469,275 Members | 1,871 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,275 developers. It's quick & easy.

Form which accepts & validate user input and saves that input to SQL Server

parshupooja
159 100+
Hi,

I am working in Asp.Net 2.0, SQL Server, C#.
I am trying to create a User Input form which has lots of fields such as :
salutation;
Firstname:
lastname:
address:
Zip:
Phone:
Industry:
and many more. i want to validate user input and than it should save into sql server 2005 and additionally if am being able to send email also that will be great. could you please lead me toward a article or tutorial which can guide me through this process. This is gonna be first time that I am creating a huge form, before this i have created a small forms by using sqldatasource and formview of asp.net 2.0. any help will be appreciated.

Thank You
Jun 14 '07 #1
29 2218
nateraaaa
663 Expert 512MB
Hi,

I am working in Asp.Net 2.0, SQL Server, C#.
I am trying to create a User Input form which has lots of fields such as :
salutation;
Firstname:
lastname:
address:
Zip:
Phone:
Industry:
and many more. i want to validate user input and than it should save into sql server 2005 and additionally if am being able to send email also that will be great. could you please lead me toward a article or tutorial which can guide me through this process. This is gonna be first time that I am creating a huge form, before this i have created a small forms by using sqldatasource and formview of asp.net 2.0. any help will be appreciated.

Thank You
You could search Google or another search engine for C# validate user input and you should get some examples. Just think about designing your page in pieces. Start with basic information like first name and last name then test your validation. To insert the data into a database you will need some insert stored procedures. Your stored procedure will most likely have a parameter for every field on the page.

Good Luck

Nathan
Jun 14 '07 #2
TRScheel
638 Expert 512MB
Hi,

I am working in Asp.Net 2.0, SQL Server, C#.
I am trying to create a User Input form which has lots of fields such as :
salutation;
Firstname:
lastname:
address:
Zip:
Phone:
Industry:
and many more. i want to validate user input and than it should save into sql server 2005 and additionally if am being able to send email also that will be great. could you please lead me toward a article or tutorial which can guide me through this process. This is gonna be first time that I am creating a huge form, before this i have created a small forms by using sqldatasource and formview of asp.net 2.0. any help will be appreciated.

Thank You
I will be happy to walk you through the process if you like. First step should be to create the HTML (or at least a working portion of it).

You will need <asp:Label>'s and <asp:TextBox>'s for the fields. I would use a standard naming convention, so for instance the label for the first name would be something like lblFirstName and its corresponding TextBox would be txtFirstName.

Once that is done, you will need validators to make sure the input is valid. Everything but the Phone and Zip will just use have the RequiredFieldValidators. For the Phone and Zip textbox's, use RegularExpressionValidators. There are a few prebuilt expressions in VS 2005, and luckily there are ones for US Phone and US Zip Code. Use those with the corresponding Textboxes.

When you are done with all this, I will help you with the next step.


EDIT:

If you want links to sites, here are some:


