Hi, I'm sure this is a standard thing. I have a web form with several input
boxes/drop down lists and checkboxes. They all represent a field within a sql
table and I need the user to update the values on hitting submit. I have put
a submit button on the form and tested it with one field, so in the submit
code I opened a sql connection and did an UPDATE mytable SET fieldintable =
inputonwebform.text where customerid=x.
This worked! However, it just so happened that I changed the value in
'fieldontable'. Should I be creating an update statement for EVERY field on
my form, even though the user may only change one or two values at a time? I
know there is a OnTextChanged event handler of a text box, so i could capture
whether it has been changed or not (and then have to handle the drop
downs/checkboxes too presumbably using a different handler), but how can I
maintain a list of controls whose values have changed up until the point
where the user hits submit. Looking for the best practice to do this. dont
want to start keeping a comma seperated value in a hidden field, I find that
really messy. I am sure there is a really good way to do this as this seems
to be the power of web forms, I just need someone to tell me it!!!
Many thanks.
7  1355 
As a side note, I am not sure of your complete architecture you might want
to read the document http://www.spidynamics.com/papers/SQ...WhitePaper.pdf. If you are
sending your form field values directly into your query, then your system
can be vulnerable to attacks.
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:3A**********************************@microsof t.com... Hi, I'm sure this is a standard thing. I have a web form with several
input boxes/drop down lists and checkboxes. They all represent a field within a
sql table and I need the user to update the values on hitting submit. I have
put a submit button on the form and tested it with one field, so in the submit
code I opened a sql connection and did an UPDATE mytable SET fieldintable
= inputonwebform.text where customerid=x.
This worked! However, it just so happened that I changed the value in
'fieldontable'. Should I be creating an update statement for EVERY field
on my form, even though the user may only change one or two values at a time?
I know there is a OnTextChanged event handler of a text box, so i could
capture whether it has been changed or not (and then have to handle the drop
downs/checkboxes too presumbably using a different handler), but how can I
maintain a list of controls whose values have changed up until the point
where the user hits submit. Looking for the best practice to do this. dont
want to start keeping a comma seperated value in a hidden field, I find
that really messy. I am sure there is a really good way to do this as this
seems to be the power of web forms, I just need someone to tell me it!!!
Many thanks.
Well personally I use a different technique to update my sql database. I
just write out my sql scripts manually.
for instance:
On_Submit_Click() {
string sql = "update Customers set LoginID='" + txtLoginID.Text + "',
Password='" + txtPassword.Text "' where CustomerID=" + lblCustomerID.Text;
SqlConnection con = new SqlConnection("connection string");
SqlCommand com = new SqlCommand(sql, con);
con.Open();
com.ExecuteNonQuery();
con.close();
}
I know this style is kind of old school but to me it just seems like you can
customize your sql scripts even more and thus allow for more complicated and
userfriendly forms.
As for how this applies to your problem... it's quite simple. All fields
are always updated with one sql statement if they haven't changed they are
just set to whatever they used to be if they have changed then they are
updated.
This method should be considerably faster to execute and less processor
intensive for both your ASP.NET applicaiton and the SQL Server.
These are just my thoughts on the subject.
Cheers!
David Kyle www.chloemag.com
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:3A**********************************@microsof t.com... Hi, I'm sure this is a standard thing. I have a web form with several
input
boxes/drop down lists and checkboxes. They all represent a field within a
sql
table and I need the user to update the values on hitting submit. I have
put
a submit button on the form and tested it with one field, so in the submit
code I opened a sql connection and did an UPDATE mytable SET fieldintable
=
inputonwebform.text where customerid=x.
This worked! However, it just so happened that I changed the value in
'fieldontable'. Should I be creating an update statement for EVERY field
on
my form, even though the user may only change one or two values at a time?
I
know there is a OnTextChanged event handler of a text box, so i could
capture
whether it has been changed or not (and then have to handle the drop
downs/checkboxes too presumbably using a different handler), but how can I
maintain a list of controls whose values have changed up until the point
where the user hits submit. Looking for the best practice to do this. dont
want to start keeping a comma seperated value in a hidden field, I find
that
really messy. I am sure there is a really good way to do this as this
seems
to be the power of web forms, I just need someone to tell me it!!!
Many thanks.
404 file not found
"Peter Rilling" wrote: As a side note, I am not sure of your complete architecture you might want
to read the document
http://www.spidynamics.com/papers/SQ...WhitePaper.pdf. If you are
sending your form field values directly into your query, then your system
can be vulnerable to attacks.
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:3A**********************************@microsof t.com... Hi, I'm sure this is a standard thing. I have a web form with several
input boxes/drop down lists and checkboxes. They all represent a field within a
sql table and I need the user to update the values on hitting submit. I have
put a submit button on the form and tested it with one field, so in the submit
code I opened a sql connection and did an UPDATE mytable SET fieldintable
= inputonwebform.text where customerid=x.
