|
Hi,
Would this be a good way to prevent some SQL Injections?
I am trying to find the best easiest way to use of command parameters whenever i receive user input to query a database.
I have alot of queries so im trying to find a easy reusable procedures to make use of sqlcommand parameters.
<br />
SqlConnection conn = new SqlConnection(_WebConfig.ConnectionString.ToString());<br />
try<br />
{<br />
<br />
DataTable dtVal = new DataTable();<br />
SqlDataAdapter da = new SqlDataAdapter("SELECT ID, Full_Name, Surname " +<br />
"FROM Users " +<br />
"WHERE Full_Name = @LoginUname " +<br />
"AND Password = @LoginPword", conn);<br />
da.SelectCommand.Parameters.Add("@LoginUname", SqlDbType.VarChar, 30);<br />
da.SelectCommand.Parameters["@LoginUname"].Value = LoginUname;<br />
<br />
da.SelectCommand.Parameters.Add("@LoginPword", SqlDbType.VarChar, 15);<br />
da.SelectCommand.Parameters["@LoginPword"].Value = LoginPword;<br />
<br />
if (conn.State == ConnectionState.Closed | conn.State == ConnectionState.Closed)<br />
{<br />
conn.Open();<br />
}<br />
da.Fill(dtVal);<br />
<br />
if (dtVal.Rows.Count == 1)<br />
{<br />
return true;<br />
}<br />
else<br />
{<br />
return false;<br />
}<br />
}<br />
catch (Exception ex)<br />
{<br />
throw ex;<br />
}<br />
finally<br />
{<br />
conn.Close();<br />
conn.Dispose();<br />
} <br />
Any advice or other methods would be greatly appreciated
Thanks
|
|
|
|
|
|
Take a look at this[^]article it will help you.
Regards,
Satips.
|
|
|
|
|
Hi,
that link i snot giving any perticular information regrading validation.
pls help
|
|
|
|
|
I need help on encrypting password authentication using MD5, although i found the answer to doing it but it is done on Visual studio 2003, as iam doing it on Visual studio 2005 it is different coding style and when i dowloaded the vs 2003 coding file, it is unable to convert it to visual studio 2005 coding file, so i need your help on this problem or u can redirct me to any site that is doing this? i need the codes for password encrpytion using MD5. I am using Visual studio 2005 and sql server 2005. Thank you in advance.
|
|
|
|
|
The Article by Faina here may help you.
Regards,
Satips.
|
|
|
|
|
Hello,
Can you please tell me how can I MessageBox.Show the tag property of a listView item when a sub item is clicked?
Thanks.
|
|
|
|
|
ListView.HitTest returns an object that contains a reference to the ListViewItem AND the ListViewSubItem that was clicked.
If it was the first column, those will be the same; for subsequent columns, it will contain the correct item. You'll have to do some checking on those objects as it sets them to null sometimes and I forget now what the exact conditions are.
|
|
|
|
|
Hello everyone,
I am trying to create my own ContextMenu for a button in my Windows Application. The following is the code that I am using to have the ContextMenu. I was wondering how I can assign click event to the options in the ContextMenu?
MenuItem[] menuItems = new MenuItem[]<br />
{<br />
new MenuItem("Button Info. 1"),<br />
new MenuItem("Button Info. 2"),<br />
new MenuItem("Button Info. 3"),<br />
new MenuItem("Exit")<br />
};<br />
ContextMenu buttonMenu = new ContextMenu(menuItems);<br />
buttonMenu.Show(btnTest, new System.Drawing.Point(70, 30));
Thank you very much and have a great day.
Khoramdin
|
|
|
|
|
Hi,
ContextMenu behaves like other menus; you can add MenuItems to it as you wish.
So I suggest you create one MenuItem, set all its properties, add it to the
ContextMenu; then continue with the next one.
|
|
|
|
|
Hi All,
Here I created a C# application, but now i want to deploye that application but the problem is that, how to create satup for that application, i don't know. if any one know plz helh me
thanx & regards
smk
|
|
|
|
|
|
hey...
currently working on a graphics application using C# and openGL....intially the whole from was used for drawing...but now I want to refine my application by adding controls and drawing in a picture box but having problems properly defining a drawing area in a picture-box....kindly help me in this regard
thanks
|
|
|
|
|
You should not use a picture box, just draw your image in a paint event handler.