Information about INSERT statements for SQL

Information about sending email through ASP .NET
Jun 14 '07 #3
parshupooja
159 100+
Thank You TRScheel. as soon as finish this i'll back to seek help.
Jun 14 '07 #4
parshupooja
159 100+
Hi, Here are fields which I have created. Reason behind pasting this is to show you that how it looks so far? Please guide me for the next step and feel free to suggest in following html
Expand|Select|Wrap|Line Numbers
  1. <%@ Page Language="C#" MasterPageFile="MasterPage.master" AutoEventWireup="true" CodeFile="Default3.aspx.cs" Inherits="test_Default3" Title="Untitled Page" %>
  2.  
  3. <asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
  4. <div>
  5. <h3>
  6. </h3>
  7. <asp:ValidationSummary ID="valSum" runat="server" HeaderText="You must enter a valid value in the following fields:"
  8. DisplayMode="SingleParagraph" Font-Names="verdana" Font-Size="12" />
  9. <br />
  10. <br />
  11. <!-- sign-in -->
  12. <table border="0" width="600">
  13. <tr>
  14. <td colspan="3">
  15. &nbsp;</td>
  16. </tr>
  17. <tr>
  18. <td align="right" style="width: 171px">
  19. <b>First Name*:</b>
  20. </td>
  21. <td>
  22. <asp:TextBox ID="fn" MaxLength="20" Width="200px" runat="server" />
  23. </td>
  24. <td>
  25. <asp:RequiredFieldValidator ID="RequiredFieldValidator1" ControlToValidate="fn" ErrorMessage="first name"
  26. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  27. *
  28. </asp:RequiredFieldValidator>
  29. </td>
  30. </tr>
  31. <tr>
  32. <td align="right" style="width: 171px">
  33. <b>Last Name*:</b>
  34. </td>
  35. <td>
  36. <asp:TextBox ID="ln" MaxLength="40" Width="200px" runat="server" />
  37. </td>
  38. <td>
  39. <asp:RequiredFieldValidator ID="RequiredFieldValidator2" ControlToValidate="ln" ErrorMessage="last name"
  40. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  41. *
  42. </asp:RequiredFieldValidator>
  43. </td>
  44. </tr>
  45. <tr>
  46. <td align="right" style="width: 171px">
  47. <b>Title</b>
  48. </td>
  49. <td>
  50. <asp:TextBox ID="TextBox1" Width="200px" runat="server" />
  51. </td>
  52. <td>
  53. </td>
  54. </tr>
  55. <tr>
  56. <td align="right" style="width: 171px">
  57. <b>Email Address*:</b>
  58. </td>
  59. <td>
  60. <asp:TextBox ID="email" Width="200px" MaxLength="60" runat="server" />
  61. </td>
  62. <td>
  63. <asp:RequiredFieldValidator ID="emailReqVal" ControlToValidate="email" ErrorMessage="Email. "
  64. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  65. *
  66. </asp:RequiredFieldValidator>
  67. <asp:RegularExpressionValidator ID="emailRegexVal" ControlToValidate="email" ErrorMessage="Email. "
  68. Display="Static" ValidationExpression="^[\w-]+@[\w-]+\.(com|net|org|edu|mil)$"
  69. Font-Names="Arial" Font-Size="11" runat="server">
  70. Not a valid e-mail address. Must follow email@host.domain.
  71. </asp:RegularExpressionValidator>
  72. </td>
  73. </tr>
  74. <tr>
  75. <td align="right" style="width: 171px">
  76. <b>Phone*:</b>
  77. </td>
  78. <td>
  79. <asp:TextBox ID="phone" MaxLength="20" runat="server" />
  80. </td>
  81. <td>
  82. <asp:RequiredFieldValidator ID="phoneReqVal" ControlToValidate="phone" ErrorMessage="Phone. "
  83. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  84. *
  85. </asp:RequiredFieldValidator>
  86. <asp:RegularExpressionValidator ID="phoneRegexVal" ControlToValidate="phone" ErrorMessage="Phone. "
  87. ValidationExpression="(^x\s*[0-9]{5}$)|(^(\([1-9][0-9]{2}\)\s)?[1-9][0-9]{2}-[0-9]{4}(\sx\s*[0-9]{5})?$)"
  88. Display="Static" Font-Names="Arial" Font-Size="11" runat="server">
  89. Must be in form: (XXX) XXX-XXXX
  90. </asp:RegularExpressionValidator>
  91. </td>
  92. </tr>
  93. <tr>
  94. <td align="right" style="width: 171px">
  95. <b>Company*:</b>
  96. </td>
  97. <td>
  98. <asp:TextBox ID="company" MaxLength="40" Width="200px" runat="server" />
  99. </td>
  100. <td>
  101. <asp:RequiredFieldValidator ID="RequiredFieldValidator3" ControlToValidate="company" ErrorMessage="last name"
  102. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  103. *
  104. </asp:RequiredFieldValidator>
  105. </td>
  106. </tr>
  107. <tr>
  108. <td align="right" style="width: 171px">
  109. <b>Address:</b>
  110. </td>
  111. <td>
  112. <asp:TextBox ID="address" Width="200px" runat="server" TextMode="MultiLine" />
  113. </td>
  114. <td>
  115. <asp:RequiredFieldValidator ID="RequiredFieldValidator4" ControlToValidate="address" ErrorMessage="address"
  116. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  117. *
  118. </asp:RequiredFieldValidator>
  119. </td>
  120. </tr>
  121. <tr>
  122. <td align="right" style="width: 171px">
  123. <b>City:</b>
  124. </td>
  125. <td>
  126. <asp:TextBox ID="city" Width="200px" runat="server" MaxLength="20"/>
  127. </td>
  128. <td>
  129. <asp:RequiredFieldValidator ID="RequiredFieldValidator5" ControlToValidate="city" ErrorMessage="city"
  130. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  131. *
  132. </asp:RequiredFieldValidator>
  133. </td>
  134. </tr>
  135. <tr>
  136. <td align="right" style="width: 171px">
  137. <b>State:</b>
  138. </td>
  139. <td>
  140. <asp:TextBox ID="state" Width="30px" MaxLength="2" runat="server" />&nbsp;
  141.  
  142. <b>Zip Code:</b>&nbsp;
  143. <asp:TextBox ID="zip" Width="60px" MaxLength="5" runat="server" />
  144. </td>
  145. <td>
  146. <asp:RegularExpressionValidator ID="RegularExpressionValidator1" ControlToValidate="zip"
  147. ErrorMessage="Zip Code. " ValidationExpression="^\d{5}$" Display="Static" Font-Names="Arial"
  148. Font-Size="11" runat="server">
  149. Zip code must be 5 numeric digits
  150. </asp:RegularExpressionValidator>
  151. </td>
  152. </tr>
  153. <tr>
  154. <td align="right" style="width: 171px">
  155. <b>Country:</b>
  156. </td>
  157. <td>
  158. <asp:DropDownList ID="country" runat="server">
  159. <asp:ListItem></asp:ListItem>
  160.  
  161.  
  162. <asp:ListItem>Argentina</asp:ListItem>
  163. <asp:ListItem>Australia </asp:ListItem>
  164. <asp:ListItem>Austria </asp:ListItem>
  165. <asp:ListItem>Bahamas </asp:ListItem>
  166. <asp:ListItem>Belgium </asp:ListItem>
  167. <asp:ListItem>Brazil </asp:ListItem>
  168. <asp:ListItem>Bolivia</asp:ListItem> 
  169. <asp:ListItem>Canada </asp:ListItem>
  170. <asp:ListItem>Chile</asp:ListItem>
  171. <asp:ListItem>China</asp:ListItem>
  172. <asp:ListItem>Colombia</asp:ListItem>
  173. <asp:ListItem>Costa Rica </asp:ListItem>
  174. <asp:ListItem>Croatia </asp:ListItem>
  175. <asp:ListItem>Cuba </asp:ListItem>
  176. <asp:ListItem>Denmark</asp:ListItem>
  177. <asp:ListItem>Ecuador</asp:ListItem>
  178. <asp:ListItem>Egypt</asp:ListItem>
  179. <asp:ListItem>El Salvador </asp:ListItem>
  180. <asp:ListItem>Finland </asp:ListItem>
  181. <asp:ListItem>France </asp:ListItem>
  182. <asp:ListItem>Germany </asp:ListItem>
  183. <asp:ListItem>Greece </asp:ListItem>
  184. <asp:ListItem>Guatemala </asp:ListItem>
  185. <asp:ListItem>Honduras </asp:ListItem>
  186. <asp:ListItem>Honk Kong</asp:ListItem>
  187. <asp:ListItem>Iceland </asp:ListItem>
  188. <asp:ListItem>India </asp:ListItem>
  189. <asp:ListItem>Ireland </asp:ListItem>
  190. <asp:ListItem>Israel </asp:ListItem>
  191. <asp:ListItem>Italy </asp:ListItem>
  192. <asp:ListItem>Jamaica </asp:ListItem>
  193. <asp:ListItem>Japan </asp:ListItem>
  194. <asp:ListItem>Luxembourg </asp:ListItem>
  195. <asp:ListItem>Mexico </asp:ListItem>
  196. <asp:ListItem>Morocco </asp:ListItem>
  197. <asp:ListItem>Netherlands </asp:ListItem>
  198. <asp:ListItem>New Zealand </asp:ListItem>
  199. <asp:ListItem>Nigeria </asp:ListItem>
  200. <asp:ListItem>Norway </asp:ListItem>
  201. <asp:ListItem>Paraguay </asp:ListItem>
  202. <asp:ListItem>Peru </asp:ListItem>
  203. <asp:ListItem>Poland </asp:ListItem>
  204. <asp:ListItem>Portugal </asp:ListItem>
  205. <asp:ListItem>Russia </asp:ListItem>
  206. <asp:ListItem>Saudi Arabia </asp:ListItem>
  207. <asp:ListItem>South Africa</asp:ListItem>
  208. <asp:ListItem>Spain </asp:ListItem>
  209. <asp:ListItem>Sweden </asp:ListItem>
  210. <asp:ListItem>Switzerland </asp:ListItem>
  211. <asp:ListItem>Taiwan </asp:ListItem>
  212. <asp:ListItem>Turkey</asp:ListItem>
  213. <asp:ListItem>United Kingdom </asp:ListItem>
  214. <asp:ListItem>United States </asp:ListItem>
  215. <asp:ListItem>Uruguay </asp:ListItem>
  216. <asp:ListItem>Venezuela </asp:ListItem>
  217. <asp:ListItem>Other </asp:ListItem>
  218. </asp:DropDownList>
  219. </td>
  220. <td>
  221. <asp:RequiredFieldValidator ID="countryReqVal" ControlToValidate="country" ErrorMessage="Country. "
  222. Display="Static" InitialValue="" Font-Names="Verdana" Font-Size="12" runat="server">
  223. *
  224. </asp:RequiredFieldValidator>
  225. </td>
  226. </tr>
  227. <tr>
  228. <td colspan="3">
  229. &nbsp;</td>
  230. </tr>
  231. <tr>
  232. <td colspan="3">
  233. </td>
  234. </tr>
  235. <tr>
  236. <td align="right">
  237. <b >I am interested in:</b>
  238. </td>
  239. <td>
  240. <asp:CheckBoxList ID="interest" runat="server" Width="208px" RepeatDirection="Horizontal">
  241. <asp:ListItem>Training</asp:ListItem>
  242. <asp:ListItem>Activity</asp:ListItem>
  243. <asp:ListItem>Learning</asp:ListItem>
  244. </asp:CheckBoxList>
  245. </td>
  246. <td>
  247.  
  248.  
  249. </td>
  250. </tr>
  251. <tr>
  252. <td align="right">
  253. <b>How did you hear about us</b>
  254. </td><td>
  255. <asp:RadioButtonList ID="source" runat="server">
  256. <asp:ListItem>Email</asp:ListItem>
  257. <asp:ListItem>Direct Mail</asp:ListItem>
  258. <asp:ListItem>Referral</asp:ListItem>
  259. <asp:ListItem>Publication</asp:ListItem>
  260. <asp:ListItem>Tradeshow</asp:ListItem>
  261. <asp:ListItem>Website Link</asp:ListItem>
  262. <asp:ListItem>Internet</asp:ListItem>
  263. </asp:RadioButtonList>
  264. <b>Other</b>
  265. <asp:TextBox ID="other" runat="server" />
  266. </td>
  267. </tr>
  268. </table>
  269. <br />
  270. <br />
  271. <input id="Submit1" runat="server" type="submit" value="Sign In" />
  272. </div>
  273. </asp:Content>
  274.  
Jun 14 '07 #5
TRScheel
638 Expert 512MB
Nicely done, I just tested your site, and it looks functional.

A few notes on the HTML:
  • Use clarifiers for your IDs (ex, textbox id's are always prefixed with txt, dropdownlists with ddl, checkboxes with chk, etc)
  • Instead of <b> </b> use labels (and dont forget the above point when naming them) with css styling
  • I normally have validators have their initials as their definer, and then carry the same suffix as the object they are validating (ex, if the regular expression validator was validating txtPhone, then the validator would be named revPhone)

Those are all styling points, up to you whether you want to put them into your code.

This SHOULD be done though:
Go back through all your input fields and put a maximum character amount. This is so when you create your sql table, you know the maximum size you will be passing to it. Its not needed, as you can use variable sized inputs, but it will help.