This worked! However, it just so happened that I changed the value in
'fieldontable'. Should I be creating an update statement for EVERY field
on my form, even though the user may only change one or two values at a time?
I know there is a OnTextChanged event handler of a text box, so i could
capture whether it has been changed or not (and then have to handle the drop
downs/checkboxes too presumbably using a different handler), but how can I
maintain a list of controls whose values have changed up until the point
where the user hits submit. Looking for the best practice to do this. dont
want to start keeping a comma seperated value in a hidden field, I find
that really messy. I am sure there is a really good way to do this as this
seems to be the power of web forms, I just need someone to tell me it!!!
Many thanks.
I did think about just doing an update for all the fields on the form..just
seemed like overkill considering they may only change 1 in 20 field values. I
know that .net is very powerful when it comes to view state, knowing when a
control has changed value etc..therefore i wondered if there was an easy way
of checking what has changed and what hasnt. Its almost as if I need a
webcontrols collection and for each one check if the value has changed.. I'm
sure that is possible. But to be honest I have to get this done like
yesterday and just dont have the time to do the research..
"David Kyle" wrote: Well personally I use a different technique to update my sql database. I
just write out my sql scripts manually.
for instance:
On_Submit_Click() {
string sql = "update Customers set LoginID='" + txtLoginID.Text + "',
Password='" + txtPassword.Text "' where CustomerID=" + lblCustomerID.Text;
SqlConnection con = new SqlConnection("connection string");
SqlCommand com = new SqlCommand(sql, con);
con.Open();
com.ExecuteNonQuery();
con.close();
}
I know this style is kind of old school but to me it just seems like you can
customize your sql scripts even more and thus allow for more complicated and
userfriendly forms.
As for how this applies to your problem... it's quite simple. All fields
are always updated with one sql statement if they haven't changed they are
just set to whatever they used to be if they have changed then they are
updated.
This method should be considerably faster to execute and less processor
intensive for both your ASP.NET applicaiton and the SQL Server.
These are just my thoughts on the subject.
Cheers!
David Kyle
www.chloemag.com
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:3A**********************************@microsof t.com... Hi, I'm sure this is a standard thing. I have a web form with several
input
boxes/drop down lists and checkboxes. They all represent a field within a
sql
table and I need the user to update the values on hitting submit. I have
put
a submit button on the form and tested it with one field, so in the submit
code I opened a sql connection and did an UPDATE mytable SET fieldintable
=
inputonwebform.text where customerid=x.
This worked! However, it just so happened that I changed the value in
'fieldontable'. Should I be creating an update statement for EVERY field
on
my form, even though the user may only change one or two values at a time?
I
know there is a OnTextChanged event handler of a text box, so i could
capture
whether it has been changed or not (and then have to handle the drop
downs/checkboxes too presumbably using a different handler), but how can I
maintain a list of controls whose values have changed up until the point
where the user hits submit. Looking for the best practice to do this. dont
want to start keeping a comma seperated value in a hidden field, I find
that
really messy. I am sure there is a really good way to do this as this
seems
to be the power of web forms, I just need someone to tell me it!!!
Many thanks.
Please google sql injection attacks. Your app is vulnerable to them.
Sorry about the late reply. I'm currently working right now. None the less
I would still suggest that you use the method of building your own sql
strings to insert/update/delete/select data from your database. If you
think that the data might be a bit much to keep updating all of it every
time you could use the private property on the Page object called ViewState.
(Page.ViewState)
This will hold the information you want in a compressed string that is then
encrypted and held in every page as a hidden control named "__VIEWSTATE".
here's an example of how I would use it:
On_PageLoad() {
DataTable dt = new DataTable("Customers");
if (!Page.IsPostBack) {
string sql = "select LoginID, Password from Customers where CustomerID=007";
SqlConnection con = new SqlConnection("connection string");
SqlDataAdapter da = new SqlDataAdapter(sql, con);
con.Open();
da.Fill(dt)
con.Close();
txtLoginID.Text = (string)dt.Rows[0][0];
ViewState["LoginID"] = dt.Rows[0][0];
txtPassword.Text = (string)dt.Rows[0][1];
ViewState["Password"] = dt.Rows[0][1];
}
}
On_Submit_Click() {
bool execute = false;
string sql;
sql = "update Customers set ";
if (txtLoginID.Text != (string)ViewState["LoginID"]) {
sql += "LoginID='" + txtLoginID.Text +"' ";
execute = true;
}
if (txtPassword.Text != (string)ViewStat["Password"]) {
if (execute)
sql += ", ";
sql += "Password='" + txtPassword.Text + "' ";
}
....
sql += "where CustomerID=" + lblCustomerID.Text;
if (execute) {
SqlConnection con = new SqlConnection("connection string");
SqlCommand command = new SqlCommand(sql, con);
con.Open();
command.ExecuteNonQ();
con.Close();
}
}
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:71**********************************@microsof t.com... I did think about just doing an update for all the fields on the form..just
seemed like overkill considering they may only change 1 in 20 field
values. I
know that .net is very powerful when it comes to view state, knowing when
a
control has changed value etc..therefore i wondered if there was an easy
way
of checking what has changed and what hasnt. Its almost as if I need a
webcontrols collection and for each one check if the value has changed..
