|
Thanks for reply. Thanks for saying the code is aweful.
I want to link up data with my database. Exmaple: when user input their password & username. It will generated a check whether the data inputed is it same as the database.
|
|
|
|
|
Kristy Chan wrote: Thanks for saying the code is aweful.
SQL in the presentation layer is always bad, and so is your method of checking a username/password. Very insecure.
You didn't answer me - where is the error ? Does the code compile ?
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
here is the code for asps.cs
sing System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.OleDb;
public partial class _Default : System.Web.UI.Page
{
DBConnect Connect = new DBConnect();
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnlogin_Click(object sender, EventArgs e)
{
if (usernameTB.Text != "")
{
if (passwordTB.Text != "")
{
OleDbConnection mdb = new OleDbConnection();
OleDbCommand cmd;
OleDbDataReader rdr;
Connect.DBConnection(mdb);
mdb.Open();
string SQLinfo = "SELECT * FROM Customers WHERE cUserName = '" +
usernameTB.Text.ToUpper() + "'";
string SQLlog = "INSERT INTO Log (lName,lLogIn) " +
"VALUES (@UserName, @Date)";
cmd = new OleDbCommand(SQLinfo, mdb);
rdr = cmd.ExecuteReader();
while (rdr.Read())
{
if (passwordTB.Text == (string)rdr["cPassword"])
{
Session["sName"] = rdr["cName"];
Session["sUserName"] = rdr["cUserName"];
Session["sAddress"] = rdr["cCoAddress"];
Session["sCoContact"] = rdr["cCoContact"];
Session["sPIC"] = rdr["cPersonInCharge"];
Session["sPICContact"] = rdr["cPICContact"];
Session["sEmail"] = rdr["cEmail"];
Session["sFlag"] = "T";
rdr.Close();
cmd = new OleDbCommand(SQLlog, mdb);
cmd.Parameters.Add("@UserName", OleDbType.Char).Value = (string)Session["cUserName"];
cmd.Parameters.Add("@Date", OleDbType.Date).Value = DateTime.Now;
cmd.ExecuteNonQuery();
mdb.Close();
break;
}
else
{
rdr.Close();
mdb.Close();
usernameTB.Text = "";
passwordTB.Text = "";
Response.Write("<script>alert('Error signing in')</script>");
break;
}
}
mdb.Close();
}
}
}
protected void btnlogout_Click(object sender, EventArgs e)
{
OleDbConnection mdb = new OleDbConnection();
OleDbCommand cmd;
Connect.DBConnection(mdb);
string SQLlog = "UPDATE Log SET lLogOut = @Date WHERE lName = @Name";
cmd = new OleDbCommand(SQLlog, mdb);
cmd.Parameters.Add("@Date", OleDbType.Date).Value = DateTime.Now;
cmd.Parameters.Add("@Name", OleDbType.Char).Value = (string)Session["cUserName"];
mdb.Open();
cmd.ExecuteNonQuery();
mdb.Close();
}
There are 6 errors:
Error 1 The name 'usernameTB' does not exist in the current context(line 25)
Error 2 The name 'passwordTB' does not exist in the current context(line 28)
Other errors shown in line 36,43,65,66
Thanks
|
|
|
|
|
What is the point of the DBConnect class ? I ( again ) assume no-one is paying for this code ?
My other question - does the stuff in the aspx occur within the form tag ?
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
Okay. I deleted the DBConnect Connect = new DBConnect();
but it occured another error
" The name Connect does not exist in current context. (line 33 and 80)
It occured within the form tag.
|
|
|
|
|
Well, you use it in your code, I didn't say you need to delete it, I can see you're using it. I just asked where it comes from, because it seems kind of odd to me.
Perhaps you need to post all your aspx code, that's plainly where the error is.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
aspx code:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body style="font-size: 12pt" background="wedding.jpg">
<form id="form1" runat="server">
<div>
<span style="font-size: 16pt">Reservation System <br />
<asp:Image ID="Image1" runat="server" ImageUrl="~/logo.jpg" />
<asp:Image ID="Image2" runat="server" ImageUrl="~/2.jpg" Height="181px" Width="175px" /><br />
<br />
Existing Customer
<br />
<br />
</span>
</div>
<table>
<tr>
<td style="width: 100px; height: 26px">
<asp:Label ID="Label2" runat="server" Text="Username:"></asp:Label></td>
<td style="width: 154px; height: 26px">
<asp:TextBox ID="usernameTB" runat="server"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 100px">
|
|
|
|
|
If the rest of this closes at the bottom properly, then I'm not sure what the issue is. Try creating a brand new page, and then adding the controls and referencing them in code, then build the page a bit at a time and see if you can get it to work then, or if it breaks. That way, you can work out which part is breaking it, because it seems OK to me.
