473,574 Members | 3,092 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Problems Passing Parameter from web page 1 to web page 2.

Hi,

I'm having trouble passing a parameter from my default.aspx page to my
default2.aspx page.

I have values from a query in a list box and the goal is to pass the
"catID" from default.aspx to a stored procedure on the details2.aspx
page.

I can successfully pass the values from the listbox control to a
textbox on the page (done to eliminate other sources of error).

===========
DEFAULT.ASPX
============
Here is the listbox data (works fine when tested with a textbox):

listbox1.DataTe xtField="catDes c";
listbox1.DataVa lueField="catID "; <---- this is the data I will want
to use as @catID
All other things being checked (e.g. connection string), here is the
code snippet.

Am I using the parameter wrong?

cmd2.CommandTyp e = CommandType.Sto redProcedure;

SqlParameter sqlPrm = new SqlParameter("@ catID",
ListBox1.Select edValue);

cmd2.Parameters .Add(sqlPrm);

==========
DEFAULT2.ASPX
===========
I'm trying to pass the parameter (which should be an integer form the
catID) to TextBox1 to make sure that the process is working before I
mess with adding the parameter to a stored procedure. Here is the
"retrieval" code:

protected void Page_Load(objec t sender, EventArgs e)
{
if (!IsPostBack)
{
string temp;
temp = Request.Params["catID"];
TextBox1.Text = temp;
}
}
Any advice is much appreciated.
Thanks in advance,
Ranginald

Apr 29 '06 #1
4 2749
Ranginald wrote:
Hi,

I'm having trouble passing a parameter from my default.aspx page to my
default2.aspx page.

I have values from a query in a list box and the goal is to pass the
"catID" from default.aspx to a stored procedure on the details2.aspx
page.

I can successfully pass the values from the listbox control to a
textbox on the page (done to eliminate other sources of error).

===========
DEFAULT.ASPX
============
Here is the listbox data (works fine when tested with a textbox):

listbox1.DataTe xtField="catDes c";
listbox1.DataVa lueField="catID "; <---- this is the data I will want
to use as @catID
All other things being checked (e.g. connection string), here is the
code snippet.

Am I using the parameter wrong?

cmd2.CommandTyp e = CommandType.Sto redProcedure;

SqlParameter sqlPrm = new SqlParameter("@ catID",
ListBox1.Select edValue);

cmd2.Parameters .Add(sqlPrm);

==========
DEFAULT2.ASPX
===========
I'm trying to pass the parameter (which should be an integer form the
catID) to TextBox1 to make sure that the process is working before I
mess with adding the parameter to a stored procedure. Here is the
"retrieval" code:

protected void Page_Load(objec t sender, EventArgs e)
{
if (!IsPostBack)
{
string temp;
temp = Request.Params["catID"];
TextBox1.Text = temp;
}
}
Any advice is much appreciated.
Thanks in advance,
Ranginald


You managed to leave out most of the information that is needed to help
you with this...

1. What is the problem? What is happening, and how does that differ from
what you expect to happen?

2. Any useful code. You are creating an SQL parameter in the first page,
what are you using that for? Do you use it at all? How do you post the
form to the second page?
Apr 29 '06 #2
Ok. Sorry....

1. The problem is that I originally passed a parameter from defalt to
default2 using a query string (eg. default2.aspx?c atID=X) where X is
generated from a user selection on default. X is then used to generate
a datagrid on default2.

This works fine --- except I've read that instead of passing X to page
2 using a query string, that I should protect myself from SQL injection
attacks and pass X to a stored procedure, using parameters. I read that
I shouldn't do the default2.aspx?c atID=X because someone could just add
a "?catID=X; malicious code here".

2. Application Overview
It's basically a master/detail product situation
..
For the code posted above, all I want to do is run a test to get the
basics working. In the test it's just a listbox on default and I want
to pass a parameter to the stored procedure on the second page, and
create a datagrid with the results.
a)take a listbox which I have populated on page default
b) and pass the parameter, catID (an integer) to page default2
c) execute a stored procedure (as listed below) with the catID as a
parameter
d) and create a datagrid with the results.

At this point I have a test page setup to figure this out:
DEFAULT
======
Has a listbox on it, listbox1 and a textbox, textbox1.
When the user clicks on one of the items in the listbox, the catID
value appears in the textbox. I used this as a basic "control" test.

Now I want to pass this catID, (or, X, as above) to a stored procedure
on page DEFAULT2.

Let's call the Stored Procedure usp_test, and let's call the parameter
@catID.

The stored procedure will just be a test for now so, SELECT * FROM
tblCat WHERE catID=@catID.
I am having trouble getting the "catID" value off the default page to
the default2 page.

I'm not sure if I need a global variable or where to "store" the
parameter, and then how to "recover" the parameter and use it in the
stored procedure.

Thanks a lot for your help.

Apr 29 '06 #3
Ranginald wrote:
Ok. Sorry....

1. The problem is that I originally passed a parameter from defalt to
default2 using a query string (eg. default2.aspx?c atID=X) where X is
generated from a user selection on default. X is then used to generate
a datagrid on default2.