I'm
sure that is possible. But to be honest I have to get this done like
yesterday and just dont have the time to do the research..
"David Kyle" wrote:
Well personally I use a different technique to update my sql database. I
just write out my sql scripts manually.
for instance:
On_Submit_Click() {
string sql = "update Customers set LoginID='" + txtLoginID.Text + "',
Password='" + txtPassword.Text "' where CustomerID=" +
lblCustomerID.Text;
SqlConnection con = new SqlConnection("connection string");
SqlCommand com = new SqlCommand(sql, con);
con.Open();
com.ExecuteNonQuery();
con.close();
}
I know this style is kind of old school but to me it just seems like you
can
customize your sql scripts even more and thus allow for more complicated
and
userfriendly forms.
As for how this applies to your problem... it's quite simple. All fields
are always updated with one sql statement if they haven't changed they
are
just set to whatever they used to be if they have changed then they are
updated.
This method should be considerably faster to execute and less processor
intensive for both your ASP.NET applicaiton and the SQL Server.
These are just my thoughts on the subject.
Cheers!
David Kyle
www.chloemag.com
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:3A**********************************@microsof t.com... > Hi, I'm sure this is a standard thing. I have a web form with several
> input
> boxes/drop down lists and checkboxes. They all represent a field within
> a
> sql
> table and I need the user to update the values on hitting submit. I
> have
> put
> a submit button on the form and tested it with one field, so in the
> submit
> code I opened a sql connection and did an UPDATE mytable SET
> fieldintable
> =
> inputonwebform.text where customerid=x.
>
> This worked! However, it just so happened that I changed the value in
> 'fieldontable'. Should I be creating an update statement for EVERY
> field
> on
> my form, even though the user may only change one or two values at a
> time?
> I
> know there is a OnTextChanged event handler of a text box, so i could
> capture
> whether it has been changed or not (and then have to handle the drop
> downs/checkboxes too presumbably using a different handler), but how
> can I
> maintain a list of controls whose values have changed up until the
> point
> where the user hits submit. Looking for the best practice to do this.
> dont
> want to start keeping a comma seperated value in a hidden field, I find
> that
> really messy. I am sure there is a really good way to do this as this
> seems
> to be the power of web forms, I just need someone to tell me it!!!
>
> Many thanks.
thanks I havent read it yet but will do so in the morning. i should be at home!
"David Kyle" wrote: Sorry about the late reply. I'm currently working right now. None the less
I would still suggest that you use the method of building your own sql
strings to insert/update/delete/select data from your database. If you
think that the data might be a bit much to keep updating all of it every
time you could use the private property on the Page object called ViewState.
(Page.ViewState)
This will hold the information you want in a compressed string that is then
encrypted and held in every page as a hidden control named "__VIEWSTATE".
here's an example of how I would use it:
On_PageLoad() {
DataTable dt = new DataTable("Customers");
if (!Page.IsPostBack) {
string sql = "select LoginID, Password from Customers where CustomerID=007";
SqlConnection con = new SqlConnection("connection string");
SqlDataAdapter da = new SqlDataAdapter(sql, con);
con.Open();
da.Fill(dt)
con.Close();
txtLoginID.Text = (string)dt.Rows[0][0];
ViewState["LoginID"] = dt.Rows[0][0];
txtPassword.Text = (string)dt.Rows[0][1];
ViewState["Password"] = dt.Rows[0][1];
}
}
On_Submit_Click() {
bool execute = false;
string sql;
sql = "update Customers set ";
if (txtLoginID.Text != (string)ViewState["LoginID"]) {
sql += "LoginID='" + txtLoginID.Text +"' ";
execute = true;
}
if (txtPassword.Text != (string)ViewStat["Password"]) {
if (execute)
sql += ", ";
sql += "Password='" + txtPassword.Text + "' ";
}
....
sql += "where CustomerID=" + lblCustomerID.Text;
if (execute) {
SqlConnection con = new SqlConnection("connection string");
SqlCommand command = new SqlCommand(sql, con);
con.Open();
command.ExecuteNonQ();
con.Close();
}
}
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:71**********************************@microsof t.com...I did think about just doing an update for all the fields on the form..just
seemed like overkill considering they may only change 1 in 20 field
values. I
know that .net is very powerful when it comes to view state, knowing when
a
control has changed value etc..therefore i wondered if there was an easy
way
of checking what has changed and what hasnt. Its almost as if I need a
webcontrols collection and for each one check if the value has changed..
