//.aspx page grid view Design, Blog not accepted HTmL TEXT so I remove starting HTML braces so please Add this tag when u use.....
asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" OnRowCancelingEdit="GridView1_RowCancelingEdit"
OnRowDataBound="GridView1_RowDataBound" OnRowEditing="GridView1_RowEditing" OnRowUpdating="GridView1_RowUpdating"
OnRowCommand="GridView1_RowCommand" ShowFooter="True" OnRowDeleting="GridView1_RowDeleting">
Columns>
asp:TemplateField HeaderText="Id" Visible="false">
ItemTemplate>
asp:Label ID="lblid" runat="server" Text='<%#Bind("Id") %>'>/asp:Label>/ItemTemplate>
/asp:TemplateField>
asp:TemplateField HeaderText="Name" SortExpression="Name">
EditItemTemplate>
asp:TextBox ID="txtName" runat="server" Text='<%# Eval("Name") %>'>/asp:TextBox>
/EditItemTemplate>
ItemTemplate>
asp:Label ID="Label2" runat="server" Text='<%# Bind("Name") %>'>/asp:Label>
/ItemTemplate>
/asp:TemplateField>
asp:TemplateField HeaderText="City">
EditItemTemplate>
asp:DropDownList ID="cmbCity" runat="server">
asp:ListItem Text="--Select--" Value="--Select--">/asp:ListItem>
/asp:DropDownList>
/EditItemTemplate>
ItemTemplate>
asp:Label ID="Label3" runat="server" Text='<%# Eval("City") %>'>/asp:Label>
/ItemTemplate>
/asp:TemplateField>
asp:TemplateField HeaderText="Edit" ShowHeader="False">
EditItemTemplate>
asp:LinkButton ID="LinkButton1" runat="server" CausesValidation="True" CommandName="Update"
Text="Update">/asp:LinkButton>
asp:LinkButton ID="LinkButton2" runat="server" CausesValidation="False" CommandName="Cancel"
Text="Cancel">
/EditItemTemplate>
ItemTemplate>
asp:LinkButton ID="LinkButton1" runat="server" CausesValidation="False" CommandName="Edit"
Text="Edit">
/ItemTemplate>
/asp:TemplateField>
asp:TemplateField HeaderText="Delete" ShowHeader="false">
ItemTemplate>
asp:LinkButton ID="LinkButton3" runat="server" CausesValidation="False" CommandName="Delete"
Text="Delete">/asp:LinkButton>
/ItemTemplate>
/asp:TemplateField>
/Columns>
/asp:GridView>
//////.cs file
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["masterConnectionString"].ConnectionString);
SqlCommand cmd = null;
SqlDataAdapter adp = null;
DataSet ds = null;
public void dropdow(DropDownList drp)
{
adp = new SqlDataAdapter("Select cityid,city from city", con);
ds = new DataSet();
adp.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
drp.Items.Add(ds.Tables[0].Rows[i]["City"].ToString());
drp.Items[i + 1].Value = ds.Tables[0].Rows[i]["cityId"].ToString();
}
}
}
public void Bind()
{
try
{
adp = new SqlDataAdapter("Select a.id,a.name,b.city from person a left outer join city b on a.cityid=b.cityid ", con);
ds = new DataSet();
adp.Fill(ds);
GridView1.DataSource = ds.Tables[0];
GridView1.DataBind();
}
catch { }
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Bind();
}
}
protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
{
if (e.Row.RowType == DataControlRowType.DataRow)
{
DropDownList cmbType = (DropDownList)e.Row.FindControl("cmbCity");
if (cmbType != null )
{
dropdow(cmbType);
//cmbType.DataSource = customer.FetchCustomerType();
//cmbType.DataBind();
//cmbType.SelectedValue = GridView1.DataKeys[e.Row.RowIndex].Values[1].ToString();
}
}
}
protected void GridView1_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
Label id = (Label)GridView1.Rows[e.RowIndex].FindControl("lblId");
TextBox txtname1 = (TextBox)GridView1.Rows[e.RowIndex].FindControl("txtName");
DropDownList cmbType1 = (DropDownList)GridView1.Rows[e.RowIndex].FindControl("cmbCity");
string Name = txtname1.Text;
string city = cmbType1.SelectedValue.ToString();
string id1 = id.Text;
con.Open();
//cmd = new SqlCommand("insert into name values()", con);
//cmd.ExecuteNonQuery();
//con.Close();
}
protected void GridView1_RowEditing(object sender, GridViewEditEventArgs e)
{
GridView1.EditIndex = e.NewEditIndex;
Bind();
}
protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
}
protected void GridView1_RowCancelingEdit(object sender, GridViewCancelEditEventArgs e)
{
GridView1.EditIndex = -1;
Bind();
}
protected void GridView1_RowCommand(object sender, GridViewCommandEventArgs e)
{
}
Tuesday, October 19, 2010
Why sql Injection problem occur
SQL injection occurs when user input is not filtered for escape characters and is then passed into an SQL statement
////Through this you can remove sqlinjection problem
Example
String name = txtUserId.Text.Trim().Replace("'", "''");
String Password = txtPassword.Text.Trim().Replace("'", "''");
////Through this you can remove sqlinjection problem
Example
String name = txtUserId.Text.Trim().Replace("'", "''");
String Password = txtPassword.Text.Trim().Replace("'", "''");
Backup and Restore DataBase
//Backup Databse
backup database subhash to disk='f:\subhash1234.bak'
//Restore DataBase
Retrive the Logical file name of the database from backup.
RESTORE FILELISTONLY
FROM DISK = 'f:\subhash1234.bak' after this query run You find out .MDF AND .Ldf file.
MDF = Primary Data File.
LDF = Log File.
RESTORE DATABASE YourDB
FROM DISK = 'f:\subhash1234.bak'
WITH MOVE 'YourMDFLogicalName' TO 'F:\DataYourMDFFile.mdf',
MOVE 'YourLDFLogicalName' TO 'F:\DataYourLDFFile.ldf'
Example-----
RESTORE DATABASE Deepak1
FROM DISK = 'f:\subhash1234.bak'
WITH MOVE 'subhash' TO 'F:\subhash.mdf',
MOVE 'subhash_log' TO 'F:\subhash_log.LDF'
backup database subhash to disk='f:\subhash1234.bak'
//Restore DataBase
Retrive the Logical file name of the database from backup.
RESTORE FILELISTONLY
FROM DISK = 'f:\subhash1234.bak' after this query run You find out .MDF AND .Ldf file.
MDF = Primary Data File.
LDF = Log File.
RESTORE DATABASE YourDB
FROM DISK = 'f:\subhash1234.bak'
WITH MOVE 'YourMDFLogicalName' TO 'F:\DataYourMDFFile.mdf',
MOVE 'YourLDFLogicalName' TO 'F:\DataYourLDFFile.ldf'
Example-----
RESTORE DATABASE Deepak1
FROM DISK = 'f:\subhash1234.bak'
WITH MOVE 'subhash' TO 'F:\subhash.mdf',
MOVE 'subhash_log' TO 'F:\subhash_log.LDF'
Subscribe to:
Posts (Atom)