|
Hi All
i am assingning a dynamic value to image through hidden feild value and it is not working.
the tag is
<img src="<%hidden1.value%>" alt=""/>
this does not show any image and on checking the properties of image it says no URL defined
Thanks in advance!!!!!
|
|
|
|
|
<%=
you are missing "=" char
|
|
|
|
|
IT_Help wrote: the tag is
use
IT_Help wrote: this does not show any image and on checking the properties of image it says no URL defined
What is the hidden1.value returning, From Are you giving the path ??
|
|
|
|
|
Add this code in your aspx page.
<INPUT type="hidden" id="MyHiddenField" runat="server" value="http://tbn2.google.com/xy/ab.JPG">
<img runat="server" id="hiddenImg" alt="" />
and in code behind add this code
HtmlInputHidden hidden = (HtmlInputHidden)Page.FindControl
("MyHiddenField");
Img.Src = hidden.Value;
Hope this help.
|
|
|
|
|
how to check whether Nodes has ChildNodes or not, when i calling i nodes from database.....will it be checked on any NodeExpanded event and if yes give me some guidance
|
|
|
|
|
KhandelwalA wrote: how to check whether Nodes has ChildNodes or not, when i calling i nodes from database.....will it be checked on any NodeExpanded event
I didn't understand your problem. Can you please explain clearly ?
Thank you !
|
|
|
|
|
Hello Friends,
I've two dropdownlist(ddlCountry,ddlState). Onchange event of CountryDropdown(ddlCountry) StateNames are displayed into StateName dropdown using javascript. And it's working fine but prooblem is if i print the value of selected StateName on a button click at code-behind i got an error <b>Object reference set to an instance of an object</b>. So can anybody let me know what should i do know
|
|
|
|
|
your question is clear... Plzzzz send the code upto which level you have tried and the line where u r getting that error...
|
|
|
|
|
This is my javascript function
function myFunc()
{
if(document.getElementById("ddlCountry").value=="India")
{
//Remove Existing Values
var e=document.getElementById("ddlState");
while(e.firstChild)
{
e.removeChild(e.firstChild);
}
var myArray=new Array(2);
myArray[0]="Delhi";
myArray[1]="Mumbai";
for(var i=0;i<myArray.length;i++)
{
//Option(Text,Value)
e.options[i]=new Option(myArray[i]);
}
}
else if(document.getElementById("ddlCountry").value=="America")
{
//Remove Existing Values
var e=document.getElementById("ddlState");
while(e.firstChild)
{
e.removeChild(e.firstChild);
}
var myArray=new Array(2);
myArray[0]="Washington";
myArray[1]="LA";
for(var i=0;i<myArray.length;i++)
{
//Option(Text,Value)
e.options[i]=new Option(myArray[i]);
}
}
}
This is my .aspx code
<asp:DropDownList ID="ddlCountry" runat="server" onchange="myFunc(this)">
<asp:ListItem Text="Select Country" Value="Select Country"></asp:ListItem>
<asp:ListItem Text="India" Value="India"></asp:ListItem>
<asp:ListItem Text="America" Value="America"></asp:ListItem>
</asp:DropDownList>
<asp:DropDownList ID="ddlState" runat="server">
</asp:DropDownList>
This is my Code-Behind(on button click event) code
string name = ddlCountry.SelectedItem.Text+","+ddlState.SelectedItem.Text;
Label1.Text = name.ToString();
And ddlState.SelectedItem.Text getting null that's why that's throwing error
|
|
|
|
|
i too got the same error from your code... The problem is due to postback. The ddlCountry value is maintained but ddlState value is not maintained. So, the error appears. Try to maintain the value for the ddlState too...
|
|
|
|
|
Save the state of drop down list get value from request.form or query string do not fill all entry every time because if you did so every time new values is filled and state can not be maintained you can try one more option before submitting the form save the value into hidden variable by using java script and then get values from request object not from drop down because it lost their value when it fill again
|
|
|
|
|
hi
In my asp.net application i m updating a table.After that i m using those values
now i want to reverse those changes .i hav no idea how to do it
help me its urgent
|
|
|
|
|
you can use transaction (commit and rollback) option.
|
|
|
|
|
|
set ANSI_NULLS ON
set QUOTED_IDENTIFIER ON
go
ALTER proc [dbo].[Usp_D_et_Login1234]
@name nvarchar(max),
@pwd nvarchar(100),
@type nvarchar(5)
as
begin
if @type='1'
begin
select DId,LoginName from dd_login where LoginName=@name and Password=@pwd
end
if @type='0'
begin
select RId,LoginName from dr_login where LoginName=@name and Password=@pwd
end
end
Is this stored procedure can be injected?
