|
|
... and if you follow that advice your entire system is open to every hacker in the world.
|
|
|
|
|
yes you are right Richard.
always use parameterized query. i used this code for my college project. so i wrote like this. my suggestion also go with parameterized query to protect from sql injection.
|
|
|
|
|
And you are also storing passwords in clear text, one of the most dangerous things to do. It does not matter that you are doing this as a college project. Do it right first time and you are less likely to fall into these traps when you are doing it for real. Quite frankly if you offered that as a sample of your work in a job interview you would be discounted immediately.
|
|
|
|
|
Ya Kind of it make sense...
|
|
|
|
|
Everything about that is just so wrong.
|
|
|
|
|
Please tell me you know why this is wrong. Have a read up about subjects like SQL injection and security best practices.
This space for rent
|
|
|
|
|
|
|
Message Removed
modified 12-Feb-18 10:02am.
|
|
|
|
|
i am working with webgrid to show data in tabular format in edit mode. when my application is running then textboxes appear in tabular format with data. when user change existing data in textbox and submit button clicked then my server side action is getting called but no data is passing there which causes my
List<UserModel> oUserModel is always null
here i am pasting my view and action code.
view code
-------------
@model List<MVCCRUDPageList.Controllers.UserModel>
@using (Html.BeginForm(null,null,FormMethod.Post))
{
var grid = new WebGrid(Model);
var rowNum = 0;
<div id="gridContent" style=" padding:20px; ">
@grid.GetHtml(
tableStyle: "table",
alternatingRowStyle: "alternate",
selectedRowStyle: "selected",
headerStyle: "header",
columns: grid.Columns
(
grid.Column(null, null, format: @<input type="hidden" name="IDHidden" value="rowNum + 1" />),
grid.Column("First Name",
style: "col2",
format: @<text>
@Html.TextBox("UserModel[" + (rowNum - 1).ToString() + "].FirstName", (object)item.FirstName)
</text>),
grid.Column("Last Name",
style: "col2",
format: @<text>
@Html.TextBox("UserModel[" + (rowNum - 1).ToString() + "].LastName", (object)item.LastName)
</text>)
))
</div>
<input type="submit" name="SaveButton" value="Save" />
}
Action code
---------------
public class WebGridEditableController : Controller
{
public ActionResult Index()
{
List<UserModel> users = UserModel.getUsers();
return View(users);
}
[HttpPost]
public ActionResult Index(List<UserModel> oUserModel)
{
return View(oUserModel);
}
}
public class UserModel
{
public int ID { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public static List<UserModel> getUsers()
{
List<UserModel> users = new List<UserModel>()
{
new UserModel (){ ID=1, FirstName="Anubhav", LastName="Chaudhary" },
new UserModel (){ ID=2, FirstName="Mohit", LastName="Singh" },
new UserModel (){ ID=3, FirstName="Sonu", LastName="Garg" },
new UserModel (){ ID=4, FirstName="Shalini", LastName="Goel" },
new UserModel (){ ID=5, FirstName="James", LastName="Bond" },
};
return users;
}
}
please highlight what mistake i have made there which preventing tabular data to pass to server side action.
thanks
|
|
|
|
|
Is it possible to get the maximum space for editor’s window without giving up the VS window ?
|
|
|
|
|
NOt really clear what you're asking for....
...but you might do better to remove your post from here (to avoid double-posting) and posting instead in the Visual Studio forum[^].
|
|
|
|
|
i am curious to know can we pass column name dynamically for where clause.
see a screen shot for searching grid. here is my link [^]
i just got a sample query. please tell me does it work?
public ActionResult Index(String ColumnName,String SearchText)
{
private CustomersEntities db = new CustomersEntities();
var customer = (from s in db.Customers
select new CustomerDTO
{
CustomerID = s.CustomerID,
CompanyName = s.CompanyName,
ContactName = s.ContactName,
ContactTitle = s.ContactTitle,
Address = s.Address
})
.Where(s => s.Field<string>(ColumnName).ToUpper().Contains(SearchText.ToUpper());
return View(customer);
}
most of the time i mention column name when search with EF like this way
var query = from s in db.Customers select s;
if (ColumnName == "CompanyName")
{
query = query.Where(c => c.CompanyName == SearchText);
}
else if (ColumnName == "ContactName")
{
query = query.Where(c => c.ContactName == SearchText);
}
see my screen shot link then you can understand what kind of UI i have to develop. user will select column name from dropdown and put value for search textbox. so when user will hint search button then search need to be done on selected column name. i may have 100 column names in dropdown and it will be huge code if i do it with if..else fashion as i mention here with sample code.