Onto the code. Now that you have what can be referenced as pseudo code, create a User class that has all these properties. Here are a few pointers with that class:
  • Private variables, public properties (stylistic, but it also lets you change the implementation later without breaking code everywhere)
  • Include two enums for the interested in and where did you hear about us ( sample code included at the end of this post )
  • Include a function to return SqlParamter[] and call it something like GetSqlParameters. For now just have it return null. We will fill in that function later when we pass this information to your sql statement.
  • Everything but the zip code will probably be a string and the zip code will probably be an int, although you can have that be a string as well.
  • Make sure to include a variable (string) for Other in case they select that option


Now the enum code. You have two distinct opportunities for the enums. One that only allows one value, another that the user can select multiple options. If you want to have one enum that can have multiple options, make each value in the enum a iterator of 2 ^ x (1, 2, 4, 8, 16, 32, 64, 128, etc). Examples of the enums are as such:

Expand|Select|Wrap|Line Numbers
  1. public enum InterestedIn
  2. {
  3.      Training = 1,
  4.      Activity = 2,
  5.      Learning = 4
  6. }
  7.  
  8. public enum ReferredFrom
  9. {
  10.     Email,
  11.     DirectMail,
  12.     Referral,
  13.     Publication,
  14.     Tradeshow,
  15.     WebsiteLink,
  16.     Internet
  17. }
  18.  
Jun 15 '07 #6
parshupooja
159 100+
hi,

thank you for your feedback and help. From the HTML point of view I understood everything but didn't understand anything regards to next step. I guess its little higher level for me. Could you please explain in more detail. By User class do you mean adding new class to existing project? Are you trying to lead me to multi-tier architecture? I am kind of confused.

Thank You.
Jun 15 '07 #7
TRScheel
638 Expert 512MB
hi,

thank you for your feedback and help. From the HTML point of view I understood everything but didn't understand anything regards to next step. I guess its little higher level for me. Could you please explain in more detail. By User class do you mean adding new class to existing project? Are you trying to lead me to multi-tier architecture? I am kind of confused.

Thank You.
If this is done in Visual Studio, right click your solution and add file (like you would a web page). Select the class object. Name it something like User, and it should auto fill everything.

I may ask you if you want to create an App_Data folder, do so if it does. If it doesnt, no worries.

It should auto create a file that looks similiar to:

Expand|Select|Wrap|Line Numbers
  1. using System;
  2. using System.Data;
  3. using System.Configuration;
  4. using System.Web;
  5. using System.Web.Security;
  6. using System.Web.UI;
  7. using System.Web.UI.WebControls;
  8. using System.Web.UI.WebControls.WebParts;
  9. using System.Web.UI.HtmlControls;
  10.  
  11. /// <summary>
  12. /// Summary description for User
  13. /// </summary>
  14. public class User
  15. {
  16.     public User()
  17.     {
  18.         //
  19.         // TODO: Add constructor logic here
  20.         //
  21.     }
  22. }
  23.  
I am assuming here that you are using C#. If it is VB .Net, tell me and I will change the code.

Anyways, from within that above code snippet, you would add variables and it would start to look similiar to:

Expand|Select|Wrap|Line Numbers
  1. public class User
  2. {
  3.     private string _FirstName, _LastName, _Address;
  4.  
  5.     public string Address
  6.     {
  7.         get { return _Address; }
  8.         set { _Address = value; }
  9.     }
  10.  
  11.     public string LastName
  12.     {
  13.         get { return _LastName; }
  14.         set { _LastName = value; }
  15.     }
  16.  
  17.     public string FirstName
  18.     {
  19.         get { return _FirstName; }
  20.         set { _FirstName = value; }
  21.     }
  22.  
  23.     public User()
  24.     {
  25.         //
  26.         // TODO: Add constructor logic here
  27.         //
  28.     }
  29. }
  30.  

**NOTE** If you are unfamiliar with C#, tell me so I will take a few steps back and explain some C# for you.
Jun 15 '07 #8
TRScheel
638 Expert 512MB
Also, if you need C# help, tell me roughly what you do know so I dont go over old information.
Jun 15 '07 #9
parshupooja
159 100+
Hi,

Thanks again. actually I am new to Asp.net C#, its been few months only. Here is a User.cs file
Expand|Select|Wrap|Line Numbers
  1.  
  2. using System;
  3. using System.Data;
  4. using System.Configuration;
  5. using System.Web;
  6. using System.Web.Security;
  7. using System.Web.UI;
  8. using System.Web.UI.WebControls;
  9. using System.Web.UI.WebControls.WebParts;
  10. using System.Web.UI.HtmlControls;
  11.  
  12. /// <summary>
  13. /// Summary description for User
  14. /// </summary>
  15. public class User
  16. {
  17.     private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
  18.  
  19.     public User() { }
  20.  
  21.     public string FirstName
  22.     {
  23.         get { return _FirstName; }
  24.         set { _FirstName = value; }
  25.     }
  26.  
  27.     public string LastName
  28.     {
  29.         get { return _LastName; }
  30.         set { _LastName = value; }
  31.     }
  32.  
  33.     public string Title
  34.     {
  35.  
  36.         get { return _Title; }
  37.         set { _Title = value; }
  38.     }
  39.     public string Email
  40.     {
  41.         get { return _Email; }
  42.         set { _Email = value; }
  43.  
  44.     }
  45.     public string Phone
  46.     {
  47.  
  48.         get { return _Phone; }
  49.         set { _Phone = value; }
  50.     }
  51.     public string Company
  52.     {
  53.  
  54.         get { return _Company; }
  55.         set { _Company = value; }
  56.     }
  57.     public string Address
  58.     {
  59.         get { return _Address; }
  60.         set { _Address = value; }
  61.     }
  62.  
  63.     public string City
  64.     {
  65.  
  66.         get { return _City; }
  67.         set { _City = value; }
  68.  
  69.     }
  70.  
  71.     public string State
  72.     {
  73.  
  74.         get { return _State; }
  75.         set { _State = value; }
  76.     }
  77.  
  78.     public int Zip
  79.     {
  80.  
  81.         get { return _Zip; }
  82.         set { _Zip = value; }
  83.     }
  84.  
  85.     public string Country
  86.     {
  87.  
  88.         get { return _Country; }
  89.         set { _Country = value; }
  90.     }
  91.  
  92.     public string Other
  93.     {
  94.  
  95.         get { return _Other; }
  96.         set { _Other = value; }
  97.     }
  98.  
  99.     public enum InterestedIn
  100.     {
  101.         Training = 1,
  102.         Activity = 2,
  103.         Learning = 4
  104.     }
  105.  
  106.     public enum ReferredFrom
  107.     {
  108.         Email,
  109.         DirectMail,
  110.         Referral,
  111.         Publication,
  112.         Tradeshow,
  113.         WebsiteLink,
  114.         Internet
  115.     }
  116.  
  117.     public User_Input SQLGetParameters()
  118.     {
  119.         SqlParameter[] aspParams = new SqlParameter[0];
  120.  
  121.     }
  122.  
  123. }
  124.  

I am not sure whether its correct, have a look at it and let me know wat should be done next. appreciate your efforts.
Jun 15 '07 #10
TRScheel
638 Expert 512MB
You've defined the enums, but you have no instances of them within the class, Make sure to have that.

Also the SqlParameters function should return an array of SqlParamter (or, SqlParamter[])
Jun 16 '07 #11
parshupooja
159 100+
I hope this is correct as far as enums are concerned but still i am unable to grasp SQLParameter part. Could you please show that to me and verify this too.

