Hi,
I am working in Asp.Net 2.0, SQL Server, C#.
I am trying to create a User Input form which has lots of fields such as :
salutation;
Firstname:
lastname:
address:
Zip:
Phone:
Industry:
and many more. i want to validate user input and than it should save into sql server 2005 and additionally if am being able to send email also that will be great. could you please lead me toward a article or tutorial which can guide me through this process. This is gonna be first time that I am creating a huge form, before this i have created a small forms by using sqldatasource and formview of asp.net 2.0. any help will be appreciated.
Thank You
29 2501
Hi,
I am working in Asp.Net 2.0, SQL Server, C#.
I am trying to create a User Input form which has lots of fields such as :
salutation;
Firstname:
lastname:
address:
Zip:
Phone:
Industry:
and many more. i want to validate user input and than it should save into sql server 2005 and additionally if am being able to send email also that will be great. could you please lead me toward a article or tutorial which can guide me through this process. This is gonna be first time that I am creating a huge form, before this i have created a small forms by using sqldatasource and formview of asp.net 2.0. any help will be appreciated.
Thank You
You could search Google or another search engine for C# validate user input and you should get some examples. Just think about designing your page in pieces. Start with basic information like first name and last name then test your validation. To insert the data into a database you will need some insert stored procedures. Your stored procedure will most likely have a parameter for every field on the page.
Good Luck
Nathan
Hi,
I am working in Asp.Net 2.0, SQL Server, C#.
I am trying to create a User Input form which has lots of fields such as :
salutation;
Firstname:
lastname:
address:
Zip:
Phone:
Industry:
and many more. i want to validate user input and than it should save into sql server 2005 and additionally if am being able to send email also that will be great. could you please lead me toward a article or tutorial which can guide me through this process. This is gonna be first time that I am creating a huge form, before this i have created a small forms by using sqldatasource and formview of asp.net 2.0. any help will be appreciated.
Thank You
I will be happy to walk you through the process if you like. First step should be to create the HTML (or at least a working portion of it).
You will need <asp:Label>'s and <asp:TextBox>'s for the fields. I would use a standard naming convention, so for instance the label for the first name would be something like lblFirstName and its corresponding TextBox would be txtFirstName.
Once that is done, you will need validators to make sure the input is valid. Everything but the Phone and Zip will just use have the RequiredFieldValidators. For the Phone and Zip textbox's, use RegularExpressionValidators. There are a few prebuilt expressions in VS 2005, and luckily there are ones for US Phone and US Zip Code. Use those with the corresponding Textboxes.
When you are done with all this, I will help you with the next step.
EDIT:
If you want links to sites, here are some: Information about INSERT statements for SQL Information about sending email through ASP .NET
Thank You TRScheel. as soon as finish this i'll back to seek help.
Hi, Here are fields which I have created. Reason behind pasting this is to show you that how it looks so far? Please guide me for the next step and feel free to suggest in following html
Nicely done, I just tested your site, and it looks functional.
A few notes on the HTML: - Use clarifiers for your IDs (ex, textbox id's are always prefixed with txt, dropdownlists with ddl, checkboxes with chk, etc)
- Instead of <b> </b> use labels (and dont forget the above point when naming them) with css styling
- I normally have validators have their initials as their definer, and then carry the same suffix as the object they are validating (ex, if the regular expression validator was validating txtPhone, then the validator would be named revPhone)
Those are all styling points, up to you whether you want to put them into your code.
This SHOULD be done though:
Go back through all your input fields and put a maximum character amount. This is so when you create your sql table, you know the maximum size you will be passing to it. Its not needed, as you can use variable sized inputs, but it will help.
Onto the code. Now that you have what can be referenced as pseudo code, create a User class that has all these properties. Here are a few pointers with that class: - Private variables, public properties (stylistic, but it also lets you change the implementation later without breaking code everywhere)
- Include two enums for the interested in and where did you hear about us ( sample code included at the end of this post )
- Include a function to return SqlParamter[] and call it something like GetSqlParameters. For now just have it return null. We will fill in that function later when we pass this information to your sql statement.
- Everything but the zip code will probably be a string and the zip code will probably be an int, although you can have that be a string as well.
- Make sure to include a variable (string) for Other in case they select that option
Now the enum code. You have two distinct opportunities for the enums. One that only allows one value, another that the user can select multiple options. If you want to have one enum that can have multiple options, make each value in the enum a iterator of 2 ^ x (1, 2, 4, 8, 16, 32, 64, 128, etc). Examples of the enums are as such: -
public enum InterestedIn
-
{
-
Training = 1,
-
Activity = 2,
-
Learning = 4
-
}
-
-
public enum ReferredFrom
-
{
-
Email,
-
DirectMail,
-
Referral,
-
Publication,
-
Tradeshow,
-
WebsiteLink,
-
Internet
-
}
-
hi,
thank you for your feedback and help. From the HTML point of view I understood everything but didn't understand anything regards to next step. I guess its little higher level for me. Could you please explain in more detail. By User class do you mean adding new class to existing project? Are you trying to lead me to multi-tier architecture? I am kind of confused.
