5 : in C# and VB, Beginning ASP.NET Web Pages with WebMatrix
and Beginning ASP.NET 4 : in C# and VB.
Did this post help you? Click the button below this post to show your appreciation!
 
Old November 1st, 2011, 12:15 AM
Authorized User
 
Join Date: Sep 2011
Posts: 24
Thanks: 7
Thanked 0 Times in 0 Posts
Default connections

I converted the code to c#.Now using windows authentication and validation tools are included.
To connect to Sql server i created one oledb connection class.
Code:
 OleDbConnection connection = new OleDbConnection(conn);
        OleDbCommand cmd = new OleDbCommand(SQL, connection);
        connection.Open();
        OleDbDataReader reader = cmd.ExecuteReader();
       if (reader.Read())
       {
           reader.Close();
           connection.Close();
           clearall();
           Response.Redirect("Default2.aspx");
       }
Anyway its working fine;
My query is using this oledb connection how can i check each fields in the table with some value in my textbox.I am very new to asp and following your asp 3.5 book.so i posted the query here.please help
 
Old November 1st, 2011, 12:52 PM
Imar's Avatar
Wrox Author
 
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
Default

Quote:
Since this is about ASP.NET 2, and not about my book Beginning ASP.NET 3.5, you're better off posting questions like these in a generic ASP.NET 2 category: http://p2p.wrox.com/asp-net-asp-12/
Even though you're following my book, you're much better off posting in the category I suggested as more people will view posts created there, increasing your chances on an answer.

If you want to use techniques from my book, check out Chapter 13 that deals with LINQ and LINQ to SQL, concepts you can use to access your database.

Cheers,

Imar
__________________
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Follow me on Twitter

Author of Beginning ASP.NET 4.5 : in C# and VB, Beginning ASP.NET Web Pages with WebMatrix
and Beginning ASP.NET 4 : in C# and VB.
Did this post help you? Click the button below this post to show your appreciation!





Similar Threads
Thread Thread Starter Forum Replies Last Post
CH30 Connection Strings morphius BOOK: Professional C# 4.0 and .NET 4 0 November 23rd, 2010 01:23 PM
Connection Strings WFletch Visual Basic 2008 Essentials 1 July 14th, 2008 09:42 AM
Securing connection strings haines ASP.NET 2.0 Basics 1 March 2nd, 2008 04:28 PM
Connection Strings WillyWonker BOOK: Beginning VB.NET 2nd Edition/Beginning VB.NET 2003 3 January 25th, 2005 10:40 AM
Connection Strings hcweb Classic ASP Basics 6 September 23rd, 2004 03:29 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.