|
Before you start moving on to levels and rules, you have got to fix that first - it's very bad code.
1) Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.
When you concatenate strings, you cause problems because SQL receives commands like:
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood' The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable; Which SQL sees as three separate commands:
SELECT * FROM MyTable WHERE StreetAddress = 'x'; A perfectly valid SELECT
DROP TABLE MyTable; A perfectly valid "delete the table" command
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.
So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
2) Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
3) Don't hardcode connections strings. If you do, then you have to change your code and rebuild for release, and potentially for every different installation. Use a configuration file instead, so it;s easy to update without changing your code.
4) Don't use SELECT * FROM ... - always name the columns you want to return. In this case, SELECT COUNT(User) FROM ... would have been sufficient. You are returning information you already have and that's wasteful. It's not a problem right now, but it will be in "real world" apps so it's worth getting into the habit of doing it correctly from the beginning.
5) Don't use a DataAdapter to return a single piece of info: use ExecuteScalar instead, which returns a single value.
When you have fixed that lot, then think about moving forward.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Message Removed
modified 25-Mar-19 2:55am.
|
|
|
|
|
I am trying to read response from Posnet fiscal printer.
Sending commands works fine, but nothing works for read (I tried various solutions).
See C# code below:
using System.IO.Ports;
string portname = "COM10";
_serialPort = new SerialPort(portname, 9600, Parity.None, 8, StopBits.One);
_serialPort.Open();
var cmd = Komendy.CmdOdczytZegaraRTC();
_serialPort.WriteLine(cmd);
var response = _serialPort.ReadLine(); :mad: does not work!
_serialPort.Close();
I tried also to use several types of
_serialPort.DataReceived += new SerialDataReceivedEventHandler(SerialPort_DataReceived);
Can anyone help, please?
|
|
|
|
|
Hi,
writing to a serial port is the easy part; reading from it can be much more difficult.
ReadLine() will return only once the line terminator is received; it equals <cr> or <cr><lf> (may depend on your system), or could be whatever your SerialPort.NewLine property has been set to. So if your peripheral never sends the matching terminator, ReadLine will hang indefinitely.
[Added:] ReadLine also only returns a single line of text, so if there is some data (maybe even an empty line, i.e. just a line terminator) already in the Windows buffer, then ReadLine will return that old or empty line...
FYI, I don't trust the defaults of the SerialPort class, I tend to set things explicitly just to make sure they are what I want them to be.
My debug suggestion:
If what the peripheral is expected to send is printable text, then you might experiment with some delay, say Thread.Sleep(1000), followed by ReadExisting(). That would show you what is received in that one second.
If the peripheral speaks in binary code, you must use binary reads, i.e. the Read() method.
Using Thread.Sleep probably doesn't fit well in your application, so the final approach may require something else, probably a separate thread. I often use a BackgroundWorker for dealing with serial input!
modified 21-Mar-19 21:51pm.
|
|
|
|
|
From previous experience with Serial Ports Thread.Sleep(X) is the route to a locked form, background workers are the way...
|
|
|
|
|
I have an input box allows users to input decimal numbers.
My problem right now as I can't handle and restrict the Decimal values which only allows 2 decimal point only. "##.##" and "#.##"
When users put the invalid numbers it will remove the newly inputted value ex 11.999 it will become 11.99 while typing.
Anyone already implemented these rules? If Yes, Can someone share their techniques on how to implement this validation?
The only number allowed and acceptable values are between -100.00 to 200.00
The valid values for example are
-1.9
-1.90
-99.99
199.99
1
1.5
the invalid values for example are
-1.9.99
-99.999
199.999
201
1
1.5
|
|
|
|
|
The best solution is to use a NumericUpDown control[^] instead of a textbox. It does all that for you already...
