|
jds1207 wrote: so the same rows will not be inserted
so u don`t wan`t to insert anything...
jds1207 wrote: I just need to know how to not insert the same row twice
But now you are saying u need to insert it twice....
Pls be a bit more clear every time u post a question, otherwise u ll keep howling like a donkey...
|
|
|
|
|
This is how I am trying to get it. For example, If I insert a row into the database that have a department name HR and a username user.name and I try to insert another row that has the same department and username, the new row can't be inserted because the department and username already exists.
|
|
|
|
|
You could first select the record you are trying to insert. If you get something back, then you know it already exists.
I would also recommend that you research using a DataAdapter object which, if setup correctly, can help a lot with inserting, updating, deleting, etc. You could start your research with some of these articles.[^]
Hope this helps.
|
|
|
|
|
Read up on unique constraints.
Generally your database shouldn't let you insert "bad" data, so you enforce this with constraints. Then your UI probably should deal with the situation nicely, either by checking first, or handling the exception that gets thrown when you try to insert the second row.
|
|
|
|
|
--------------------------------------------------------------------------------
I have an 'edit' button in each row created by my repeater. The problem I'm having is none of the controls I have in my ItemTemplate will save their state.
Everything I've read said that controls listed in the template will automatically remember their view state. I can't even seem to get them to remember their state from one function to the next. Does DataBind() somehow wipe their state? Also, on a postback, why does the repeater call Repeater1_ItemCreated() twice for each item?
I've made a really simple test app and it still doesn't work. What do I need to do to get this to work? In this app I'm simply trying to get each row to remember if they are in edit mode.
Thanks,
RepeaterEditModeTest.aspx
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="RepeaterEditModeTest.aspx.vb" Inherits="HR_RepeaterEditModeTest" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Repeater ID="Repeater1" runat="server">
<HeaderTemplate>
<table>
</HeaderTemplate>
<ItemTemplate>
<tr>
<td id="rowItemRow" runat="server"></td>
<td>
<asp:LinkButton ID="cmdEdit" CommandName="Edit" runat="server">Edit</asp:LinkButton>
<asp:LinkButton ID="cmdSave" CommandName="Save" runat="server">Save</asp:LinkButton>
<asp:LinkButton ID="cmdCancel" CommandName="Cancel" runat="server">Cancel</asp:LinkButton>
</td>
</tr>
</ItemTemplate>
<FooterTemplate>
</table>
</FooterTemplate>
</asp:Repeater>
</div>
</form>
</body>
</html>
RepeaterEditModeTest.aspx.vb
Option Explicit On
Option Strict On
Imports System.Collections.Generic
Partial Class HR_RepeaterEditModeTest
Inherits System.Web.UI.Page
Public Data As New SortedList(Of String, Boolean)
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Data.Add("ABC", False)
Data.Add("DEF", False)
Data.Add("GHI", False)
Data.Add("JKL", False)
Repeater1.DataSource = Data
Repeater1.DataBind()
End Sub
Protected Sub Repeater1_ItemCreated(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.RepeaterItemEventArgs) Handles Repeater1.ItemCreated
If e.Item.ItemType = ListItemType.Item Or e.Item.ItemType = ListItemType.AlternatingItem Then
Dim cmdEdit As LinkButton = CType(e.Item.FindControl("cmdEdit"), LinkButton)
Dim cmdSave As LinkButton = CType(e.Item.FindControl("cmdSave"), LinkButton)
Dim cmdCancel As LinkButton = CType(e.Item.FindControl("cmdCancel"), LinkButton)
Dim kvp As KeyValuePair(Of String, Boolean) = CType(e.Item.DataItem, KeyValuePair(Of String, Boolean))
cmdEdit.CommandArgument = kvp.Key
cmdSave.CommandArgument = kvp.Key
cmdCancel.CommandArgument = kvp.Key
' this will only be true for one item and it'll be for the one clicked
Dim editMode As Boolean = kvp.Value
' this will get the other ones that are in edit mode
If cmdEdit.Attributes("EditMode") Is Nothing = False Then
If cmdEdit.Attributes("EditMode") = "Y" Then
editMode = True
End If
End If
' Adjust visibility of edit/save/cancel to reflect mode
If editMode Then