Thanks for being patient and helping me toward this.
Expand|Select|Wrap|Line Numbers
  1. using System;
  2. using System.Data;
  3. using System.Configuration;
  4. using System.Web;
  5. using System.Web.Security;
  6. using System.Web.UI;
  7. using System.Web.UI.WebControls;
  8. using System.Web.UI.WebControls.WebParts;
  9. using System.Web.UI.HtmlControls;
  10.  
  11. /// <summary>
  12. /// Summary description for User
  13. /// </summary>
  14. public class User
  15. {
  16. private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
  17.  
  18. public User() { }
  19.  
  20. public string FirstName
  21. {
  22. get { return _FirstName; }
  23. set { _FirstName = value; }
  24. }
  25.  
  26. public string LastName
  27. {
  28. get { return _LastName; }
  29. set { _LastName = value; }
  30. }
  31.  
  32. public string Title
  33. {
  34.  
  35. get { return _Title; }
  36. set { _Title = value; }
  37. }
  38. public string Email
  39. {
  40. get { return _Email; }
  41. set { _Email = value; }
  42.  
  43. }
  44. public string Phone
  45. {
  46.  
  47. get { return _Phone; }
  48. set { _Phone = value; }
  49. }
  50. public string Company
  51. {
  52.  
  53. get { return _Company; }
  54. set { _Company = value; }
  55. }
  56. public string Address
  57. {
  58. get { return _Address; }
  59. set { _Address = value; }
  60. }
  61.  
  62. public string City
  63. {
  64.  
  65. get { return _City; }
  66. set { _City = value; }
  67.  
  68. }
  69.  
  70. public string State
  71. {
  72.  
  73. get { return _State; }
  74. set { _State = value; }
  75. }
  76.  
  77. public string Zip
  78. {
  79.  
  80. get { return _Zip; }
  81. set { _Zip = value; }
  82. }
  83.  
  84. public string Country
  85. {
  86.  
  87. get { return _Country; }
  88. set { _Country = value; }
  89. }
  90.  
  91. public string Other
  92. {
  93.  
  94. get { return _Other; }
  95. set { _Other = value; }
  96. }
  97.  
  98. public enum InterestedIn
  99. {
  100. Training = 1,
  101. Activity = 2,
  102. Learning = 4
  103. }
  104.         private InterestedIn Inti = InterestedIn.Training;
  105.         private string myinterest = string.Empty;
  106.  
  107.         public string finterest
  108.         {
  109.             get { return this.myinterest; }
  110.             set { this.myinterest = (string)value; }
  111.         }
  112.  
  113.         public InterestedIn interesttype
  114.         {
  115.             get { return this.Inti; }
  116.             set { this.Inti = (myinterest)value; }
  117.         }
  118.  
  119. public enum ReferredFrom
  120. {
  121. Email,
  122. DirectMail,
  123. Referral,
  124. Publication,
  125. Tradeshow,
  126. WebsiteLink,
  127. Internet
  128. }
  129.  
  130. private ReferredFrom RF = ReferredFrom.Email;
  131.         private string refer = string.Empty;
  132.  
  133.         public string ReferredMedia
  134.         {
  135.             get { return this.refer; }
  136.             set { this.refer = (string)value; }
  137.         }
  138.  
  139.         public ReferredFrom refertype
  140.         {
  141.             get { return this.RF; }
  142.             set { this.RF = refer)value; }
  143.         }
  144.  
  145.  
  146. }
Jun 19 '07 #12
TRScheel
638 Expert 512MB
Ok, some changes should be made just to make it easier to read. First off, put all your private variables and public enum declarations at the top of the class. Then, you should have one instance of the two enums, as shown below. I wasnt exactly sure what you were going with for the string versions of them, but if you take ReferredFrom.Internet.ToString() it will return 'Internet'. If you want to have public versions of those enums so you dont need to add .ToString() to it, go for it, but thats how to get it.

Now onto that SQLParameter function. The start of it is included at the end. Take a look and see if you understand what is going on.

Now here is some styling information. Why a function for the sql parameters instead of a read only property? Well, technically, its not returning a private variable. It is actually doing work, then returning that value. The reason we used properties before is so that if we changed how LastName worked, for instance, we only had to change it in the User class. We want the end user to realize that by calling GetSqlParameters() it will do work, not just expose a variable to them. Others will have different opinions on the matter, and in my opinion, there is no right or wrong way, I just attempt to remain consistent in my work and I suggest you try to retain a consistency in your work. It will help you and others that use your work.

When you are done and have no further questions about this portion, I will help you move onto the next step.

Expand|Select|Wrap|Line Numbers
  1. using System;
  2. using System.Data;
  3. using System.Configuration;
  4. using System.Web;
  5. using System.Web.Security;
  6. using System.Web.UI;
  7. using System.Web.UI.WebControls;
  8. using System.Web.UI.WebControls.WebParts;
  9. using System.Web.UI.HtmlControls;
  10. using System.Data.SqlClient;
  11. using System.Collections.Generic;
  12.  
  13. /// <summary>
  14. /// Summary description for User
  15. /// </summary>
  16. public class User
  17. {
  18.     public enum InterestedIn
  19.     {
  20.         Training = 1,
  21.         Activity = 2,
  22.         Learning = 4
  23.     }
  24.  
  25.     public enum ReferredFrom
  26.     {
  27.         Email,
  28.         DirectMail,
  29.         Referral,
  30.         Publication,
  31.         Tradeshow,
  32.         WebsiteLink,
  33.         Internet
  34.     }
  35.  
  36.  
  37.     private ReferredFrom _ReferredFrom;
  38.     private InterestedIn _InterestedIn;
  39.     private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
  40.  
  41.     public User() { }
  42.  
  43.     public ReferredFrom UserReferredFrom
  44.     {
  45.         get { return _ReferredFrom; }
  46.         set { _ReferredFrom = value; }
  47.     }
  48.  
  49.     public InterestedIn UserInterestedIn
  50.     {
  51.         get { return _InterestedIn; }
  52.         set { _InterestedIn = value; }
  53.     }
  54.  
  55.     public string FirstName
  56.     {
  57.         get { return _FirstName; }
  58.         set { _FirstName = value; }
  59.     }
  60.  
  61.     public string LastName
  62.     {
  63.         get { return _LastName; }
  64.         set { _LastName = value; }
  65.     }
  66.  
  67.     public string Title
  68.     {
  69.         get { return _Title; }
  70.         set { _Title = value; }
  71.     }
  72.     public string Email
  73.     {
  74.         get { return _Email; }
  75.         set { _Email = value; }
  76.  
  77.     }
  78.     public string Phone
  79.     {
  80.         get { return _Phone; }
  81.         set { _Phone = value; }
  82.     }
  83.     public string Company
  84.     {
  85.         get { return _Company; }
  86.         set { _Company = value; }
  87.     }
  88.     public string Address
  89.     {
  90.         get { return _Address; }
  91.         set { _Address = value; }
  92.     }
  93.  
  94.     public string City
  95.     {
  96.         get { return _City; }
  97.         set { _City = value; }
  98.     }
  99.  
  100.     public string State
  101.     {
  102.         get { return _State; }
  103.         set { _State = value; }
  104.     }
  105.  
  106.     public string Zip
  107.     {
  108.         get { return _Zip; }
  109.         set { _Zip = value; }
  110.     }
  111.  
  112.     public string Country
  113.     {
  114.         get { return _Country; }
  115.         set { _Country = value; }
  116.     }
  117.  
  118.     public string Other
  119.     {
  120.         get { return _Other; }
  121.         set { _Other = value; }
  122.     }
  123.  
  124.     public SqlParameter[] GetSqlParameters()
  125.     {
  126.         List<SqlParameter> SqlParameters = new List<SqlParameter>();
  127.  
  128.         SqlParameters.Add(new SqlParameter("FirstName", this.FirstName));
  129.         SqlParameters.Add(new SqlParameter("LastName", this.LastName));
  130.         //... continue through the entire class
  131.  
  132.         return SqlParameters.ToArray();
  133.     }
  134. }
  135.  
Jun 20 '07 #13
parshupooja
159 100+
Thank You for being so patient with me. Here it is
Expand|Select|Wrap|Line Numbers
  1. using System;
  2. using System.Data;
  3. using System.Configuration;
  4. using System.Web;
  5. using System.Web.Security;
  6. using System.Web.UI;
  7. using System.Web.UI.WebControls;
  8. using System.Web.UI.WebControls.WebParts;
  9. using System.Web.UI.HtmlControls;
  10. using System.Data.SqlClient;
  11. using System.Collections.Generic;
  12.  
  13. /// <summary>
  14. /// Summary description for User
  15. /// </summary>
  16. public class User
  17. {
  18.     public enum InterestedIn
  19.     {
  20.         Training = 1,
  21.         Activity = 2,
  22.         Learning = 4
  23.     }
  24.  
  25.     public enum ReferredFrom
  26.     {
  27.         Email,
  28.         DirectMail,
  29.         Referral,
  30.         Publication,
  31.         Tradeshow,
  32.         WebsiteLink,
  33.         Internet
  34.     }
  35.  
  36.  
  37.     private ReferredFrom _ReferredFrom;
  38.     private InterestedIn _InterestedIn;
  39.     private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
  40.  
  41.     public User() { }
  42.  
  43.     public ReferredFrom UserReferredFrom
  44.     {
  45.         get { return _ReferredFrom; }
  46.         set { _ReferredFrom = value; }
  47.     }
  48.  
  49.     public InterestedIn UserInterestedIn
  50.     {
  51.         get { return _InterestedIn; }
  52.         set { _InterestedIn = value; }
  53.     }
  54.  
  55.     public string FirstName
  56.     {
  57.         get { return _FirstName; }
  58.         set { _FirstName = value; }
  59.     }
  60.  
  61.     public string LastName
  62.     {
  63.         get { return _LastName; }
  64.         set { _LastName = value; }
  65.     }
  66.  
  67.     public string Title
  68.     {
  69.         get { return _Title; }
  70.         set { _Title = value; }
  71.     }
  72.     public string Email
  73.     {
  74.         get { return _Email; }
  75.         set { _Email = value; }
  76.  
  77.     }
  78.     public string Phone
  79.     {
  80.         get { return _Phone; }
  81.         set { _Phone = value; }
  82.     }
  83.     public string Company
  84.     {
  85.         get { return _Company; }
  86.         set { _Company = value; }
  87.     }
  88.     public string Address
  89.     {
  90.         get { return _Address; }
  91.         set { _Address = value; }
  92.     }
  93.  
  94.     public string City
  95.     {
  96.         get { return _City; }
  97.         set { _City = value; }
  98.     }
  99.  
  100.     public string State
  101.     {
  102.         get { return _State; }
  103.         set { _State = value; }
  104.     }
  105.  
  106.     public string Zip
  107.     {
  108.         get { return _Zip; }
  109.         set { _Zip = value; }
  110.     }
  111.  
  112.     public string Country
  113.     {
  114.         get { return _Country; }
  115.         set { _Country = value; }
  116.     }
  117.  
  118.     public string Other
  119.     {
  120.         get { return _Other; }
  121.         set { _Other = value; }
  122.     }
  123.  
  124.     public SqlParameter[] GetSqlParameters()
  125.     {
  126.         List<SqlParameter> SqlParameters = new List<SqlParameter>();
  127.  
  128.         SqlParameters.Add(new SqlParameter("FirstName", this.FirstName));
  129.         SqlParameters.Add(new SqlParameter("LastName", this.LastName));
  130.         SqlParameters.Add(new SqlParameter("Title", this.Title));
  131.         SqlParameters.Add(new SqlParameter("Email", this.Email));
  132.         SqlParameters.Add(new SqlParameter("Phone", this.Phone));
  133.         SqlParameters.Add(new SqlParameter("Company", this.Company));
  134.         SqlParameters.Add(new SqlParameter("Address", this.Address));
  135.         SqlParameters.Add(new SqlParameter("City", this.City));
  136.         SqlParameters.Add(new SqlParameter("State", this.State));
  137.         SqlParameters.Add(new SqlParameter("Zip", this.Zip));
  138.         SqlParameters.Add(new SqlParameter("Country", this.Country));
  139.         SqlParameters.Add(new SqlParameter("Other", this.Other));
  140.         SqlParameters.Add(new SqlParameter("Zip", this.Zip));
  141.         SqlParameters.Add(new SqlParameter("UserReferedFrom", this.UserReferredFrom));
  142.         SqlParameters.Add(new SqlParameter("UserInterestedIn", this.UserInterestedIn));
  143.  
  144.  
  145.         return SqlParameters.ToArray();
  146.     }
  147. }
Jun 20 '07 #14
TRScheel
638 Expert 512MB
Ok, now for some SQL fun. Do you have some background knowledge of SQL or would you like me to start from the beginning?
Jun 20 '07 #15
parshupooja
159 100+
I guess I am ok with SQL, have done in past.
Jun 20 '07 #16
TRScheel
638 Expert 512MB
I guess I am ok with SQL, have done in past.
Ok, and you have full access to the server you are using? IE, can create tables, stored procedures, etc? Also, are you allowed a GUI to do it with, or will you be doing this through script?
Jun 20 '07 #17
parshupooja
159 100+
Hi,