Thank You.
hi,
thank you for your feedback and help. From the HTML point of view I understood everything but didn't understand anything regards to next step. I guess its little higher level for me. Could you please explain in more detail. By User class do you mean adding new class to existing project? Are you trying to lead me to multi-tier architecture? I am kind of confused.
Thank You.
If this is done in Visual Studio, right click your solution and add file (like you would a web page). Select the class object. Name it something like User, and it should auto fill everything.
I may ask you if you want to create an App_Data folder, do so if it does. If it doesnt, no worries.
It should auto create a file that looks similiar to: -
using System;
-
using System.Data;
-
using System.Configuration;
-
using System.Web;
-
using System.Web.Security;
-
using System.Web.UI;
-
using System.Web.UI.WebControls;
-
using System.Web.UI.WebControls.WebParts;
-
using System.Web.UI.HtmlControls;
-
-
/// <summary>
-
/// Summary description for User
-
/// </summary>
-
public class User
-
{
-
public User()
-
{
-
//
-
// TODO: Add constructor logic here
-
//
-
}
-
}
-
I am assuming here that you are using C#. If it is VB .Net, tell me and I will change the code.
Anyways, from within that above code snippet, you would add variables and it would start to look similiar to: -
public class User
-
{
-
private string _FirstName, _LastName, _Address;
-
-
public string Address
-
{
-
get { return _Address; }
-
set { _Address = value; }
-
}
-
-
public string LastName
-
{
-
get { return _LastName; }
-
set { _LastName = value; }
-
}
-
-
public string FirstName
-
{
-
get { return _FirstName; }
-
set { _FirstName = value; }
-
}
-
-
public User()
-
{
-
//
-
// TODO: Add constructor logic here
-
//
-
}
-
}
-
**NOTE** If you are unfamiliar with C#, tell me so I will take a few steps back and explain some C# for you.
Also, if you need C# help, tell me roughly what you do know so I dont go over old information.
Hi,
Thanks again. actually I am new to Asp.net C#, its been few months only. Here is a User.cs file -
-
using System;
-
using System.Data;
-
using System.Configuration;
-
using System.Web;
-
using System.Web.Security;
-
using System.Web.UI;
-
using System.Web.UI.WebControls;
-
using System.Web.UI.WebControls.WebParts;
-
using System.Web.UI.HtmlControls;
-
-
/// <summary>
-
/// Summary description for User
-
/// </summary>
-
public class User
-
{
-
private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
-
-
public User() { }
-
-
public string FirstName
-
{
-
get { return _FirstName; }
-
set { _FirstName = value; }
-
}
-
-
public string LastName
-
{
-
get { return _LastName; }
-
set { _LastName = value; }
-
}
-
-
public string Title
-
{
-
-
get { return _Title; }
-
set { _Title = value; }
-
}
-
public string Email
-
{
-
get { return _Email; }
-
set { _Email = value; }
-
-
}
-
public string Phone
-
{
-
-
get { return _Phone; }
-
set { _Phone = value; }
-
}
-
public string Company
-
{
-
-
get { return _Company; }
-
set { _Company = value; }
-
}
-
public string Address
-
{
-
get { return _Address; }
-
set { _Address = value; }
-
}
-
-
public string City
-
{
-
-
get { return _City; }
-
set { _City = value; }
-
-
}
-
-
public string State
-
{
-
-
get { return _State; }
-
set { _State = value; }
-
}
-
-
public int Zip
-
{
-
-
get { return _Zip; }
-
set { _Zip = value; }
-
}
-
-
public string Country
-
{
-
-
get { return _Country; }
-
set { _Country = value; }
-
}
-
-
public string Other
-
{
-
-
get { return _Other; }
-
set { _Other = value; }
-
}
-
-
public enum InterestedIn
-
{
-
Training = 1,
-
Activity = 2,
-
Learning = 4
-
}
-
-
public enum ReferredFrom
-
{
-
Email,
-
DirectMail,
-
Referral,
-
Publication,
-
Tradeshow,
-
WebsiteLink,
-
Internet
-
}
-
-
public User_Input SQLGetParameters()
-
{
-
SqlParameter[] aspParams = new SqlParameter[0];
-
-
}
-
-
}
-
I am not sure whether its correct, have a look at it and let me know wat should be done next. appreciate your efforts.
You've defined the enums, but you have no instances of them within the class, Make sure to have that.