so tell me how could i reduce code for searching where column name will be passed.
looking forward for help and suggestion.
thanks
|
|
|
|
|
|
thanks for pushing me to right article.
|
|
|
|
|
|
see the below example and tell me why they use .AsEnumerable() before select ?
they could use select directly.....is not it?
tell me the intention of usage of .AsEnumerable() here in below query?
why they use .ToArray(); instead of Tolist() ?
private IEnumerable<AutoCompleteData> GetAutoCompleteData(string searchTerm)
{
using (var context = new AdventureWorksEntities())
{
var results = context.Products
.Include("ProductSubcategory")
.Where(p => p.Name.Contains(searchTerm)
&& p.DiscontinuedDate == null)
.AsEnumerable()
.Select(p => new AutoCompleteData
{
Id = p.ProductID,
Text = BuildAutoCompleteText(p)
})
.ToArray();
return results;
}
}
|
|
|
|
|
From where did you copied the code, check with the source. You can learn these constructs to find the difference it will give you an idea which one will be better to use in scenarios.
modified 20-Sep-20 21:01pm.
|
|
|
|
|
it will be helpful if you can explain .AsEnumerable() usage along with EF query with a small example. thanks
|
|
|
|
|
This is one of those places where the documentation can be invaluable. The answer to your question lies in the Enumerable.AsEnumerable(TSource) Method documentation in the remarks area.
...the AsEnumerable<TSource> method can be used to hide the custom methods and instead make the standard query operators available.
So, in your snippet the coder wants to make sure that the IEnumerable.Select method is called rather than any other method named "Select" on the object. This is generally to provide compile-time safety to code where ambiguities might crop up. You see this sort of sanity check a lot in code that will accept dynamics or generics.
As to your second question: always use ToArray() for immutable collections. It has less overhead and is generally more efficient if you're providing collections that won't be modified (add or remove items) later within your application.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
I am attempting to download a csv file from Azure container blob, read and load it to a dataset and then bind it to the radgrid.
I can download the data and set it to a string (the sample data is listed below) but not sure how to load it to the dataset.
When I load the data to a stream and then try to load it to a dataset, I received the following error: "Data at the root level is invalid. Line 1, position 1."
Here is a sample of the Data that is in the file ( I also tried it with no hdr record, same results...)
DeptCode,DeptName,AccountCode,Description,Qty,Expense
1001,Presidents,6220,FT Senior Administrator,1,126000
1001,Presidents,6221,FT Professional Staff,1,105050
1001,Presidents,6300,FT Administrative,1,60000
1001,Presidents,6425,FT Technical/Paraprofessional,1,70000
1001,Presidents,6426,PT Technical/Paraprofessional,1,32000
Here is my source code....
// Retrieve storage account from connection string.
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(ConfigurationManager.ConnectionStrings["StorageConnectionString"].ConnectionString);
// Create the blob client.
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
// Retrieve reference to a previously created container.
CloudBlobContainer container = blobClient.GetContainerReference("hsc2");
// Retrieve reference to a blob named "myblob".
CloudBlockBlob blockBlob = container.GetBlockBlobReference(FileUpload1.FileName);
//...Create or overwrite the "myblob" blob with contents from a local file.
using (var memoryStream = new MemoryStream())
{
blockBlob.DownloadToStream(memoryStream);
memoryStream.Position = 0;
StreamReader streamReader = new StreamReader(memoryStream);
//String blobText = streamReader.ReadToEnd();
DataSet ds1 = new DataSet();
ds1.ReadXml(streamReader);
RadGrid1.DataSource = ds1;
RadGrid1.DataBind();
RadGrid1.Rebind();
}
|
|
|
|
|
How to add a Nuget Package Using dotnet add
|
|
|
|
|
|
I am trying to open a csv file and do some formatting.
****
Private Sub Button1_Click(sender As Object, e As RibbonControlEventArgs) Handles Button1.Click
Dim myexcel As New Excel.Application
Dim myworkbook As Excel.Workbook
Dim foldername As String
foldername = "C:\SplitFiles\"
Dim path1 As String
Dim path2 As String()
If Directory.Exists(foldername) Then path2 = Directory.GetFiles(foldername)
For Each path1 In path2
If File.Exists(path1) Then
MsgBox(path1)
myworkbook = myexcel.Workbooks.Open(path1, Format:=6, Delimiter:=",", Editable:=True)
myworkbook.Activate()
End If
Next path1
End Sub
End Class
the csv file does not open..
|
|
|
|
|