Yes i have a access to my Server. Do you mean by creating tables and Stored procedures via script or using GUI, then i can go either way. I am using Sql server 2005.

Thank You
Jun 20 '07 #18
Frinavale
9,735 Expert Mod 8TB
I just read through this wonderful thread and wanted to point out that you have only done client side validation.

Please be aware that some users know how to get around this form of validation and can pass malicious code into your form.

I strongly recommend you write the C# server side code that checks each of your User class's properties before you store any information into your database...check for things like data length as well as data validity.

Also I would check every property for any SQL code that may damage your database. Screen each property for things like DROP, SELECT, INSERT, UPDATE, DELETE or TRUNCATE before you insert anything. This will prevent anything from happening in the future if a piece of code blindly uses the information stored in the database and accidentally executes something devastating. Just be aware that these words can be valid input...eg: "Select Foods" could be a valid name.

Here is a quick little bit of code (sorry it's in VB.NET) that will strip a string of these potentially harmful SQL commands:

Expand|Select|Wrap|Line Numbers
  1.  Private Shared Function CommentHarmfulSQLCommands(ByVal str As String) As String
  2.         'Function Description:   adding "--" to the front of SQL commands comments them out. Check every part of the string looking for:  SELECT, INSERT, UPDATE, DELETE, TRUNCATE, DROP   which are potentially harmful SQL Commands.
  3.         'Parameters:    
  4.         '   str: the string which we are sanitizing.
  5.         'Return Value:
  6.         '   The string with all harmful SQL commands commented out
  7.  
  8.         Dim peicesOfTheString() As String
  9.         Dim newStr As New StringBuilder
  10.  
  11.         peicesOfTheString= str.Split(" "c)
  12.         For Each s As String In peicesOfTheString
  13.             If String.Compare(s, "select", True) = 0 OrElse String.Compare(s, "insert", True) = 0 OrElse _
  14.             String.Compare(s, "update", True) = 0 OrElse String.Compare(s, "delete", True) = 0 OrElse _
  15.              String.Compare(s, "truncate", True) = 0 OrElse String.Compare(s, "drop", True) = 0 Then
  16.                 newStr.Append("--")
  17.             End If
  18.             newStr.Append(s)
  19.             newStr.Append(" ")
  20.         Next
  21.         Return newStr.ToString()
  22.     End Function
  23.  
Cheers!

-Frinny
Jun 20 '07 #19
TRScheel
638 Expert 512MB
I just read through this wonderful thread and wanted to point out that you have only done client side validation.

Please be aware that some users know how to get around this form of validation and can pass malicious code into your form

....


Cheers!

-Frinny

Oh frinny, always looking out for us. I was planning on getting to that, after we had the functionality. But valid point nonetheless.
Jun 21 '07 #20
TRScheel
638 Expert 512MB
Hi,

Yes i have a access to my Server. Do you mean by creating tables and Stored procedures via script or using GUI, then i can go either way. I am using Sql server 2005.

Thank You
Oh excellent. That should make this all easier.

Well now make a table that accurately portrays the user class you created (I would also include a userID of some sort, if you do though, be sure to add that as a readonly property to your user class with a corresponding variable).
Jun 21 '07 #21
parshupooja
159 100+
Hello,

Please check the stored proccedure below for creating a Table. I have added UserId(not null, auto increament). Let me know if its correct (especially data types). After that i have added UserId read only property and Sqlparameter for that in User Class.