Also the SqlParameters function should return an array of SqlParamter (or, SqlParamter[])
I hope this is correct as far as enums are concerned but still i am unable to grasp SQLParameter part. Could you please show that to me and verify this too.
Thanks for being patient and helping me toward this. -
using System;
-
using System.Data;
-
using System.Configuration;
-
using System.Web;
-
using System.Web.Security;
-
using System.Web.UI;
-
using System.Web.UI.WebControls;
-
using System.Web.UI.WebControls.WebParts;
-
using System.Web.UI.HtmlControls;
-
-
/// <summary>
-
/// Summary description for User
-
/// </summary>
-
public class User
-
{
-
private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
-
-
public User() { }
-
-
public string FirstName
-
{
-
get { return _FirstName; }
-
set { _FirstName = value; }
-
}
-
-
public string LastName
-
{
-
get { return _LastName; }
-
set { _LastName = value; }
-
}
-
-
public string Title
-
{
-
-
get { return _Title; }
-
set { _Title = value; }
-
}
-
public string Email
-
{
-
get { return _Email; }
-
set { _Email = value; }
-
-
}
-
public string Phone
-
{
-
-
get { return _Phone; }
-
set { _Phone = value; }
-
}
-
public string Company
-
{
-
-
get { return _Company; }
-
set { _Company = value; }
-
}
-
public string Address
-
{
-
get { return _Address; }
-
set { _Address = value; }
-
}
-
-
public string City
-
{
-
-
get { return _City; }
-
set { _City = value; }
-
-
}
-
-
public string State
-
{
-
-
get { return _State; }
-
set { _State = value; }
-
}
-
-
public string Zip
-
{
-
-
get { return _Zip; }
-
set { _Zip = value; }
-
}
-
-
public string Country
-
{
-
-
get { return _Country; }
-
set { _Country = value; }
-
}
-
-
public string Other
-
{
-
-
get { return _Other; }
-
set { _Other = value; }
-
}
-
-
public enum InterestedIn
-
{
-
Training = 1,
-
Activity = 2,
-
Learning = 4
-
}
-
private InterestedIn Inti = InterestedIn.Training;
-
private string myinterest = string.Empty;
-
-
public string finterest
-
{
-
get { return this.myinterest; }
-
set { this.myinterest = (string)value; }
-
}
-
-
public InterestedIn interesttype
-
{
-
get { return this.Inti; }
-
set { this.Inti = (myinterest)value; }
-
}
-
-
public enum ReferredFrom
-
{
-
Email,
-
DirectMail,
-
Referral,
-
Publication,
-
Tradeshow,
-
WebsiteLink,
-
Internet
-
}
-
-
private ReferredFrom RF = ReferredFrom.Email;
-
private string refer = string.Empty;
-
-
public string ReferredMedia
-
{
-
get { return this.refer; }
-
set { this.refer = (string)value; }
-
}
-
-
public ReferredFrom refertype
-
{
-
get { return this.RF; }
-
set { this.RF = refer)value; }
-
}
-
-
-
}
Ok, some changes should be made just to make it easier to read. First off, put all your private variables and public enum declarations at the top of the class. Then, you should have one instance of the two enums, as shown below. I wasnt exactly sure what you were going with for the string versions of them, but if you take ReferredFrom.Internet.ToString() it will return 'Internet'. If you want to have public versions of those enums so you dont need to add .ToString() to it, go for it, but thats how to get it.
Now onto that SQLParameter function. The start of it is included at the end. Take a look and see if you understand what is going on.
Now here is some styling information. Why a function for the sql parameters instead of a read only property? Well, technically, its not returning a private variable. It is actually doing work, then returning that value. The reason we used properties before is so that if we changed how LastName worked, for instance, we only had to change it in the User class. We want the end user to realize that by calling GetSqlParameters() it will do work, not just expose a variable to them. Others will have different opinions on the matter, and in my opinion, there is no right or wrong way, I just attempt to remain consistent in my work and I suggest you try to retain a consistency in your work. It will help you and others that use your work.