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
We use something like the code below for a WinForms TextBox control, and I imagine it could be adapted to anything with a KeyPress or similar event.
private void TextBox_KeyPress(object sender, KeyPressEventArgs e)
{
var control = sender as TextBox;
if (control != null && !char.IsControl(e.KeyChar))
{
string testString = control.Text.Substring(0, control.SelectionStart) + e.KeyChar +
control.Text.Substring(control.SelectionStart + control.SelectionLength);
e.Handled = !ValueIsNumeric(testString, 5, 2, -100.00, 200.00, true, true);
}
}
private bool ValueIsNumeric(string testString, int precision, int scale, decimal? minValue,
decimal? maxValue, bool allowNegativeValues, bool allowNullValues)
{
bool result = false;
if (precision < 0)
{
precision = 0;
}
if (scale < 0)
{
scale = 0;
}
if ((precision - scale) < 0)
{
precision = 0;
scale = 0;
}
if (string.IsNullOrWhiteSpace(testString))
{
if (allowNullValues)
{
result = true;
}
}
else
{
bool checkDefinitionMinMax = true;
int periodIndex = testString.IndexOf('.');
if (periodIndex >= 0)
{
if (scale > 0)
{
if (testString.Substring(periodIndex + 1).Length > scale)
{
checkDefinitionMinMax = false;
}
}
else
{
checkDefinitionMinMax = false;
}
}
decimal value = 0;
if (checkDefinitionMinMax && decimal.TryParse(testString, out value))
{
decimal maxDefinitionValue = decimal.Parse(string.Empty.PadLeft(precision, '9'));
if (scale > 0)
{
string p = string.Empty.PadLeft(precision - scale, '9');
string s = string.Empty.PadLeft(scale, '9');
maxDefinitionValue = decimal.Parse(string.Format("{0}.{1}", p, s));
}
decimal minDefinitionValue = 0;
if (allowNegativeValues)
{
minDefinitionValue = maxDefinitionValue * -1;
}
if (value >= minDefinitionValue && value <= maxDefinitionValue)
{
if (minValue.HasValue | maxValue.HasValue)
{
if (minValue.HasValue & maxValue.HasValue)
{
if (value >= minValue.Value && value <= maxValue.Value)
{
result = true;
}
}
else if (minValue.HasValue)
{
if (value >= minValue.Value)
{
result = true;
}
}
else if (maxValue.HasValue)
{
if (value <= maxValue.Value)
{
result = true;
}
}
}
else
{
result = true;
}
}
}
}
return result;
}
|
|
|
|
|
On the one hand, I think developing step-by-step solutions for problems like this is a valuable educational experience for C# students that gets them familiar with character input, the Char Type, and the Switch statement; from another POV, it's something those familiar with RegEx can do relatively easily, and much more succinctly. And, as others have pointed out, can be handled by the NumericUpDown Control.
Left for you to do in the following example is implementing code to limit the range of legal input values: I would do that by handling either the Leave Event, or by handling the Enter Keydown, or, at the cost of more computation, the TextChanged Event. Think about whether at some point you want to notify the user the input value is invalid.
Usually ... users expect the Enter and Tab Keys to do something: think about that.
I suggest you sub-class a TextBox, and handle the character input like this:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Linq;
using System.Windows.Forms;
namespace FourFormUI
{
[ToolboxItem(true)]
public partial class DoubleTextBox : TextBox
{
public DoubleTextBox()
{
InitializeComponent();
}
private bool delimiterSeen = false;
private const char delimiter = '.';
private const char backspace = '\b';
private const char minus = '-';
private string AllowedChars = ".-\b01234567890";
private List<char> allowedChars;
private int postDelimiterLimit = 3;
public DoubleTextBox(IContainer container)
{
container.Add(this);
InitializeComponent();
allowedChars = AllowedChars.ToCharArray().ToList();
}
private void DoubleTextBox_KeyPress(object sender, KeyPressEventArgs e)
{
var ch = e.KeyChar;
if (!allowedChars.Contains(ch))
{
e.Handled = true;
return;
}
switch (ch)
{
case delimiter:
{
if (delimiterSeen)
{
e.Handled = true;
return;
}
delimiterSeen = true;
break;
}
case backspace:
{
delimiterSeen = Text.Contains(delimiter);
break;
}
case minus:
{
if (this.SelectionStart != 0)
{
e.Handled = true;
return;
}
break;
}
default:
{
if (delimiterSeen)
{
int delimiterpos = Text.IndexOf(delimiter);
if (this.SelectionStart > delimiterpos)
{
if (Text.Length - delimiterpos > postDelimiterLimit)
{
e.Handled = true;
return;
}
}
}
break;
}
}
}
}
}
«Where is the Life we have lost in living? Where is the wisdom we have lost in knowledge? Where is the knowledge we have lost in information?» T. S. Elliot
|
|
|
|
|
Rap Gutierrez wrote: When users put the invalid numbers it will remove the newly inputted value ex 11.999 it will become 11.99 while typing.