cmdEdit.Visible = False
cmdSave.Visible = True
cmdCancel.Visible = True
Else
cmdEdit.Visible = True
cmdSave.Visible = False
cmdCancel.Visible = False
End If
End If
End Sub
Protected Sub Repeater1_ItemCommand(ByVal source As Object, ByVal e As System.Web.UI.WebControls.RepeaterCommandEventArgs) Handles Repeater1.ItemCommand
Dim cmdEdit As LinkButton = CType(e.Item.FindControl("cmdEdit"), LinkButton)
If e.CommandName = "Edit" Then
Data(CStr(e.CommandArgument)) = True
cmdEdit.Attributes("EditMode") = "Y"
ElseIf e.CommandName = "Save" Then
Data(CStr(e.CommandArgument)) = False
cmdEdit.Attributes("EditMode") = "N"
ElseIf e.CommandName = "Cancel" Then
Data(CStr(e.CommandArgument)) = False
cmdEdit.Attributes("EditMode") = "N"
End If
Repeater1.DataSource = Data
Repeater1.DataBind()
End Sub
End Class
|
|
|
|
|
Hi all,
My site got hit with SQL injection attack, and I'm now looking for ways to ensure that this won't happen again.
Actually I thought I was pretty well covered against SQL injection attacks, but apparently I was wrong. One technique I've been using is when I pass ID's through querystring is to do something like this:
String strID = Request.QueryString["ID"];
if ( !String.IsNullOrEmpty( strID ) )
{
int nID = Convert.ToInt32( strID );
myDBWrapper.GetSomeData( nID );
}
public MyDataCollection GetSomeData( int nID )
{
String strSQL = String.Format( "SELECT * FROM MyData WHERE ID = {0}", nID );
}
Would you consider this code to be vulnerable? I'm aware of SQL parameters, and I use them in other circumstances, such as when inserting into tables. But I've always believed that it wasn't necessary in these situations, because the conversion to Int32 would fail if the Query String parameter did contain some malicious SQL statments.
Any comments?
Regards,
Daníel
Wenn ist das Nunstück git und Slotermeyer? Ja! Beierhund das oder die Flipperwaldt gersput!
|
|
|
|
|
This is my take on an injection attack
If you have a textbox which a user can enter data into and that textbox value is then used in a query which is written into your c# code (i.e. not a stored procedure) then you are at risk of attack unless you can filter their input.
To answer your question I'm not sure if the above code would be vunerable but my using the above methodology you might be able to work it out yourself
hope this helps
We are not a Code Charity
|
|
|
|
|
Yes, I'm using command parameters for all values which the user can enter.
Wenn ist das Nunstück git und Slotermeyer? Ja! Beierhund das oder die Flipperwaldt gersput!
|
|
|
|
|
...but bear in mind that input fields on web forms are not the only method a hacker has of passing data to your application - they can also use the QueryString and even cookie values, so if you utilise any of these you msu also validate them.
Basically, validate ANYTHING that gets passed to the database. Life is much easier if you don't allow HTML to be posted, but unfortunately a lot of clients want it nowadays... but, for example, no-one should ever be allowed to pass "<script" back...
|
|
|
|
|
Agreed. I'm aware of this.
What I wanted most was some advise on the initial code, i.e. if the approach described is vulnerable in some way. Any ideas?
Regards,
Daníel
Wenn ist das Nunstück git und Slotermeyer? Ja! Beierhund das oder die Flipperwaldt gersput!
|
|
|
|
|
Well I hope it is, as it's essentially what I do as well in such a case... basically, you have ensured that nothing but an integer can get passed to your query, so you should be safe...
|
|
|
|
|
I am showing one image initialy. Now I need to manipulate with image color and i am changing image color in same image and once again i m assigning the image source as same image name.Physically it is changing color and showing changed colored image on drive but on page it is not refreshing. I mean it is not showing that changed color image. If i assign some other image name to its source and put one alert msg and then i assign the same image name then it is showing that changed color image. i dont know why withou alert msg it is not showing that changed color image.
|
|
|
|
|
Ive found in the past that I have an image which I change in my file location but when I go to the webpage it didnt change. I deleted my cache and then it was updated. maybe try that.