Expand|Select|Wrap|Line Numbers
  1. USE [KA]
  2. GO
  3. /****** Object:  Table [dbo].[UserInput]    Script Date: 06/21/2007 10:02:59 ******/
  4. SET ANSI_NULLS ON
  5. GO
  6. SET QUOTED_IDENTIFIER ON
  7. GO
  8. SET ANSI_PADDING ON
  9. GO
  10. CREATE TABLE [dbo].[UserInput](
  11.     [UserId] [int] IDENTITY(1,1) NOT NULL,
  12.     [FirstName] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  13.     [LastName] [varbinary](max) NOT NULL,
  14.     [Title] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
  15.     [email] [varchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  16.     [Phone] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  17.     [Company] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  18.     [Address] [varchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  19.     [City] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  20.     [State] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
  21.     [Zip] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  22.     [Country] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
  23.     [Other] [varchar](255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
  24.     [UserReferedFrom] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
  25.     [InterestedIn] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL
  26. ) ON [PRIMARY]
  27.  
  28. GO
  29. SET ANSI_PADDING OFF
Expand|Select|Wrap|Line Numbers
  1.  
  2. using System;
  3. using System.Data;
  4. using System.Configuration;
  5. using System.Web;
  6. using System.Web.Security;
  7. using System.Web.UI;
  8. using System.Web.UI.WebControls;
  9. using System.Web.UI.WebControls.WebParts;
  10. using System.Web.UI.HtmlControls;
  11. using System.Data.SqlClient;
  12. using System.Collections.Generic;
  13.  
  14. /// <summary>
  15. /// Summary description for User
  16. /// </summary>
  17. public class User
  18. {
  19.     public enum InterestedIn
  20.     {
  21.         Training = 1,
  22.         Activity = 2,
  23.         Learning = 4
  24.     }
  25.  
  26.     public enum ReferredFrom
  27.     {
  28.         Email,
  29.         DirectMail,
  30.         Referral,
  31.         Publication,
  32.         Tradeshow,
  33.         WebsiteLink,
  34.         Internet
  35.     }
  36.  
  37.     private int _UserId;
  38.     private ReferredFrom _ReferredFrom;
  39.     private InterestedIn _InterestedIn;
  40.     private string _FirstName, _LastName, _Title, _Email, _Phone, _Company, _Address, _City, _State, _Zip, _Country, _Other;
  41.  
  42.     public User() { }
  43.  
  44.     public int UserId
  45.     {
  46.         get { return _UserId; }
  47.     }
  48.  
  49.     public ReferredFrom UserReferredFrom
  50.     {
  51.         get { return _ReferredFrom; }
  52.         set { _ReferredFrom = value; }
  53.     }
  54.  
  55.     public InterestedIn UserInterestedIn
  56.     {
  57.         get { return _InterestedIn; }
  58.         set { _InterestedIn = value; }
  59.     }
  60.  
  61.     public string FirstName
  62.     {
  63.         get { return _FirstName; }
  64.         set { _FirstName = value; }
  65.     }
  66.  
  67.     public string LastName
  68.     {
  69.         get { return _LastName; }
  70.         set { _LastName = value; }
  71.     }
  72.  
  73.     public string Title
  74.     {
  75.         get { return _Title; }
  76.         set { _Title = value; }
  77.     }
  78.     public string Email
  79.     {
  80.         get { return _Email; }
  81.         set { _Email = value; }
  82.  
  83.     }
  84.     public string Phone
  85.     {
  86.         get { return _Phone; }
  87.         set { _Phone = value; }
  88.     }
  89.     public string Company
  90.     {
  91.         get { return _Company; }
  92.         set { _Company = value; }
  93.     }
  94.     public string Address
  95.     {
  96.         get { return _Address; }
  97.         set { _Address = value; }
  98.     }
  99.  
  100.     public string City
  101.     {
  102.         get { return _City; }
  103.         set { _City = value; }
  104.     }
  105.  
  106.     public string State
  107.     {
  108.         get { return _State; }
  109.         set { _State = value; }
  110.     }
  111.  
  112.     public string Zip
  113.     {
  114.         get { return _Zip; }
  115.         set { _Zip = value; }
  116.     }
  117.  
  118.     public string Country
  119.     {
  120.         get { return _Country; }
  121.         set { _Country = value; }
  122.     }
  123.  
  124.     public string Other
  125.     {
  126.         get { return _Other; }
  127.         set { _Other = value; }
  128.     }
  129.  
  130.     public SqlParameter[] GetSqlParameters()
  131.     {
  132.         List<SqlParameter> SqlParameters = new List<SqlParameter>();
  133.  
  134.         SqlParameters.Add(new SqlParameter("UserId", this.UserId));
  135.         SqlParameters.Add(new SqlParameter("FirstName", this.FirstName));
  136.         SqlParameters.Add(new SqlParameter("LastName", this.LastName));
  137.         SqlParameters.Add(new SqlParameter("Title", this.Title));
  138.         SqlParameters.Add(new SqlParameter("Email", this.Email));
  139.         SqlParameters.Add(new SqlParameter("Phone", this.Phone));
  140.         SqlParameters.Add(new SqlParameter("Company", this.Company));
  141.         SqlParameters.Add(new SqlParameter("Address", this.Address));
  142.         SqlParameters.Add(new SqlParameter("City", this.City));
  143.         SqlParameters.Add(new SqlParameter("State", this.State));
  144.         SqlParameters.Add(new SqlParameter("Zip", this.Zip));
  145.         SqlParameters.Add(new SqlParameter("Country", this.Country));
  146.         SqlParameters.Add(new SqlParameter("Other", this.Other));
  147.         SqlParameters.Add(new SqlParameter("UserReferedFrom", this.UserReferredFrom));
  148.         SqlParameters.Add(new SqlParameter("UserInterestedIn", this.UserInterestedIn));
  149.  
  150.  
  151.         return SqlParameters.ToArray();
  152.     }
  153. }
Jun 21 '07 #22
Frinavale
9,735 Expert Mod 8TB
Hi Parshupooja,

Could you possibly mark what is code by using the [code] tags.
Since you're working with mainly C# I suggest using [code=cpp].
So you'll do something like [code=cpp]...your code [ /code].
It will just make things more legible.

Thanks :)

-Frinny
Jun 21 '07 #23
TRScheel
638 Expert 512MB
Hello,

Please check the stored proccedure below for creating a Table. I have added UserId(not null, auto increament). Let me know if its correct (especially data types). After that i have added UserId read only property and Sqlparameter for that in User Class.
Excellent job. Your sql code looks good, although its fairly easy for to miss script errors (I do it all the time).

You want to take out the UserID from the C# code in the Parameters function. We arent going to tell the table what its user ID is, it will just be assigned one when you register the user. The reason we have a readonly value in the user class is so that when you load a user, you can reference it by its user ID in the future (but we dont want some external class being able to change it).

I WOULD though, create a function that returns ONLY the UserID sql parameter in the C# code, but that can be saved for later when you will use the class to update portions of the user information.

Now we travel back to the HTML. Make sure that all those limits you set in your SQL script are coded into the HTML. An example would be to make sure that a user cannot put more then 50 characters for his first name, 255 for his address, etc.

Once done with that, you will make a stored procedure. I assume you know how to do this? If so, create one that will take all those parameters you used in the C# parameters function and inserts it into a new row into your table.

After all that, come back here and I will walk you through some C# sql coding so that you can call that procedure from the code.
Jun 21 '07 #24
parshupooja
159 100+
Frinny,

I will do so. Please pardon me since I am a novice member

Hi Parshupooja,

Could you possibly mark what is code by using the [code] tags.
Since you're working with mainly C# I suggest using [code=cpp].
So you'll do something like [code=cpp]...your code [ /code].
It will just make things more legible.

Thanks :)

-Frinny
Jun 21 '07 #25
Frinavale
9,735 Expert Mod 8TB
Frinny,

I will do so. Please pardon me since I am a novice member

Everyone has to start somewhere :)
Jun 21 '07 #26
parshupooja
159 100+
Hello,

Here is a Insert Stored Procedure,
Expand|Select|Wrap|Line Numbers
  1.  
  2. set ANSI_NULLS ON
  3. set QUOTED_IDENTIFIER ON
  4. go
  5.  
  6. CREATE procedure UserInputInsert 
  7.  
  8. @iFirstName        varchar(50),
  9. @iLastName        varchar(50),
  10. @iTitle            varchar(50),
  11. @iEmail            varchar(50),
  12. @iPhone            varchar(50),
  13. @iCompany        varchar(50),
  14. @iAddress        varchar(255),
  15. @iCity            varchar(50),
  16. @iState            varchar(2),
  17. @iZip            varchar(5),
  18. @iCountry        varchar(50),
  19. @iOther            varchar(50),
  20. @iUserReferedFrom varchar(50),
  21. @iInterestedIn        varchar(50)
  22.  
  23.  
  24. as set nocount on; 
  25.  
  26.  
  27. insert into UserInput(FirstName, 
  28.                         LastName, 
  29.                         Title, 
  30.                         Email, 
  31.                         Phone, 
  32.                         Company, 
  33.                         Address, 
  34.                         City, 
  35.                         State, 
  36.                         Zip,
  37.                         Country,
  38.                         Other,
  39.                      UserReferedFrom,
  40.                         InterestedIn ) 
  41.  
  42. values (    @iFirstName,
  43.             @iLastName,
  44.             @iTitle,
  45.             @iEmail,
  46.             @iPhone,
  47.             @iCompany,
  48.             @iAddress,
  49.             @iCity,
  50.             @iState,
  51.             @iZip,
  52.             @iCountry,
  53.             @iOther,
  54.             @iUserReferedFrom,
  55.             @iInterestedIn) 
  56.  