This works fine --- except I've read that instead of passing X to page
2 using a query string, that I should protect myself from SQL injection
attacks and pass X to a stored procedure, using parameters. I read that
I shouldn't do the default2.aspx?c atID=X because someone could just add
a "?catID=X; malicious code here".
You can't use SQL parameters to pass values between pages. You pass the
values as usual, but use parameters to protect yourself against SQL
injections. As you convert the value to an integer before putting it in
the parameter, the value can not contain any malicous SQL code.

The SQL Parameter is used when you access the database in the second page.
2. Application Overview
It's basically a master/detail product situation
.
For the code posted above, all I want to do is run a test to get the
basics working. In the test it's just a listbox on default and I want
to pass a parameter to the stored procedure on the second page, and
create a datagrid with the results.
a)take a listbox which I have populated on page default
b) and pass the parameter, catID (an integer) to page default2
c) execute a stored procedure (as listed below) with the catID as a
parameter
d) and create a datagrid with the results.

At this point I have a test page setup to figure this out:
DEFAULT
======
Has a listbox on it, listbox1 and a textbox, textbox1.
When the user clicks on one of the items in the listbox, the catID
value appears in the textbox. I used this as a basic "control" test.

Now I want to pass this catID, (or, X, as above) to a stored procedure
on page DEFAULT2.
You just pass the value as usual. Not to the stored procedure, but to
the page.
Let's call the Stored Procedure usp_test, and let's call the parameter
@catID.

The stored procedure will just be a test for now so, SELECT * FROM
tblCat WHERE catID=@catID.
I am having trouble getting the "catID" value off the default page to
the default2 page.
That is because you are trying to use an SQL parameter to pass the
value. It can't do that.
I'm not sure if I need a global variable or where to "store" the
parameter, and then how to "recover" the parameter and use it in the
stored procedure.

Thanks a lot for your help.

Apr 30 '06 #4
Thanks. I figured out. I was able to do it using a querystring
technique as well as with a session variable. I think the querystring
techinque is better -- I've read that I should be saving session
variables for things like shopping carts and userIDs and not for
passing parameters.

Thanks again for your time and help.

May 1 '06 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
1676
by: developer | last post by:
Hi All, I’m currently doing some POC testing for a new client for one of their existing applications, with the hopes of being able to migrate a lot of their existing code embedded in Excel VBA to .net C# classes. At the moment I am working at the simplest level (not getting in to Add-ins just yet) from a COM point of view. Up until now I have...
5
1880
by: Steve | last post by:
Hi, I have a class called cList as so: template<class T> class cList { // base class for Lists private: protected: vector<T> tListOf; // field list container public: void Add(const T& t) {tListOf.push_back(t);} // add new object to list unsigned int Count() { return tListOf.size(); } // number of list items
5
2302
by: Rob Ristroph | last post by:
Hi, It's pretty unhelpful to post "I have a huge piece of code that crashes in strange places, what's the problem?" but that's basically my problem and I really am at my wit's end. The piece of code in question always crashes in an STL operation such as a vector.push_back, but the location of the crash changes as I change how various...
0
8723
by: stephan | last post by:
I know that this has been beaten to death but I can't seem to resolve my issues (I have 2 of them). I have created a class that exposes a public method which returns a datatable as a datasource for a Crystal Report. The method has a single argument which represents a parameter required by the Stored Procedure. When I generate the report...
0
1670
by: stevag | last post by:
I have stored a variable ABC in a ASP.NET page and I use xsltArglist.AddParam in order to add this variable as a parameter to the binded XSLT transformation. In the associated .xslt file I use <xsl:param name="ABC"/> After declaring the parameter , I use it with <xsl:value-of select="$ABC"/> but in the resulting rendered page the value of...
4
2884
by: allanrodkin | last post by:
Hi, I'm designing a website in dreamweaver and I'm using JavaScript to slide text across the page. The text is contained in <div> tags. I have designed a function which can move two of the div tags across the screen. I use the timer to manage the movement of the text across the screen. I would like redesign that function so that it can...
10
13006
by: Janus | last post by:
Hi, Is there a way to pass arguments to the callback function used inside an addEventListener? I see that I can only list the name of the callback function. For eg, I use this: var boldLink=document.getElementById('cmtbold');
11
1742
by: Brad Pears | last post by:
I am using a function called "CreateSQLParam" which adds SQL parameters to a collection. The function is shown below... I add a parameter to a collection using the following line code... ------------------------------------------------------------------------------------ dim vcContractNo as varchar dim colParms as collection...
1
2245
by: tarunkhatri | last post by:
Hi, I want to pass the parameter of employee_id to a page. My code is working fine and passing parameter to page but the problem is rather then the current parameter. It passed the parameter which was selected in previous submit. Below is the code. <form action='manager_employee_select.php?proc_employee_id=<?php echo $_POST; ?>'...
0
8270
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
1
7856
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
8137
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
6509
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
1
5651
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
5335
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3773
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3793
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1369
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.