Just noting that in terms of business use that is probably overkill. Validate the input, tell them what value is wrong, but don't try to auto-correct (for one thing how do you know for sure that the modified form is what they really wanted.)
|
|
|
|
|
jschell wrote: Validate the input, tell them what value is wrong By preventing the entry of "illegal characters" you avoid this.jschell wrote: don't try to auto-correct ( ditto.
By weeding out spurious entry, and constraining entry, you are avoiding confusing the user, particularly the naive user. You are also training them to use the input ui properly.
«Where is the Life we have lost in living? Where is the wisdom we have lost in knowledge? Where is the knowledge we have lost in information?» T. S. Elliot
|
|
|
|
|
please am a beginner in programing and i want the guidelines for preparing project work matrix in c# language.thank you
|
|
|
|
|
I have no idea what you're talking about.
If you're just learning programming, learning the language would probably be a lot better than trying to whatever you're talking about in some kind of "matrix".
|
|
|
|
|
I'm sorry, but that is a meaningless question - there are no "guidelines" that fit everything.
Sit down, think about what you have to do and try to work out what it is that you can't do, and describe that. We really can't help you based on "guidelines for preparing project work matrix in c# language" because it doesn't tell us anything at all about where you are stuck!
Start by explaining where you are at the moment, and what the next step in the process is. Then tell us what you have tried to get that next step working, and what happened when you did.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
You have posted some days ago to a similar question (I don't find it in the moment - perhaps Q&A) something like :
- design the UI
- ...
I think that could be a "useful" answer to this "question" ...
|
|
|
|
|
|
|
Here de link: Re: c# - C# Discussion Boards[^]
Juist right click the title, and select "Copy link address" (In Chrome, may be slightly different in Firefox, and probably needs the Microsoft Store, four reboots, and a UWP app in Edge)
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Member 14190267 wrote: project work matrix
Googling on that suggests that you are asking about a management task and not a coding task.
If so then this is the wrong place. And if that then in general no one can tell you how to do that since it depends on the actual work to be done.
|
|
|
|
|
Hello,
I want to quantization the value of HSV color using Non-equal Intervals with C#, I made a search but found nothing
I need a source code/pseudocode for that method
any help will be appreciated
Thanks
|
|
|
|
|
We are more than willing to help those that are stuck: but that doesn't mean that we are here to do it all for you! We can't do all the work, you are either getting paid for this, or it's part of your grades and it wouldn't be at all fair for us to do it all for you.
So we need you to do the work, and we will help you when you get stuck. That doesn't mean we will give you a step by step solution you can hand in!
And just asking for the code doesn't win you any friends...
Start by explaining where you are at the moment, and what the next step in the process is. Then tell us what you have tried to get that next step working, and what happened when you did.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
You will find lots of detailed explanations of HSV colour on the internet. Writing the C# code to perform actions on the values is your task.
|
|
|
|
|
The code is as follows,Set to file p
try
{
if (AvCoBox.SelectedIndex < 0) return;
MainCamera.SetSetting(PropertyID.Av, AvValues.GetValue(AvCoBox.Text).IntValue);
}
catch (Exception ex) { ReportError(ex.Message, false); }
|
|
|
|
|
Please don't repost if your question does not appear immediately: all of these went to moderation and required a human being to review them for publication. In order to prevent you being kicked off as a spammer, both had to be accepted, and then I have to clean up the spares. Have a little patience, please!
I've deleted the "extras" and kept the one with code.
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
What's in "AvCoBox.Text"? How can you be sure it has a valid value when you don't even bother checking it before firing it off?
"(I) am amazed to see myself here rather than there ... now rather than then".
― Blaise Pascal
|
|
|
|
|