and here is modified HTML, I have tried using naming convention sugguested by you and label instead of <b>
Expand|Select|Wrap|Line Numbers
  1. <asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" Runat="Server">
  2. <div>
  3. <h3>
  4. </h3>
  5. <asp:ValidationSummary ID="valSum" runat="server" HeaderText="You must enter a valid value in the following fields:"
  6. DisplayMode="SingleParagraph" Font-Names="verdana" Font-Size="12" />
  7. <br />
  8. <br />
  9. <!-- sign-in -->
  10. <table border="0" width="600">
  11. <tr>
  12. <td colspan="3">
  13. &nbsp;</td>
  14. </tr>
  15. <tr>
  16. <td align="right" style="width: 171px">
  17. <label id="lblFname" style="font-weight:bold">First Name*:</label>
  18. </td>
  19. <td>
  20. <asp:TextBox ID="txtfn" MaxLength="50" Width="200px" runat="server" />
  21. </td>
  22. <td>
  23. <asp:RequiredFieldValidator ID="ReqValfn" ControlToValidate="txtfn" ErrorMessage="first name"
  24. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  25. *
  26. </asp:RequiredFieldValidator>
  27. </td>
  28. </tr>
  29. <tr>
  30. <td align="right" style="width: 171px">
  31. <label id="lblLname" style="font-weight:bold">Last Name*:</label>
  32. </td>
  33. <td>
  34. <asp:TextBox ID="txtln" MaxLength="50" Width="200px" runat="server" />
  35. </td>
  36. <td>
  37. <asp:RequiredFieldValidator ID="ReqValln" ControlToValidate="txtln" ErrorMessage="last name"
  38. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  39. *
  40. </asp:RequiredFieldValidator>
  41. </td>
  42. </tr>
  43. <tr>
  44. <td align="right" style="width: 171px">
  45. <label id="lblTitle" style="font-weight:bold">Title</label>
  46. </td>
  47. <td>
  48. <asp:TextBox ID="txtTitle" Width="200px" runat="server" MaxLength="50"/>
  49. </td>
  50. <td>
  51. </td>
  52. </tr>
  53. <tr>
  54. <td align="right" style="width: 171px">
  55. <label id="lblEmail" style="font-weight:bold">Email Address*:</label>
  56. </td>
  57. <td>
  58. <asp:TextBox ID="txtemail" Width="200px" MaxLength="50" runat="server" />
  59. </td>
  60. <td>
  61. <asp:RequiredFieldValidator ID="emailReqVal" ControlToValidate="txtemail" ErrorMessage="Email. "
  62. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  63. *
  64. </asp:RequiredFieldValidator>
  65. <asp:RegularExpressionValidator ID="emailRegexVal" ControlToValidate="txtemail" ErrorMessage="Email. "
  66. Display="Static" ValidationExpression="^[\w-]+@[\w-]+\.(com|net|org|edu|mil)$"
  67. Font-Names="Arial" Font-Size="11" runat="server">
  68. Not a valid e-mail address. Must follow email@host.domain.
  69. </asp:RegularExpressionValidator>
  70. </td>
  71. </tr>
  72. <tr>
  73. <td align="right" style="width: 171px">
  74. <label id="lblPhone" style="font-weight:bold">Phone*:</label>
  75. </td>
  76. <td>
  77. <asp:TextBox ID="txtphone" MaxLength="50" runat="server" />
  78. </td>
  79. <td>
  80. <asp:RequiredFieldValidator ID="phoneReqVal" ControlToValidate="txtphone" ErrorMessage="Phone. "
  81. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  82. *
  83. </asp:RequiredFieldValidator>
  84. <asp:RegularExpressionValidator ID="phoneRegexVal" ControlToValidate="txtphone" ErrorMessage="Phone. "
  85. ValidationExpression="(^x\s*[0-9]{5}$)|(^(\([1-9][0-9]{2}\)\s)?[1-9][0-9]{2}-[0-9]{4}(\sx\s*[0-9]{5})?$)"
  86. Display="Static" Font-Names="Arial" Font-Size="11" runat="server">
  87. Must be in form: (XXX) XXX-XXXX
  88. </asp:RegularExpressionValidator>
  89. </td>
  90. </tr>
  91. <tr>
  92. <td align="right" style="width: 171px">
  93. <label id="lblCompany" style="font-weight:bold">Company*:</label>
  94. </td>
  95. <td>
  96. <asp:TextBox ID="txtcompany" MaxLength="50" Width="200px" runat="server" />
  97. </td>
  98. <td>
  99. <asp:RequiredFieldValidator ID="ReqValCompany" ControlToValidate="txtcompany" ErrorMessage="company"
  100. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  101. *
  102. </asp:RequiredFieldValidator>
  103. </td>
  104. </tr>
  105. <tr>
  106. <td align="right" style="width: 171px">
  107. <label id="lblAddress" style="font-weight:bold">Address:</label>
  108. </td>
  109. <td>
  110. <asp:TextBox ID="txtAddress" Width="200px" runat="server" TextMode="MultiLine" MaxLength="255"/>
  111. </td>
  112. <td>
  113. <asp:RequiredFieldValidator ID="AddressReqVal" ControlToValidate="txtAddress" ErrorMessage="address"
  114. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  115. *
  116. </asp:RequiredFieldValidator>
  117. </td>
  118. </tr>
  119. <tr>
  120. <td align="right" style="width: 171px">
  121. <label id="lblCity" style="font-weight:bold">City:</label>
  122. </td>
  123. <td>
  124. <asp:TextBox ID="txtCity" Width="200px" runat="server" MaxLength="50"/>
  125. </td>
  126. <td>
  127. <asp:RequiredFieldValidator ID="CityReqVal" ControlToValidate="txtCity" ErrorMessage="city"
  128. Display="Dynamic" Font-Names="Verdana" Font-Size="12" runat="server">
  129. *
  130. </asp:RequiredFieldValidator>
  131. </td>
  132. </tr>
  133. <tr>
  134. <td align="right" style="width: 171px">
  135. <label id="lblState" style="font-weight:bold">State:</label>
  136. </td>
  137. <td>
  138. <asp:TextBox ID="txtState" Width="30px" MaxLength="2" runat="server" />&nbsp;
  139.  
  140. <label id="lblZip" style="font-weight:bold">Zip Code:</label>&nbsp;
  141. <asp:TextBox ID="txtZip" Width="60px" MaxLength="5" runat="server" />
  142. </td>
  143. <td>
  144. <asp:RegularExpressionValidator ID="ZipRegVal" ControlToValidate="txtZip"
  145. ErrorMessage="Zip Code. " ValidationExpression="^\d{5}$" Display="Static" Font-Names="Arial"
  146. Font-Size="11" runat="server">
  147. Zip code must be 5 numeric digits
  148. </asp:RegularExpressionValidator>
  149. </td>
  150. </tr>
  151. <tr>
  152. <td align="right" style="width: 171px">
  153. <label id="lblCountry" style="font-weight:bold">Country:</label>
  154. </td>
  155. <td>
  156. <asp:DropDownList ID="country" runat="server">
  157. <asp:ListItem></asp:ListItem>
  158.  
  159.  
  160. <asp:ListItem>Argentina</asp:ListItem>
  161. <asp:ListItem>Australia </asp:ListItem>
  162. <asp:ListItem>Austria </asp:ListItem>
  163. <asp:ListItem>Bahamas </asp:ListItem>
  164. <asp:ListItem>Belgium </asp:ListItem>
  165. <asp:ListItem>Brazil </asp:ListItem>
  166. <asp:ListItem>Bolivia</asp:ListItem> 
  167. <asp:ListItem>Canada </asp:ListItem>
  168. <asp:ListItem>Chile</asp:ListItem>
  169. <asp:ListItem>China</asp:ListItem>
  170. <asp:ListItem>Colombia</asp:ListItem>
  171. <asp:ListItem>Costa Rica </asp:ListItem>
  172. <asp:ListItem>Croatia </asp:ListItem>
  173. <asp:ListItem>Cuba </asp:ListItem>
  174. <asp:ListItem>Denmark</asp:ListItem>
  175. <asp:ListItem>Ecuador</asp:ListItem>
  176. <asp:ListItem>Egypt</asp:ListItem>
  177. <asp:ListItem>El Salvador </asp:ListItem>
  178. <asp:ListItem>Finland </asp:ListItem>
  179. <asp:ListItem>France </asp:ListItem>
  180. <asp:ListItem>Germany </asp:ListItem>
  181. <asp:ListItem>Greece </asp:ListItem>
  182. <asp:ListItem>Guatemala </asp:ListItem>
  183. <asp:ListItem>Honduras </asp:ListItem>
  184. <asp:ListItem>Honk Kong</asp:ListItem>
  185. <asp:ListItem>Iceland </asp:ListItem>
  186. <asp:ListItem>India </asp:ListItem>
  187. <asp:ListItem>Ireland </asp:ListItem>
  188. <asp:ListItem>Israel </asp:ListItem>
  189. <asp:ListItem>Italy </asp:ListItem>
  190. <asp:ListItem>Jamaica </asp:ListItem>
  191. <asp:ListItem>Japan </asp:ListItem>
  192. <asp:ListItem>Luxembourg </asp:ListItem>
  193. <asp:ListItem>Mexico </asp:ListItem>
  194. <asp:ListItem>Morocco </asp:ListItem>
  195. <asp:ListItem>Netherlands </asp:ListItem>
  196. <asp:ListItem>New Zealand </asp:ListItem>
  197. <asp:ListItem>Nigeria </asp:ListItem>
  198. <asp:ListItem>Norway </asp:ListItem>
  199. <asp:ListItem>Paraguay </asp:ListItem>
  200. <asp:ListItem>Peru </asp:ListItem>
  201. <asp:ListItem>Poland </asp:ListItem>
  202. <asp:ListItem>Portugal </asp:ListItem>
  203. <asp:ListItem>Russia </asp:ListItem>
  204. <asp:ListItem>Saudi Arabia </asp:ListItem>
  205. <asp:ListItem>South Africa</asp:ListItem>
  206. <asp:ListItem>Spain </asp:ListItem>
  207. <asp:ListItem>Sweden </asp:ListItem>
  208. <asp:ListItem>Switzerland </asp:ListItem>
  209. <asp:ListItem>Taiwan </asp:ListItem>
  210. <asp:ListItem>Turkey</asp:ListItem>
  211. <asp:ListItem>United Kingdom </asp:ListItem>
  212. <asp:ListItem>United States </asp:ListItem>
  213. <asp:ListItem>Uruguay </asp:ListItem>
  214. <asp:ListItem>Venezuela </asp:ListItem>
  215. <asp:ListItem>Other </asp:ListItem>
  216. </asp:DropDownList>
  217. </td>
  218. <td>
  219. <asp:RequiredFieldValidator ID="countryReqVal" ControlToValidate="country" ErrorMessage="Country. "
  220. Display="Static" InitialValue="" Font-Names="Verdana" Font-Size="12" runat="server">
  221. *
  222. </asp:RequiredFieldValidator>
  223. </td>
  224. </tr>
  225.  
  226. <tr>
  227. <td align="right">
  228. <label id="lblInterest" style="font-weight:bold">I am interested in:</label>
  229. </td>
  230. <td>
  231. <asp:CheckBoxList ID="interest" runat="server" Width="208px" RepeatDirection="Horizontal">
  232. <asp:ListItem>Training</asp:ListItem>
  233. <asp:ListItem>Activity</asp:ListItem>
  234. <asp:ListItem>Learning</asp:ListItem>
  235. </asp:CheckBoxList>
  236. </td>
  237. <td>
  238.  
  239.  
  240. </td>
  241. </tr>
  242. <tr>
  243. <td align="right">
  244. <label id="lblSource" style="font-weight:bold">How did you hear about us</label>
  245. </td><td>
  246. <asp:RadioButtonList ID="source" runat="server">
  247. <asp:ListItem>Email</asp:ListItem>
  248. <asp:ListItem>Direct Mail</asp:ListItem>
  249. <asp:ListItem>Referral</asp:ListItem>
  250. <asp:ListItem>Publication</asp:ListItem>
  251. <asp:ListItem>Tradeshow</asp:ListItem>
  252. <asp:ListItem>Website Link</asp:ListItem>
  253. <asp:ListItem>Internet</asp:ListItem>
  254. </asp:RadioButtonList>
  255. <label id="lblOther" style="font-weight:bold">Other</label>
  256. <asp:TextBox ID="other" runat="server" MaxLength="50" />
  257. </td>
  258. </tr>
  259. </table>
  260. <br />
  261. <br />
  262. <input id="Submit1" runat="server" type="submit" value="Sign In" />
  263. <br />
  264. <br />
  265. </div>
  266. </asp:Content>
  267.  
Let me know how it looks and what needs to be done next