Post back if that doesnt work
We are not a Code Charity
|
|
|
|
|
The image is cached in the browser, so reloading the image will only load it from the cache, not from the server.
You can add a querystring to the url that changes every time you reload the image. That way the url is different every time, and the browser has to get the image from the server.
Despite everything, the person most likely to be fooling you next is yourself.
|
|
|
|
|
SqlDataAdapter da = new SqlDataAdapter();
...
...
...
da.Update(tbl);
where tbl is DataTable object and it has records.
for above code I am passing some command
da.command=....
It has more than one insert query so if error occur in any one insert query then everything should be roll back from database.
how to maintain transaction in da.update(tbl) or any other option to roll back if error occur or da.update(tbl) itself not insert anything if error occur in anyone.
thanks
You get the best out of others when you give the best of yourself.
|
|
|
|
|
Hi, According to me this is possible through the Transaction Scope. Please a test with this.
using( TransactionScope tx = new TransactionScope()))
{
da.Update(tbl);
tx.Complete();
}
Parwej Ahamad
R & D: REST services with WCF
|
|
|
|
|
System.Data.DataSet dsEntityReturned;
System.Data.DataTable dtEntityReturned;
public System.Data.DataSet ToDataSet(ArrayList arrayList)
{
dsEntityReturned = new System.Data.DataSet();
int i=0;
foreach (object obj in arrayList)
{
dtEntityReturned = new System.Data.DataTable();
dsEntityReturned.Tables.Add(dtEntityReturned);
dsEntityReturned.Tables[i].Columns.Add("Region", System.Type.GetType("System.Object"));
dsEntityReturned.Tables[i].Columns.Add("dat", System.Type.GetType("System.Object"));
dsEntityReturned.Tables[i].Columns.Add("rs_date", System.Type.GetType("System.Object"));
System.Data.DataRow rows = dsEntityReturned.Tables[i].NewRow();
rows[0].ItemArray = new object[] { obj }; //error comes here
dsEntityReturned.Tables[i].Rows.Add(rows);
i++;
}
return dsEntityReturned;
}
Can anyone tell me how the problem can be solved?
Am tryin to convert an array list to dataset
each item in arraylist is a multidimensional array and the arraylist contains more than one item
Regards,
Arun.
|
|
|
|
|
please can anyone tell me ...what is the problem here?
Regards,
Arun.
|
|
|
|
|
Hello everybody
I need to read the inbox mail from my application how can i read
i have completed sending its easy but i have no idea of reading mail
Best Regards,
Chetan Patel
|
|
|
|
|
So you want to access your e-mail accounts and read the e-mails in them using asp.net??
Why?
We are not a Code Charity
|
|
|
|
|
I have code now ok don't think yourself smart
Best Regards,
Chetan Patel
|
|
|
|
|
I don't think Im smart, you just posted a silly question
We are not a Code Charity
|
|
|
|
|
Don't be rude. You'll get yourself ignored in the future.
|
|
|
|
|
hai friends
in a page i have two iframes namely iframe1 and iframe2
iframe1 has a default.aspx page as srouce and
iframe2 has a default2.aspx page as srouce
i transfered data from iframe1 to iframe2 thru java script
in default2.aspx page ihave a dropdown list box
i assigned some text to this drop down list thru javascript
the code is
parent.frames("iframe1").document.forms("form2").item("DropDownList1").value = sometext;
the is already a item in dropdownlist
now here i want to raise the "selectedindexchanged" event of dropdownlist
plz help me
thanks in advance
vijay
|
|
|
|
|
do you mean you want to know how to call an event i.e selectedindexchanged?
We are not a Code Charity
|
|
|
|