When you are done and have no further questions about this portion, I will help you move onto the next step. -
using System;
-
using System.Data;
-
using System.Configuration;
-
using System.Web;
-
using System.Web.Security;
-
using System.Web.UI;
-
using System.Web.UI.WebControls;
-
using System.Web.UI.WebControls.WebParts;
-
using System.Web.UI.HtmlControls;
-
using System.Data.SqlClient;
-
using System.Collections.Generic;
-
-
/// <summary>
-
/// Summary description for User
-
/// </summary>
-
public class User
-
{
-
public enum InterestedIn
-
{
-
Training = 1,
-
Activity = 2,
-
Learning = 4
-
}
-
-
public enum ReferredFrom
-
{
-
Email,
-
DirectMail,
-
Referral,
-
Publication,
-
Tradeshow,
-
WebsiteLink,
-
Internet
-
}
-
-
-
private ReferredFrom _ReferredFrom;
-
private InterestedIn _InterestedIn;
-
private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
-
-
public User() { }
-
-
public ReferredFrom UserReferredFrom
-
{
-
get { return _ReferredFrom; }
-
set { _ReferredFrom = value; }
-
}
-
-
public InterestedIn UserInterestedIn
-
{
-
get { return _InterestedIn; }
-
set { _InterestedIn = value; }
-
}
-
-
public string FirstName
-
{
-
get { return _FirstName; }
-
set { _FirstName = value; }
-
}
-
-
public string LastName
-
{
-
get { return _LastName; }
-
set { _LastName = value; }
-
}
-
-
public string Title
-
{
-
get { return _Title; }
-
set { _Title = value; }
-
}
-
public string Email
-
{
-
get { return _Email; }
-
set { _Email = value; }
-
-
}
-
public string Phone
-
{
-
get { return _Phone; }
-
set { _Phone = value; }
-
}
-
public string Company
-
{
-
get { return _Company; }
-
set { _Company = value; }
-
}
-
public string Address
-
{
-
get { return _Address; }
-
set { _Address = value; }
-
}
-
-
public string City
-
{
-
get { return _City; }
-
set { _City = value; }
-
}
-
-
public string State
-
{
-
get { return _State; }
-
set { _State = value; }
-
}
-
-
public string Zip
-
{
-
get { return _Zip; }
-
set { _Zip = value; }
-
}
-
-
public string Country
-
{
-
get { return _Country; }
-
set { _Country = value; }
-
}
-
-
public string Other
-
{
-
get { return _Other; }
-
set { _Other = value; }
-
}
-
-
public SqlParameter[] GetSqlParameters()
-
{
-
List<SqlParameter> SqlParameters = new List<SqlParameter>();
-
-
SqlParameters.Add(new SqlParameter("FirstName", this.FirstName));
-
SqlParameters.Add(new SqlParameter("LastName", this.LastName));
-
//... continue through the entire class
-
-
return SqlParameters.ToArray();
-
}
-
}
-
Thank You for being so patient with me. Here it is -
using System;
-
using System.Data;
-
using System.Configuration;
-
using System.Web;
-
using System.Web.Security;
-
using System.Web.UI;
-
using System.Web.UI.WebControls;
-
using System.Web.UI.WebControls.WebParts;
-
using System.Web.UI.HtmlControls;
-
using System.Data.SqlClient;
-
using System.Collections.Generic;
-
-
/// <summary>
-
/// Summary description for User
-
/// </summary>
-
public class User
-
{
-
public enum InterestedIn
-
{
-
Training = 1,
-
Activity = 2,
-
Learning = 4
-
}
-
-
public enum ReferredFrom
-
{
-
Email,
-
DirectMail,
-
Referral,
-
Publication,
-
Tradeshow,
-
WebsiteLink,
-
Internet
-
}
-
-
-
private ReferredFrom _ReferredFrom;
-
private InterestedIn _InterestedIn;
-
private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
-
-
public User() { }
-
-
public ReferredFrom UserReferredFrom
-
{
-
get { return _ReferredFrom; }
-
set { _ReferredFrom = value; }
-
}
-
-
public InterestedIn UserInterestedIn
-
{
-
get { return _InterestedIn; }
-
set { _InterestedIn = value; }
-
}
-
-
public string FirstName
-
{
-
get { return _FirstName; }
-
set { _FirstName = value; }
-
}
-
-
public string LastName
-
{
-
get { return _LastName; }
-
set { _LastName = value; }
-
}
-
-
public string Title
-
{
-
get { return _Title; }
-
set { _Title = value; }
-
}
-
public string Email
-
{
-
get { return _Email; }
-
set { _Email = value; }
-
-
}
-
public string Phone
-
{
-
get { return _Phone; }
-
set { _Phone = value; }
-
}
-
public string Company
-
{
-
get { return _Company; }
-
set { _Company = value; }
-
}
-
public string Address
-
{
-
get { return _Address; }
-
set { _Address = value; }
-
}
-
-
public string City
-
{
-
get { return _City; }
-
set { _City = value; }
-
}
-
-
public string State
-
{
-
get { return _State; }
-
set { _State = value; }
-
}
-
-
public string Zip
-
{
-
get { return _Zip; }
-
set { _Zip = value; }
-
}
-
-
public string Country
-
{
-
get { return _Country; }
-
set { _Country = value; }
-
}
-
-
public string Other
-
{
-
get { return _Other; }
-
set { _Other = value; }
-
}
-
-
public SqlParameter[] GetSqlParameters()
-
{
-
List<SqlParameter> SqlParameters = new List<SqlParameter>();
-
-
SqlParameters.Add(new SqlParameter("FirstName", this.FirstName));
-
SqlParameters.Add(new SqlParameter("LastName", this.LastName));
-
SqlParameters.Add(new SqlParameter("Title", this.Title));
-
SqlParameters.Add(new SqlParameter("Email", this.Email));
-
SqlParameters.Add(new SqlParameter("Phone", this.Phone));
-
SqlParameters.Add(new SqlParameter("Company", this.Company));
-
SqlParameters.Add(new SqlParameter("Address", this.Address));
-
SqlParameters.Add(new SqlParameter("City", this.City));
-
SqlParameters.Add(new SqlParameter("State", this.State));
-
SqlParameters.Add(new SqlParameter("Zip", this.Zip));
-
SqlParameters.Add(new SqlParameter("Country", this.Country));
-
SqlParameters.Add(new SqlParameter("Other", this.Other));
-
SqlParameters.Add(new SqlParameter("Zip", this.Zip));
-
SqlParameters.Add(new SqlParameter("UserReferedFrom", this.UserReferredFrom));
-
SqlParameters.Add(new SqlParameter("UserInterestedIn", this.UserInterestedIn));
-
-
-
return SqlParameters.ToArray();
-
}
-
}
Ok, now for some SQL fun. Do you have some background knowledge of SQL or would you like me to start from the beginning?