Is this homework ? You've dodged this question all along. It looks about the sort of poor standard I'd expect from an Indian outsourcing firm, but if that's what you are, you don't seem to be interested at all in my comments about how bad the code is and how it could be made better ?
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
oh. I am not in India. I am still a student whose in not good in programming. Since, you have raised up regarding "write a better codes" , can you give a suggestion for login funation with user name and password authenication?
|
|
|
|
|
Your SQL should live in a seperate dll, so that you can make sure that any method you need to write, you only write it once, and you have a central point to manage your database code.
For checking a login, you should write SQL like
select count(*) from username where username = @username and password = @password
The points are
1 - use parameterised queries ( I can't recall if you did )
2 - write SQL that doesn't ever place the password into memory, it just returns if the one you gave it was correct.
Of course, we can't learn it all at once, so perhaps your teacher will cover this sort of stuff a bit further down the line. That's why I said, if you're a student, the code is probably fine, but if it was going to be run in the real world, then there are issues.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
okay. Thank you for your help.
|
|
|
|
|
i create an online music listen website in asp.net with c#,in my site i want to play selected song in any flash player when we click a play button in grideview.please give me an appropriate answer.
|
|
|
|
|
What do you mean by 'any flash player' ? You need to embed a flash player in your site, and create links that play the song in that player.
I assume you own all this music ?
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
Christian Graus wrote: I assume you own all this music ?
ofcourse!
|
|
|
|
|
You wrote the music, or you own a record company ?
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
There are lots of free flash players available... U might embed them or you can create your own.
when player calls the server, buffer the song and play it in the player.
|
|
|
|
|
hi
I want in button_click create a text box and add to placeholder.
in fact, I want by each click add a textbox to my page.
how?
thanks
|
|
|
|
|
Use Javascript.. If you dont have any serverside code to run.
Create a textbox using Javascript :
function createTextBox()
{
var tb = document.createElement('input');
tb.id = new Date().getTime().toString().substr(5) + Math.floor(Math.random() * 100).toString() + '_dyntextbox';
tb.type = 'text';
document.appendChild(tb);
}
This will create a textbox dynamically in the document.
|
|
|
|
|
I have taken one datagrid to display the information of an employee(emp_ID,emp_name,emp_age,emp_add,emp_sal).suppose 10 record display in the datagrid.when i click on 5 record in datagrid then all particular record of tht datagrid will selecten in different textbox.i can click on any field employee.
|
|
|
|
|
amitamit099 wrote: when i click on 5 record in datagrid then all particular record of tht datagrid will selecten in different textbox
Question you are asking is not very clear . What you want to ask please make more clear to help you...
Let us know what exactly the problem you are facing.
|
|
|
|
|
hi,
I'm using web control : I have the rjs popcalendar control in a multiview control within an update panel
and it works correctly in some web pages and not correctly in other pages
despite of all pages that contain popcalendar are the same
why?how to solve this problem?
modified on Sunday, October 25, 2009 9:52 AM
|
|
|
|
|
If it works in some pages and not in others... there must be a reason for this. Check why it is not working... Inspect HTML to find out why it isnt working.
It is very hard to tell without actually using it... why it is not working. Also check if any javascript is missing in the page ...
|
|
|
|
|
I check javascript for pages, the pages are the same.what i can do?
what may cause this problem?there is any idea to solve the problem
|
|
|
|
|
i have a survey form, and anonymous can fill the form. i want one peapole can fill the form one time not more, with checking ip or other thing,
does any people have other idea?plz guid me
|
|
|
|
|
First of all, for every form fillup, store the IP of the client to the database. If the user comes again, it will be prompted the message "You have already filled up the Form"
But in that case, there is some problem... There are many organizations which uses common gateway server to connect to internet. If you outright stop it only using IP, you might loose other users using the same network in that organisation. So I would recommend, you should also place a browser cookie to the client which will determine that the user that filled up the form is in the same computer. (Provided your priority is to fill up most of the forms)
|
|
|
|