I'm
sure that is possible. But to be honest I have to get this done like
yesterday and just dont have the time to do the research..
"David Kyle" wrote:
Well personally I use a different technique to update my sql database. I
just write out my sql scripts manually.
for instance:
On_Submit_Click() {
string sql = "update Customers set LoginID='" + txtLoginID.Text + "',
Password='" + txtPassword.Text "' where CustomerID=" +
lblCustomerID.Text;
SqlConnection con = new SqlConnection("connection string");
SqlCommand com = new SqlCommand(sql, con);
con.Open();
com.ExecuteNonQuery();
con.close();
}
I know this style is kind of old school but to me it just seems like you
can
customize your sql scripts even more and thus allow for more complicated
and
userfriendly forms.
As for how this applies to your problem... it's quite simple. All fields
are always updated with one sql statement if they haven't changed they
are
just set to whatever they used to be if they have changed then they are
updated.
This method should be considerably faster to execute and less processor
intensive for both your ASP.NET applicaiton and the SQL Server.
These are just my thoughts on the subject.
Cheers!
David Kyle
www.chloemag.com
"louise raisbeck" <lo************@discussions.microsoft.com> wrote in
message news:3A**********************************@microsof t.com...
> Hi, I'm sure this is a standard thing. I have a web form with several
> input
> boxes/drop down lists and checkboxes. They all represent a field within
> a
> sql
> table and I need the user to update the values on hitting submit. I
> have
> put
> a submit button on the form and tested it with one field, so in the
> submit
> code I opened a sql connection and did an UPDATE mytable SET
> fieldintable
> =
> inputonwebform.text where customerid=x.
>
> This worked! However, it just so happened that I changed the value in
> 'fieldontable'. Should I be creating an update statement for EVERY
> field
> on
> my form, even though the user may only change one or two values at a
> time?
> I
> know there is a OnTextChanged event handler of a text box, so i could
> capture
> whether it has been changed or not (and then have to handle the drop
> downs/checkboxes too presumbably using a different handler), but how
> can I
> maintain a list of controls whose values have changed up until the
> point
> where the user hits submit. Looking for the best practice to do this.
> dont
> want to start keeping a comma seperated value in a hidden field, I find
> that
> really messy. I am sure there is a really good way to do this as this
> seems
> to be the power of web forms, I just need someone to tell me it!!!
>
> Many thanks.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: David MacQuigg |
last post by:
Playing with Prothon today, I am fascinated by the idea of eliminating
classes in Python. I'm trying to figure out what fundamental benefit
there is to having classes. Is all this complexity...
|
by: Jonathan M. Rose |
last post by:
I am looking for a script that I can sit on an HTML server (Linux,
Apache, PHP/Perl/Python/Etc.) that will allow me to do the following things:
1) Post news articles that consists of (i) a title...
|
by: Davinder |
last post by:
can anyone recommend a good tool to convert documents to HTML on the
fly. I need to integrate this tool with a VB app so it must have an
API.
thanks in advance
Davinder
davinder@gujral.co.uk
|
by: * ProteanThread * |
last post by:
but depends upon the clique:
...
|
by: Brett Baisley |
last post by:
Hello,
I am trying to figure out how to change the default font-family and
font-size. I tried adding this to the BODY section, but it didn't work. I
tried to the P section, but they are not...
|
by: Philip Herlihy |
last post by:
I'm creating a common navigation bar of text "buttons" using CSS. On each
page, I want the corresponding button to be "inert" (no hover, etc) as a
visual clue to where you are.
I thought I'd...
|
by: Roger Walter |
last post by:
I have a .Net web page that is posting twice after the
submit button is clicked once. How can that happen? I
have turned tracing on and it writes two records to the
trace log and posts twice. ...
|
by: m |
last post by:
Hi All,
I m extremely sorry if this is the wrong place to post it but i just need
some info on the MS Posting Acceptor.
1) Is MS Posting Acceptor available with IIS5.0 and above.
2)If so where...
|
by: Bruce Wood |
last post by:
This subject has come up several times in this group over the last
year. Several people in this group seem to feel strongly about this
topic. Rather than derail other threads with this discussion,...
|
by: Alan T |
last post by:
I am not sure which way to go:
Want to learn C# but C# is implemented both in Windows desktop application
and ASP.NET. I am not familiar with web programming, should I start with
Windows app or...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
