XML configuration in ASP.NET

Question

0.00/5 (No votes)

See more:

The xml configuration file is containing the SQL queries to be used to display the data on the web page.There are 3 tables in the DB. What is the best way of achieving it?

XML

<?xml version="1.0" encoding="UTF-8"?>

-<grid table="Declaration">

<primary_key>DeclarationGUID</primary_key>

<query> SELECT DeclarationGUID, SequenceNum, AcceptanceDate, CommercialRefNum, DeclarantId, DeclarantPostalCode, DeclarantAddressLine1 + DeclarantAddressLine2 AS DeclarantAddress, DeclarantCity, DeclarantRegion, DeclarantCountry FROM Declaration </query>


-<grid table="GoodsItem">

<foreign_key>DeclarationGUID</foreign_key>

<primary_key>GoodsItemGUID</primary_key>

<query> SELECT DeclarationGUID, GoodsItemGUID, SequenceNum, CommodityCode, NetWeight, GrossWeight, DescriptionOfGoods FROM GoodsItem WHERE DeclarationGUID=@@DeclarationGUID@@ </query>


-<grid table="GoodsItemGUID">

<foreign_key>DeclarationGUID</foreign_key>

<foreign_key>GoodsItemGUID</foreign_key>

<primary_key>ContainerGUID</primary_key>

<query> SELECT DeclarationGUID, GoodsItemGUID, ContainerGUID, Identifier FROM GoodsItemContainer WHERE GoodsItemGUID=@@GoodsItemGUID@@ </query>

</grid>

</grid>

</grid>

Posted 28-Feb-15 3:39am

nikasvan

Add a Solution

Comments

John C Rayan 28-Feb-15 14:39pm

Why is it in xml file ? Did you look at objectdatasouce in asp.net.

nikasvan 28-Feb-15 15:48pm

I have an assignment to do and this is just the way they want to do it.

George Jonsson 28-Feb-15 23:33pm

Is this the actual XML file?
Looks like you have a recursive structure going on with a grid in a grid in a grid.
This might cause you problems if there are more tables.
Perhaps better to have a specific root element and then standalone grid items.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Afzaal Ahmad Zeeshan · Answer 1 · 2015-02-28T17:33:00

This is not the best way, or any way a good way of storing your application's actual business logic (the SQL queries) in an XML file, any user if able to bypass your authentication would easily be able to read the content of this file, and upon a single command of SQL Injection, he could possibly delete all of your data and/or delete the schema of your database. Too bad approach.

Another major thing that this is a bad way, is that it would require double time by your developers; if you're having a team. It would first require them to deserialize the XML into an object, and then using its nodes and members you should have to extract the string of commands and then execute them. Too much wastage of machine cycles.

A good way of doing this would be, to remember the foreign keys; a good developer must know how the schema of his database is defined. Secondly, the commands must be in your actual logic page; no where else. Since you're talking about ASP.NET. I would guide you to leave these methods and use MVC framework, which has a few patterns that you can use to secure your web application. You can read this article[^] to learn more on this framework.