Christian Graus - Microsoft MVP - C++
Metal Musings - Rex and my new metal blog
"I am working on a project that will convert a FORTRAN code to corresponding C++ code.I am not aware of FORTRAN syntax" ( spotted in the C++/CLI forum )
|
|
|
|
|
How to read and write the word document file using string reader,writer c# with asp.net 2.0
Ravich.K
|
|
|
|
|
Article by victorbos this[^] may help you.
Regards,
Satips.
|
|
|
|
|
I want to dispose my previous form on the after select event of tree view control but when i try to do so i get the following exception message
System.ObjectDisposedException: Cannot access a disposed object named "TreeView".
Object name: "TreeView".
This problem has definate solution but It is bit complicated and I m not able to understand it plz any one can help me out in simple words or even some one only tell me that how can i close one form another form ....I tried it to close it even by making its object on that form n then call its close function ...But it too doesnt work ...i m building Windows application In C# 2003.Thanx for Ur help
|
|
|
|
|
Implement IDisposable Interface in all the pages and use the dispose method !!!
Regards,
Jaiprakash M Bankolli
jaiprakash.bankolli@gmail.com
http://jaiprakash.blog.com/
|
|
|
|
|
Can u plz provide me some examplary piece of code
Thanx
|
|
|
|
|
hi i have a webservice in vs2005, and i am trying to access that from my vs2003 application.
To service methods are defined onr is "helloworld",default method.Its working properly
But in my next method i am trying to return a datatable.
But it showing some error on running
the exception is aditional information: Method Service.GetAction can not be reflected.
GetAction is my method.
this is the reference class
/// <remarks>
[System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://tempuri.org/GetAction", RequestNamespace="http://tempuri.org/", ResponseNamespace="http://tempuri.org/", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
public DataTable GetAction() {
object[] results = this.Invoke("GetAction", new object[0]);
return ((DataTable)(results[0]));
}
/// <remarks>
public System.IAsyncResult BeginGetAction(System.AsyncCallback callback, object asyncState) {
return this.BeginInvoke("GetAction", new object[0], callback, asyncState);
}
/// <remarks>
public DataTable EndGetAction(System.IAsyncResult asyncResult) {
object[] results = this.EndInvoke(asyncResult);
return ((DataTable)(results[0]));
}
I changed the datatype to datatable.
My small attempt...
|
|
|
|
|
First and foremost you can't return datatable from web method rather return dataset containing databale !!!!
Regards,
Jaiprakash M Bankolli
jaiprakash.bankolli@gmail.com
http://jaiprakash.blog.com/
|
|
|
|
|
Ya i tried to return one dataset from service it was a success.
But in the webmethod i am trying to get a dataset by executing the query, by creating the instance of another class.But it gives an exception.......
[WebMethod]
public DataSet GetAction()
{
DataSet dt = new DataSet();
DataLayer.WebSrevice webser = new WebSrevice();
dt = webser.GetActiontable();
return dt;
}
it will work if i remove
DataLayer.WebSrevice webser = new WebSrevice();
dt = webser.GetActiontable();
this lines, ie i cant access the other project from the service class
My small attempt...
|
|
|
|
|
Am not to sure of the problem statement ... Could you explain every thing ?
Regards,
Jaiprakash M Bankolli
jaiprakash.bankolli@gmail.com
http://jaiprakash.blog.com/
|
|
|
|
|
Hi
I have few doubts, as I am going to release my app:
1. My application developed in C# VS2005 needs .Net Framework to be installed in PC.So, if the user runs the app, is there any way to detect for framework , prompt and start downloading .Net Framework from Microsoft?
As it is very frustrating for user to go to website , search and download.
2.I need to change the host file in PC , ex:192.168.51.150 something.com.
Can it be done programmatically??
Immediate reply is appreciated.Thanks in advance
Aruna
|
|
|
|
|
1 - If a PC does not have .NET, I believe it will just crash, you need to provide an installer that also installs it.
2 - If you have permission, you can write to any file on the PC. Which means, if it's Vista, you won't have permission
Christian Graus - Microsoft MVP - C++
Metal Musings - Rex and my new metal blog
"I am working on a project that will convert a FORTRAN code to corresponding C++ code.I am not aware of FORTRAN syntax" ( spotted in the C++/CLI forum )
|
|
|
|