I guess I am ok with SQL, have done in past.
I guess I am ok with SQL, have done in past.
Ok, and you have full access to the server you are using? IE, can create tables, stored procedures, etc? Also, are you allowed a GUI to do it with, or will you be doing this through script?
Hi,
Yes i have a access to my Server. Do you mean by creating tables and Stored procedures via script or using GUI, then i can go either way. I am using Sql server 2005.
Thank You
I just read through this wonderful thread and wanted to point out that you have only done client side validation.
Please be aware that some users know how to get around this form of validation and can pass malicious code into your form.
I strongly recommend you write the C# server side code that checks each of your User class's properties before you store any information into your database...check for things like data length as well as data validity.
Also I would check every property for any SQL code that may damage your database. Screen each property for things like DROP, SELECT, INSERT, UPDATE, DELETE or TRUNCATE before you insert anything. This will prevent anything from happening in the future if a piece of code blindly uses the information stored in the database and accidentally executes something devastating. Just be aware that these words can be valid input...eg: "Select Foods" could be a valid name.
Here is a quick little bit of code (sorry it's in VB.NET) that will strip a string of these potentially harmful SQL commands: -
Private Shared Function CommentHarmfulSQLCommands(ByVal str As String) As String
-
'Function Description: adding "--" to the front of SQL commands comments them out. Check every part of the string looking for: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, DROP which are potentially harmful SQL Commands.
-
'Parameters:
-
' str: the string which we are sanitizing.
-
'Return Value:
-
' The string with all harmful SQL commands commented out
-
-
Dim peicesOfTheString() As String
-
Dim newStr As New StringBuilder
-
-
peicesOfTheString= str.Split(" "c)
-
For Each s As String In peicesOfTheString
-
If String.Compare(s, "select", True) = 0 OrElse String.Compare(s, "insert", True) = 0 OrElse _
-
String.Compare(s, "update", True) = 0 OrElse String.Compare(s, "delete", True) = 0 OrElse _
-
String.Compare(s, "truncate", True) = 0 OrElse String.Compare(s, "drop", True) = 0 Then
-
newStr.Append("--")
-
End If
-
newStr.Append(s)
-
newStr.Append(" ")
-
Next
-
Return newStr.ToString()
-
End Function
-
Cheers!
-Frinny
I just read through this wonderful thread and wanted to point out that you have only done client side validation.
Please be aware that some users know how to get around this form of validation and can pass malicious code into your form
....
Cheers!
-Frinny
Oh frinny, always looking out for us. I was planning on getting to that, after we had the functionality. But valid point nonetheless.
Hi,
Yes i have a access to my Server. Do you mean by creating tables and Stored procedures via script or using GUI, then i can go either way. I am using Sql server 2005.
Thank You
Oh excellent. That should make this all easier.
Well now make a table that accurately portrays the user class you created (I would also include a userID of some sort, if you do though, be sure to add that as a readonly property to your user class with a corresponding variable).