Thanks
Jun 21 '07 #27
TRScheel
638 Expert 512MB
You need to change one of two things, either add 'i' in front of your sqlparameters in c#, or take out the 'i's from the stored procedure.

Onto moving forward. Everything looks good, so we can begin the C# code. I prefer to move my sql code away from everything else, and place it into its own static class, but you can do it however you like. Some people believe that the sql code for updating a user, for instance, should reside within the user class. My belief is that the user class should have the capabilities of returning the information, but how it does it is pushed to another class so that a third class can use the same methodology. Up to you!


Well to the code. You will be using SqlConnection, SqlCommand, and IAsyncResult amongst other things. First you will define your SqlConnection, then your SqlCommand from your SqlConnection, and finally push the insert.

Psuedo code:

Expand|Select|Wrap|Line Numbers
  1. SqlConnection connection = null;
  2. SqlCommand command = null;
  3. IAsyncResult ar = null;
  4.  
  5. using(connection = new SqlConnection(....))
  6. {
  7.      using(command = new SqlCommand(<STORED_PROCEDURE_NAME>, connection))
  8.      {
  9.            /* Define within here the command type (stored procedure), add the parameters to command, and finally define any return values (you probably wont use any for this insert, unless you want to return the UserID).
  10.  
  11.                Once done with that, open the connection, I suggest creating a sqltransaction variable and initialize that to the begintransaction call, and set the command's transaction to that variable.
  12.  
  13.                Now you can start the insert. This can be done with calling BeginExecuteNonQuery and setting the return result to ar. Tell ar to wait one, and then call EndExecuteNonQuery. Finally, have transaction.commit called so that its set.
  14.  
  15.                All this is barring any error catching. You should probably encompass all BUT the variable declarations in a try / catch block that closes and disposes of all the objects that are not null, and if the catch was raised to set the transaction to rollback IF its not null.
  16.  
  17.                Finally, make sure that everything is closed up and disposed of EVEN if everything went well. This would be a good place for a finally block after the try / catch.
  18.             */
  19.      }
  20. }
  21.  
Jun 21 '07 #28
parshupooja
159 100+
I removed i from stored procedure.I didn't understand coding part. Could you please explaing in detail.

I will go your way, adding new class for sql. Let me know how to create a static class.

Thank You,


You need to change one of two things, either add 'i' in front of your sqlparameters in c#, or take out the 'i's from the stored procedure.

Onto moving forward. Everything looks good, so we can begin the C# code. I prefer to move my sql code away from everything else, and place it into its own static class, but you can do it however you like. Some people believe that the sql code for updating a user, for instance, should reside within the user class. My belief is that the user class should have the capabilities of returning the information, but how it does it is pushed to another class so that a third class can use the same methodology. Up to you!


Well to the code. You will be using SqlConnection, SqlCommand, and IAsyncResult amongst other things. First you will define your SqlConnection, then your SqlCommand from your SqlConnection, and finally push the insert.

Psuedo code:

Expand|Select|Wrap|Line Numbers
  1. SqlConnection connection = null;
  2. SqlCommand command = null;
  3. IAsyncResult ar = null;
  4.  
  5. using(connection = new SqlConnection(....))
  6. {
  7.      using(command = new SqlCommand(<STORED_PROCEDURE_NAME>, connection))
  8.      {
  9.            /* Define within here the command type (stored procedure), add the parameters to command, and finally define any return values (you probably wont use any for this insert, unless you want to return the UserID).
  10.  
  11.                Once done with that, open the connection, I suggest creating a sqltransaction variable and initialize that to the begintransaction call, and set the command's transaction to that variable.
  12.  
  13.                Now you can start the insert. This can be done with calling BeginExecuteNonQuery and setting the return result to ar. Tell ar to wait one, and then call EndExecuteNonQuery. Finally, have transaction.commit called so that its set.
  14.  
  15.                All this is barring any error catching. You should probably encompass all BUT the variable declarations in a try / catch block that closes and disposes of all the objects that are not null, and if the catch was raised to set the transaction to rollback IF its not null.
  16.  
  17.                Finally, make sure that everything is closed up and disposed of EVEN if everything went well. This would be a good place for a finally block after the try / catch.
  18.             */
  19.      }
  20. }
  21.  
Jun 21 '07 #29
TRScheel
638 Expert 512MB
I removed i from stored procedure.I didn't understand coding part. Could you please explaing in detail.

I will go your way, adding new class for sql. Let me know how to create a static class.

Thank You,
A static class is just a class that has all its members flagged as 'static'. Its best used a class that doesnt make sense to have instances of running around. An example would be a sql utilities class. It cannot be created, as it is always there, hence it is static.

Expand|Select|Wrap|Line Numbers
  1. public static class MyClass
  2. {
  3. // No constructor: It will flag an error if you try to create a constructor
  4.  
  5. // Put functions in here, but flag them static
  6.       public static void MyFunction() { }
  7. }
  8.  
As far as the code is concerned, what we are doing is creating a function to converse with your sql server. We have the connection and the command variables in a using block so that they are closed, and in the try catch block so that in case of error, we know they are closed. This is important so that we can make sure we handle any weird errors that might happen in an effort to make sure we dont send erroneous information to your server.

Go ahead and get that section of code up, and we will continue.
Jun 25 '07 #30

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

6 posts views Thread by Kevin Ingram | last post: by
16 posts views Thread by Hosh | last post: by
reply views Thread by Benjamin Bittner | last post: by
5 posts views Thread by timothy.pollard | last post: by
27 posts views Thread by Chris | last post: by
5 posts views Thread by keeps21 | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.