If yes tell me how ?
and also how to recover from it?
|
|
|
|
|
what u want exactly?,
u need how to excute and get the values in code part?
Thanks & Regards,
Member 3879881,
please don't forget to vote on the post
|
|
|
|
|
no, i want to know whether anyone can enter into my database by using sql injections?
|
|
|
|
|
u can check it out in code part...,
like this:
private string [] BlackList;
public string chkHome;
public int chkAdminFold;
private void Page_Load(object sender, System.EventArgs e)
{
try
{
BlackList = new string[]{"--", "/*", "*/", "@@", "function", "truncate", "procedure",
"alter", "begin", "create", "cursor",
"declare", "delete", "drop", "end", "exec",
"execute", "fetch", "insert", "kill",
"sysobjects", "</title>","<script","</script>","function", "syscolumns","table", "update"};
string ErrorPage = "/InputErrorPage.htm";
chkHome = Request.ServerVariables["URL"];
chkAdminFold = chkHome.ToLower().IndexOf("admin");
if(chkAdminFold!=1)
{
// Form
//for(int i=0; i<Request.Form.Count;i++)
//if(CheckStringForSQL(Request.Form[i].ToString()))
//Response.Write(chkHome);
//Response.Redirect(ErrorPage);
// Query String
for(int i=0; i<Request.QueryString.Count;i++)
if(CheckStringForSQL(Request.QueryString[i].ToString()))
Response.Redirect(ErrorPage);
// Session
for(int i=0; i<Session.Count;i++)
if(CheckStringForSQL(Session[i].ToString()))
Response.Redirect(ErrorPage);
}
}
catch(Exception ex)
{
Response.Write(ex.Message);
}
}
private bool CheckStringForSQL(string pStr)
{
if(pStr == string.Empty)
return false;
else if(pStr == "")
return false;
else if(pStr == null)
return false;
if (pStr.CompareTo("")==0)
return false;
string lstr = pStr.ToLower();
for(int ii=0;ii<BlackList.Length;ii++)
{
if(lstr.IndexOf(BlackList[ii])>=0)
return true;
}
return false;
}
Thanks & Regards,
Member 3879881,
please don't forget to vote on the post
|
|
|
|
|
paypony wrote: Is this stored procedure can be injected?
first of all this is asp.net forum...
paypony wrote: also how to recover from it?
what do u want to recover from it LoginName and Password!!!!
use output paramater and return it....
|
|
|
|
|
Why are you waisting your time, if you dont know about sql injections. what is asp.net without database. And i m executing procedure from asp.net frontend ok
|
|
|
|
|
paypony wrote: what is asp.net without database
we can develop lot of application using asp.net(without using back end)... The idea of telling that you are posting it wrongly is not to irritate you... if you post it in SQL forum you could have get more answers....
modified on Saturday, June 27, 2009 7:51 AM
|
|
|
|
|
ok
I have already posted there also.
but developer can better uggest me
|
|
|
|
|
paypony wrote: Why are you waisting your time,
Nobody is here to waste there time. CP Member are here to help all, based on their interest.
paypony wrote: what is asp.net without database. And i m executing procedure from asp.net frontend ok
This is very common scenarios, that you are executing SP's from Asp.net. Even, you can execute the SP from other Languages also.
Your question is totally related with Database, and CP has a very strong DB Forum so, you should ask the question over there and will get the better answer.
paypony wrote: if you dont know about sql injections.
Some one telling you the forum rule and not giving the answer, doesn't mean that he don't know the answer.
BTW : Here is one of my best article regarding SQL injection. Hope it help you in future.
SQL Injection Attacks and Some Tips on How to Prevent Them
By Colin Angus Mackay
Thank You !
|
|
|
|
|
thanks for your support...
|
|
|
|
|
ok sorry for using this website
|
|
|
|