Hello,
Please check the stored proccedure below for creating a Table. I have added UserId(not null, auto increament). Let me know if its correct (especially data types). After that i have added UserId read only property and Sqlparameter for that in User Class. -
USE [KA]
-
GO
-
/****** Object: Table [dbo].[UserInput] Script Date: 06/21/2007 10:02:59 ******/
-
SET ANSI_NULLS ON
-
GO
-
SET QUOTED_IDENTIFIER ON
-
GO
-
SET ANSI_PADDING ON
-
GO
-
CREATE TABLE [dbo].[UserInput](
-
[UserId] [int] IDENTITY(1,1) NOT NULL,
-
[FirstName] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[LastName] [varbinary](max) NOT NULL,
-
[Title] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
-
[email] [varchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[Phone] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[Company] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[Address] [varchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[City] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[State] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
-
[Zip] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[Country] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
-
[Other] [varchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
-
[UserReferedFrom] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
-
[InterestedIn] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL
-
) ON [PRIMARY]
-
-
GO
-
SET ANSI_PADDING OFF
-
-
using System;
-
using System.Data;
-
using System.Configuration;
-
using System.Web;
-
using System.Web.Security;
-
using System.Web.UI;
-
using System.Web.UI.WebControls;
-
using System.Web.UI.WebControls.WebParts;
-
using System.Web.UI.HtmlControls;
-
using System.Data.SqlClient;
-
using System.Collections.Generic;
-
-
/// <summary>
-
/// Summary description for User
-
/// </summary>
-
public class User
-
{
-
public enum InterestedIn
-
{
-
Training = 1,
-
Activity = 2,
-
Learning = 4
-
}
-
-
public enum ReferredFrom
-
{
-
Email,
-
DirectMail,
-
Referral,
-
Publication,
-
Tradeshow,
-
WebsiteLink,
-
Internet
-
}
-
-
private int _UserId;
-
private ReferredFrom _ReferredFrom;
-
private InterestedIn _InterestedIn;
-
private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
-
-
public User() { }
-
-
public int UserId
-
{
-
get { return _UserId; }
-
}
-
-
public ReferredFrom UserReferredFrom
-
{
-
get { return _ReferredFrom; }
-
set { _ReferredFrom = value; }
-
}
-
-
public InterestedIn UserInterestedIn
-
{
-
get { return _InterestedIn; }
-
set { _InterestedIn = value; }
-
}
-
-
public string FirstName
-
{
-
get { return _FirstName; }
-
set { _FirstName = value; }
-
}
-
-
public string LastName
-
{
-
get { return _LastName; }
-
set { _LastName = value; }
-
}
-
-
public string Title
-
{
-
get { return _Title; }
-
set { _Title = value; }
-
}
-
public string Email
-
{
-
get { return _Email; }
-
set { _Email = value; }
-
-
}
-
public string Phone
-
{
-
get { return _Phone; }
-
set { _Phone = value; }
-
}
-
public string Company
-
{
-
get { return _Company; }
-
set { _Company = value; }
-
}
-
public string Address
-
{
-
get { return _Address; }
-
set { _Address = value; }
-
}
-
-
public string City
-
{
-
get { return _City; }
-
set { _City = value; }
-
}
-
-
public string State
-
{
-
get { return _State; }
-
set { _State = value; }
-
}
-
-
public string Zip
-
{
-
get { return _Zip; }
-
set { _Zip = value; }
-
}
-
-
public string Country
-
{
-
get { return _Country; }
-
set { _Country = value; }
-
}
-
-
public string Other
-
{
-
get { return _Other; }
-
set { _Other = value; }
-
}
-
-
public SqlParameter[] GetSqlParameters()
-
{
-
List<SqlParameter> SqlParameters = new List<SqlParameter>();
-
-
SqlParameters.Add(new SqlParameter("UserId", this.UserId));
-
SqlParameters.Add(new SqlParameter("FirstName", this.FirstName));
-
SqlParameters.Add(new SqlParameter("LastName", this.LastName));
-
SqlParameters.Add(new SqlParameter("Title", this.Title));
-
SqlParameters.Add(new SqlParameter("Email", this.Email));
-
SqlParameters.Add(new SqlParameter("Phone", this.Phone));
-
SqlParameters.Add(new SqlParameter("Company", this.Company));
-
SqlParameters.Add(new SqlParameter("Address", this.Address));
-
SqlParameters.Add(new SqlParameter("City", this.City));
-
SqlParameters.Add(new SqlParameter("State", this.State));
-
SqlParameters.Add(new SqlParameter("Zip", this.Zip));
-
SqlParameters.Add(new SqlParameter("Country", this.Country));
-
SqlParameters.Add(new SqlParameter("Other", this.Other));
-
SqlParameters.Add(new SqlParameter("UserReferedFrom", this.UserReferredFrom));
-
SqlParameters.Add(new SqlParameter("UserInterestedIn", this.UserInterestedIn));
-
-
-
return SqlParameters.ToArray();
-
}
-
}
Hi Parshupooja,
Could you possibly mark what is code by using the [code] tags.
Since you're working with mainly C# I suggest using [code=cpp].
So you'll do something like [code=cpp]...your code [ /code].
It will just make things more legible.
