|
You need to match the query in SSMS to the query you're using in your code. You're missing a join to at least one other table, and the cl.phone_number IS NOT NULL condition, both of which could filter out the one record you're seeing in SSMS.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Run Sql profiler and look at the t-sql that is being sent to the sql server. You should then be able to find the issue quickly.
Social Media - A platform that makes it easier for the crazies to find each other.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
hi,
I need to open a word file which saved in server in client side(without open/save dialog and not download in client system) and let users to edit it. then save back this file in server again.
I try
Word.ApplicationClass for this, but it open word file in server side.
do you know any component or code in asp.net for doing this??
please answer and help me asap.
best regards.
|
|
|
|
|
You cannot open applications on the client side, especially if the client does not have it installed.
|
|
|
|
|
if office was installed in client system, Can I do this??
|
|
|
|
|
No, you cannot take control of a user's system from a browser; it is a security issue.
|
|
|
|
|
I'm using .Net core and when I first read of user secrets I thought it was brilliant. That is until I met the powershell command:
dotnet user-secrets list
I'm looking at storing them on the database again, and encrypting them using something like bcrypt to encrypt them. The weakness of this argument is that the key is in the code...
Thoughts anyone on secrecy?
Ger
|
|
|
|
|
Who are you trying to keep the secrets secret from?
dotnet user-secrets list will only list the secrets stored for the current user. And it's intended to keep them out of your source control, not to prevent you from seeing them.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I'm trying to keep them secret from the next person to use the machine. I missed the detail about that list command only applying to the current user. I am much relived.
Ger
|
|
|
|
|
First thing to mention here is, why are you even trying to store the secrets—I am assuming, connection strings, API keys, etc. etc.—in your own machine, unless your web server runs in the same machine. In testing or development environment, you should consider using testing or development credentials, that when exposed can be cleared, rotated and wiped without any panic.
I am not sure why you didn't read the documentation for this tool, Microsoft had already made it pretty much clear that this tool is not for "securely storing your credentials", rather "storing your secure credentials". There is a huge difference,
The Secret Manager tool doesn't encrypt the stored secrets and shouldn't be treated as a trusted store. It's for development purposes only. The keys and values are stored in a JSON configuration file in the user profile directory. So, that was pretty much clear from the documentation that this tool doesn't do anything on its own side and as Richard said, it merely takes the secure information out of your code, to prevent it from being version controlled.
If you are using an external hosting service, use their secure vaults (or something similar in technical terms). For example, it is a bad idea of store the security details or credentials in environment variables, or even in the databases that you hold or own. Because as you said,
Quote: I'm looking at storing them on the database again, and encrypting them using something like bcrypt to encrypt them.
They are merely encrypted, anyone who has access to your machine—since this data is in your machine—has access to that database, which is clearly visible as these values are needed by your apps to function. Thus, anyone can access the keys.
The good practice to use nowadays is to use secure vaults, you can check with your hosting providers to check if they do provide any. For example, on Microsoft Azure you should use Azure KeyVault, Key Vault | Microsoft Azure, which secures your credentials and resists tampering against it.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
Afzaal Ahmad Zeeshan wrote: I am not sure why you didn't read the documentation for this tool, Microsoft had already made it pretty much clear that this tool is not for "securely storing your credentials", rather "storing your secure credentials". There is a huge difference,
Chances are I missed it when reading it, although I'm not sure whoose documentation I read on the subject so it might not even have been mentioned. Either way it was lost on me.
Afzaal Ahmad Zeeshan wrote: They are merely encrypted, anyone who has access to your machine—since this data is in your machine—has access to that database,
This is why I move away from database storage in the first place.
Afzaal Ahmad Zeeshan wrote: For example, on Microsoft Azure you should use Azure KeyVault
And this is the real value in your response. 
Ger
|
|
|
|
|
Hi,
I built an ASP.NET web API but unfortunately, it is legacy. So I want to refactor it by using a generic repository, DI, etc. Are there any useful tutorials that I can use?
