Friday, September 25, 2009

Change Hidden Field Value

Let say, you have a Textbox with some value. When you choose some items from a dropdown list, this textbox will be hidden but the value will be there. When you submit the form, this textbox's value will be submitted.

To avoid this, we can use javascript so that when the textbox hidden, we can make it empty or assign something specific value whatever you want.




function assignSomeValue()
{
// to hide the textbox
document.getElementById('<%= rajTextBox.ClientID%>').style.visibility = "hidden";
// to assign somevalue after hidden
documnet.getElementById('<%= rajTextBox.ClientID%>').value="assign something";


}





Happy Programming !!!










Posted by



at





No comments:
  

















Labels:
,

















          

        

          

        

Saturday, September 5, 2009


          

        









Calling Stored Procedure from C# & Display the records










Let's create a sample stored procedure first,

Create procedure GetSchoolName (@ID int)

as

select SchoolName, Date from School where ID like @ID;

return;

The code includes @ID parameter which is an input parameter that obtains the search string to perform a "like" search in school table.

In our c# code, we are going to pass variable ID (at run time) to this procedure and getting back the records that matches with that ID

Hence, the c# code:

try
{
        SqlDataReader rdr = null;

        //Create a connection to the SQL Server
        SqlConnection conn = new SqlConnection(DataAccess.GetConnectionString());

       
       //Create a command object & then set to the connection
        SqlCommand cmd = new SqlCommand("dbo. GetSchoolName", conn);

        //Set the command type as storedProcedure
        cmd.CommandType = CommandType.StoredProcedure;

         //get the variable ID from textbox control
          int id = Convert.ToInt32(id.Text);

          
         //Create & add a parameter to parameters collection for stored procedure
        cmd.Parameters.Add("@ID", SqlDbType.Int).Value = id;

        //Open the connection
        conn.Open();

        //execute command & read the data using SqlDataReader
        rdr = cmd.ExecuteReader();


       //display records into listbox

          while (rdr.Read())
        {
            listBox1.Items.Add(rdr.GetValue(0).ToString());
         }
Or

       //Records display in a table             

        TableRow tr;
        TableCell tc;
        while (rdr.Read())
        {  
                tr = new TableRow();
                tc = new TableCell();
                tc.Text = rdr["SchoolName"].ToString() + " " + rdr["Date"].ToString();
                tr.Cells.Add(tc);
                table1.Rows.Add(tr);

        }
  
  

        conn.Close(); //close connection
        rdr.Close();     // close SqlDataReader
  
   }

Happy Coding !!!










Posted by



at





1 comment:
  

















Labels:
,

















          

        

          

        

Tuesday, August 25, 2009


          

        









Sqlparameter is already contained by another Sqlparameter Collection











"Sqlparameter is already contained by another Sqlparameter Collection" --This
is the problem I faced last week while I created two SqlCommand. First one, to 
find the variable Id 'a' and second one pass that 'a' to the stored procedure.

The solution, I added the SqlCommand.Parameters.Clear() to the code and the problem gone.
As you can in the code, I created SqlCommand Command and should be destroyed at the end because 
C# is the managed language that handles garbage collections.

Code example:

 SqlConnection conn = 
                         new SqlConnection(DataAccess.GetConnectionString());
 string strSQLCommand = 
                         "select Id from Schools WHERE SchoolName= '" + name + "'";
 SqlCommand command =
                          new SqlCommand(strSQLCommand, conn);
 int a = Convert.ToInt32(command.ExecuteScalar());
        
  //write this line of code before using another command execute function
 command.Parameters.Clear(); 
...................................................
...................................................
 SqlDataReader rdr = null;

 SqlCommand cmd = new SqlCommand("dbo.GetSchoolName", conn);
 cmd.CommandType = CommandType.StoredProcedure;
 cmd.Parameters.Add("@ID", SqlDbType.Int).Value = a;
  rdr = cmd.ExecuteReader();
...................................................
...................................................
Happy Coding !!!










Posted by



at





No comments:
  

















Labels:
,

















          

        

          

        

Wednesday, August 5, 2009


          

        










A potentially dangerous Request.Form value was detected from the client











I had a run time error on my web application last week . It was a request form application whichhas user input testboxes. When I looked into event viewer on the server, the actual problem was:

A Potentially dangerous Request.Form value was detected from the client.

Basically it  means that you can't post values containing HTML ( or script ) tags to the  server. 

In other words - if you have a textbox and the visitor enters  something like :
and then presses Submit button this error will  occur since the posted value(s) contains HTML tags.
There are different solutions to solve thhis problem, you can read more at ASP.Net site. Many People suggests changing web.config file which is a bad solutions since it'll affect all pages on your Site.
The simple solution is add a tag validateRequest="false" into the Page-directive on top of the page. When request validation is disabled, content can be submitted to a page but developer should ensure that content is properly encoded or processed.

Happy Programming!!










Posted by



at





No comments:
  

















Labels:

















        

      









Subscribe to:
Posts (Atom)