Thanks :)
-Frinny
Hello,
Please check the stored proccedure below for creating a Table. I have added UserId(not null, auto increament). Let me know if its correct (especially data types). After that i have added UserId read only property and Sqlparameter for that in User Class.
Excellent job. Your sql code looks good, although its fairly easy for to miss script errors (I do it all the time).
You want to take out the UserID from the C# code in the Parameters function. We arent going to tell the table what its user ID is, it will just be assigned one when you register the user. The reason we have a readonly value in the user class is so that when you load a user, you can reference it by its user ID in the future (but we dont want some external class being able to change it).
I WOULD though, create a function that returns ONLY the UserID sql parameter in the C# code, but that can be saved for later when you will use the class to update portions of the user information.
Now we travel back to the HTML. Make sure that all those limits you set in your SQL script are coded into the HTML. An example would be to make sure that a user cannot put more then 50 characters for his first name, 255 for his address, etc.
Once done with that, you will make a stored procedure. I assume you know how to do this? If so, create one that will take all those parameters you used in the C# parameters function and inserts it into a new row into your table.
After all that, come back here and I will walk you through some C# sql coding so that you can call that procedure from the code.
Frinny,
I will do so. Please pardon me since I am a novice member
Hi Parshupooja,
Could you possibly mark what is code by using the [code] tags.
Since you're working with mainly C# I suggest using [code=cpp].
So you'll do something like [code=cpp]...your code [ /code].
It will just make things more legible.
Thanks :)
-Frinny
Frinny,
I will do so. Please pardon me since I am a novice member
Everyone has to start somewhere :)
Hello,
Here is a Insert Stored Procedure, -
-
set ANSI_NULLS ON
-
set QUOTED_IDENTIFIER ON
-
go
-
-
CREATE procedure UserInputInsert
-
-
@iFirstName varchar(50),
-
@iLastName varchar(50),
-
@iTitle varchar(50),
-
@iEmail varchar(50),
-
@iPhone varchar(50),
-
@iCompany varchar(50),
-
@iAddress varchar(255),
-
@iCity varchar(50),
-
@iState varchar(2),
-
@iZip varchar(5),
-
@iCountry varchar(50),
-
@iOther varchar(50),
-
@iUserReferedFrom varchar(50),
-
@iInterestedIn varchar(50)
-
-
-
as set nocount on;
-
-
-
insert into UserInput(FirstName,
-
LastName,
-
Title,
-
Email,
-
Phone,
-
Company,
-
Address,
-
City,
-
State,
-
Zip,
-
Country,
-
Other,
-
UserReferedFrom,
-
InterestedIn )
-
-
values ( @iFirstName,
-
@iLastName,
-
@iTitle,
-
@iEmail,
-
@iPhone,
-
@iCompany,
-
@iAddress,
-
@iCity,
-
@iState,
-
@iZip,
-
@iCountry,
-
@iOther,
-
@iUserReferedFrom,
-
@iInterestedIn)
-
and here is modified HTML, I have tried using naming convention sugguested by you and label instead of <b>
Let me know how it looks and what needs to be done next
Thanks
You need to change one of two things, either add 'i' in front of your sqlparameters in c#, or take out the 'i's from the stored procedure.
Onto moving forward. Everything looks good, so we can begin the C# code. I prefer to move my sql code away from everything else, and place it into its own static class, but you can do it however you like. Some people believe that the sql code for updating a user, for instance, should reside within the user class. My belief is that the user class should have the capabilities of returning the information, but how it does it is pushed to another class so that a third class can use the same methodology. Up to you!
Well to the code. You will be using SqlConnection, SqlCommand, and IAsyncResult amongst other things. First you will define your SqlConnection, then your SqlCommand from your SqlConnection, and finally push the insert.
Psuedo code: -
SqlConnection connection = null;
-
SqlCommand command = null;
-
IAsyncResult ar = null;
-
-
using(connection = new SqlConnection(....))
-
{
-
using(command = new SqlCommand(<STORED_PROCEDURE_NAME>, connection))
-
{
-
/* Define within here the command type (stored procedure), add the parameters to command, and finally define any return values (you probably wont use any for this insert, unless you want to return the UserID).
-
-
Once done with that, open the connection, I suggest creating a sqltransaction variable and initialize that to the begintransaction call, and set the command's transaction to that variable.
-
-
Now you can start the insert. This can be done with calling BeginExecuteNonQuery and setting the return result to ar. Tell ar to wait one, and then call EndExecuteNonQuery. Finally, have transaction.commit called so that its set.
-
-
All this is barring any error catching. You should probably encompass all BUT the variable declarations in a try / catch block that closes and disposes of all the objects that are not null, and if the catch was raised to set the transaction to rollback IF its not null.
-
-
Finally, make sure that everything is closed up and disposed of EVEN if everything went well. This would be a good place for a finally block after the try / catch.