Best Regards.
|
|
|
|
|
Cenk KIZILDAĞ wrote: Are there any useful tutorials that I can use?
There are, even on this site.
Cenk KIZILDAĞ wrote: So I want to refactor it by using a generic repository, DI, etc.
Start with identifying where DI would be appropriate, and asking yourself what you gain from it. Don't add something just to say you added it.
Bastard Programmer from Hell 
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
Eddy Vluggen wrote: There are, even on this site
Can you please share one or two? I read couple of them but still have questions in my mind.
|
|
|
|
|
|
|
Quote: it is legacy.
One tip that I would like to give is, that you should consider using ASP.NET Core instead of ASP.NET, as ASP.NET Core introduces cross-platform deployment support, is lightweight and can be extended to support any runtime.
Quote: So I want to refactor it by using a generic repository, DI, etc.
Everything that you mention here is a part of ASP.NET Core, and you can easily integrate these in your own applications without having to change or break the design pattern of ASP.NET Core development, and design.
Quote: Are there any useful tutorials that I can use?
Sure, start here, Create web APIs with ASP.NET Core | Microsoft Docs.
What you can explore there includes the DI, repositories for your data stores, and other best practices like asynchronous controllers and middlewares for ASP.NET Web API.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
I have a razor pages application built in 2 projects, database access and the ASP.net application with data services, controllers and pages.
I now want to access the ASP.net data services part of the application from a mobile project. Does the ASP.net application need to be split into a web API and a client project or can I use the ASP.net project as a web API data service?
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
|
Some light reading - just what I wanted, thank you.
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
What is the difference between Finalize() and Dispose() methods?
|
|
|
|
|
|
This is difference between Finalize() VS Dispose():-
- Methods dispose() and finalize() are the methods of C# which are invoked to free the unmanaged
resources held by an object.
- The dispose() method is defined inside the interface IDisposable whereas,
- the method finalize() is defined inside the class object.
- The main difference between dispose() and finalize() is that the method dispose() has to be
explicitly invoked by the user whereas, the method finalize() is invoked by the garbage collector,
just before the object is destroyed
|
|
|
|
|
Hi ,
I can do listing users account ,just want to change their passwords,
So ,I want to update users table according to ıd value like below
<table id="myTable" class="table table-striped table-bordered table-condensed">
<thead>
<tr>
<th style="width: 2px">Id</th>
<th>Name And Surname</th>
<th>Passwords</th>
<th></th>
</tr>
</thead>
<tbody>
@foreach (var veri in Model)
{
<tr>
<td>@veri.Id</td>
<td>@veri.UserName</td>
<td>@Html.TextBoxFor(t => new AccountInfo().Pwd, new { @Value = @veri.Pwd, @class = "form-control", style = "width:100px"})
<td>
@Html.ActionLink(linkText: "UPDATE", actionName: "UpdateManageUser", controllerName: "AdminPanel", routeValues: new {id = @veri.Id, NewPwd = @veri.NewPwd },
htmlAttributes: new {onclick= "userUpdateJson()", id = "btnUpdate",@class = "btn btn-primary pull-left"})
</td>
</tr>
}
</tbody>
</table>
public ActionResult UpdateManageUser(int id,string pwd)
{
var con = Core.GetLocalConnection();
con.Open();
var cmd = new SqlCommand("SELECT COUNT(*) FROM S_ACCOUNTINFO WHERE ID=@P1", con);
cmd.Parameters.AddWithValue("@P1", id);
var result= Convert.ToInt32(cmd.ExecuteScalar());
if result= == 1)
{
cmd = new SqlCommand("UPDATE S_ACCOUNTINFO SET PWD=@P2 WHERE ID=@P1", con);
cmd.Parameters.AddWithValue("@P1", id);
cmd.Parameters.AddWithValue("@P2", pwd);
cmd.ExecuteNonQuery();
}
con.Close();
return RedirectToAction("ManageUser");
}
|
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