-
*/
-
}
-
}
-
I removed i from stored procedure.I didn't understand coding part. Could you please explaing in detail.
I will go your way, adding new class for sql. Let me know how to create a static class.
Thank You,
You need to change one of two things, either add 'i' in front of your sqlparameters in c#, or take out the 'i's from the stored procedure.
Onto moving forward. Everything looks good, so we can begin the C# code. I prefer to move my sql code away from everything else, and place it into its own static class, but you can do it however you like. Some people believe that the sql code for updating a user, for instance, should reside within the user class. My belief is that the user class should have the capabilities of returning the information, but how it does it is pushed to another class so that a third class can use the same methodology. Up to you!
Well to the code. You will be using SqlConnection, SqlCommand, and IAsyncResult amongst other things. First you will define your SqlConnection, then your SqlCommand from your SqlConnection, and finally push the insert.
Psuedo code: -
SqlConnection connection = null;
-
SqlCommand command = null;
-
IAsyncResult ar = null;
-
-
using(connection = new SqlConnection(....))
-
{
-
using(command = new SqlCommand(<STORED_PROCEDURE_NAME>, connection))
-
{
-
/* Define within here the command type (stored procedure), add the parameters to command, and finally define any return values (you probably wont use any for this insert, unless you want to return the UserID).
-
-
Once done with that, open the connection, I suggest creating a sqltransaction variable and initialize that to the begintransaction call, and set the command's transaction to that variable.
-
-
Now you can start the insert. This can be done with calling BeginExecuteNonQuery and setting the return result to ar. Tell ar to wait one, and then call EndExecuteNonQuery. Finally, have transaction.commit called so that its set.
-
-
All this is barring any error catching. You should probably encompass all BUT the variable declarations in a try / catch block that closes and disposes of all the objects that are not null, and if the catch was raised to set the transaction to rollback IF its not null.
-
-
Finally, make sure that everything is closed up and disposed of EVEN if everything went well. This would be a good place for a finally block after the try / catch.
-
*/
-
}
-
}
-
I removed i from stored procedure.I didn't understand coding part. Could you please explaing in detail.
I will go your way, adding new class for sql. Let me know how to create a static class.
Thank You,
A static class is just a class that has all its members flagged as 'static'. Its best used a class that doesnt make sense to have instances of running around. An example would be a sql utilities class. It cannot be created, as it is always there, hence it is static. -
public static class MyClass
-
{
-
// No constructor: It will flag an error if you try to create a constructor
-
-
// Put functions in here, but flag them static
-
public static void MyFunction() { }
-
}
-
As far as the code is concerned, what we are doing is creating a function to converse with your sql server. We have the connection and the command variables in a using block so that they are closed, and in the try catch block so that in case of error, we know they are closed. This is important so that we can make sure we handle any weird errors that might happen in an effort to make sure we dont send erroneous information to your server.
Go ahead and get that section of code up, and we will continue.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Kevin Ingram |
last post by:
Ok, this is probably a silly question but I just keep hitting a brick wall
here.
I usually develop my sites entirely in ASP and use a database for data
storage, works great for me. I also...
|
by: x muzuo |
last post by:
Hi guys,
I have got a prob of javascript form validation which just doesnt work
with my ASP code. Can any one help me out please.
Here is the code:
{////<<head>
<title>IIBO Submit Page</title>...
|
by: Hosh |
last post by:
I have a form on a webpage and want to use JavaScript validation for the
form fields.
I have searched the web for form validation scripts and have come up with
scripts that only validate...
|
by: Benjamin Bittner |
last post by:
Hallo NG,
ive searched a lot in some google groups, and found many threads, but
nothing that helped me.
Here is the scenario:
I have an aspx page which loads a user control in page.onInit like...
|
by: John Boy |
last post by:
Hi,
Can anyone help. This is really doing my nut in. 3 years ASP exp. and
now doing .DOT which is a step in the wrong direction.
Basically I am left with the code of a guy who has left. When I...
|
by: timothy.pollard |
last post by:
Hi
I'm having a bit of bother trying to make a questionnaire do what I
want it to. I have put it up on www.web-iq.co.uk/test.htm.
Basically the user of the final form (when I've tarted it up)...
|
by: Chris |
last post by:
Hi,
I have a form for uploading documents and inserting the data into a mysql
db. I would like to validate the form. I have tried a couple of Javascript
form validation functions, but it...
|
by: ak1dnar |
last post by:
Hi, I got this scripts from this URL
There is Error when i submit the form.
Line: 54
Error: 'document.getElementbyID(....)' is null or not an object
What is this error.
Complete Files
|
by: keeps21 |
last post by:
A little problem I've run into is the following.
I have a script that allows a user to edit a story.
I have an HTML form for title and main_text which gets it's values by pulling the selected...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |