I am trying to use a variable from the code-behind page in a sqlDataSource WHERE statement. I am using Membership.GetUser().ProviderUserKey to obtain the UserId of the logged in user and I would like to only show record that have this UserId as a foreign key. How can I write the SQL for this?
Here is what I have so far:
SQL Query:
SelectCommand="SELECT [UserID], [CarID], [Make], [Model], [Year] FROM [Vehicle]"
I've managed to use my MS Access database with repeaters and gridviews in my website. Basically, printing the result of a query directly to the website seems easy enough using something like this :
[Code]....
After quite a bit of googling this seems to be a common way to do this. My question then seems kinda silly.
I want to use some of the data from the query in for example a variable without sending the data to a repeater or gridview and so on. Say I just want the username and a password from a database and want to store the username in one variable and the password in another for further use in the code. What do I do?
I would like to run a SQL query on the codebehind VB page that will also set a value from that query to a Session variable. Also, this needs to be done on the Page_Load. Example: [Code]....
declare @stateQuery as nvarchar(200) if @stateid is null set @stateQuery='' if @stateid is not null set @stateQuery='and tbl_city.stateid ='+cast(@stateid as nvarchar(10)) set @length=(select top 1 len(dbo.Tbl_city.cityName) FROM dbo.tbl_city INNER JOIN tbl_cityinfonew ON dbo.tbl_city.cityId = tbl_cityinfonew.cityId where (tbl_cityinfonew.language =@language )+cast( @stateQuery as nvarchar(100)) order by tbl_cityinfonew.createdate desc)
I am using a data list to display some value retrieved from a SQL query. My problem is that I would like to insert a variable for the field of ISDS_454.dbo.booksusers.userID. The variable has already been declared and stored upon page load. I just need some way to get it within the SQL query for the datalist.
<script runat="server"> Sub Page_Load() Dim ID As String = "D07AD7E0-8E34-4C18-9B4D-10576B0CC6BF" End Sub </script> <asp:DataList ID="DataList1" runat="server" DataSourceID="SqlDataSource1"> <ItemTemplate> fic: <asp:Label ID="ficLabel" runat="server" Text='<%# Eval("fic") %>' /> <br /> <br /> </ItemTemplate> </asp:DataList> <asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:ISDS_454ConnectionString %>" SelectCommand="Select COUNT(*) as fic From ISDS_454.dbo.Books, ISDS_454.dbo.booksusers, ISDS_454.dbo.Genre where ISDS_454.dbo.Books.ISBN = ISDS_454.dbo.booksusers.ISBN And ISDS_454.dbo.Genre.Genre_ID = '1' And ISDS_454.dbo.booksusers.userID = 'D07AD7E0-8E34-4C18-9B4D-10576B0CC6BF'"> </asp:SqlDataSource>
sales.aspx.vb Custom function which stores the current DATE into todayDate. I use this function to convert system date into SQL friendly date. sales.aspx I used Data Grid and SQL Data source. SelectCommand="select * from sales where aab = 110026" I want my select statement should take the date from todayDate. i.e.: SelectCommand="select * from sales where aab = todayDate" How to write this statement in correct syntax.
I am having trouble getting a SQL query to post its results to a Session variable. I am close, but no success thus far. Here is what I have: [Code]....
However, I keep getting this error when I click to a new page that is using this "PracticeID" Session variable: No mapping exists from object type System.Data.SqlClient.SqlCommand to a known managed provider native type.
how to display the gridview control with an interface that is ready for inputting data into columns. Bsically I want the grid to display initially in update mode without the user having to click the update link or button.
Example scenario: User login has a list of associated 'accounts' it has access to... this list of accounts is stored in a database table, say tblAccountAccessControl, something like:
This info is used throughout the web application and determines the 'domain' of information the particular login has access to. For example there are many other tables that have the 'accountID' field and whenever a page pulls data from the table it only pulls data that the currently logged in user should be allowed to see, based on that tblAccountAccessControl data.
The security question: Do I need to query the database every time I need to get this list of allowed accountID's? I was about to use a plain old query string to pass a particular accountID to another page but quickly caught myself as I realized that would be a major security flaw (the receiving page was going to use that accountID to grab info from the database, and there would be nothing preventing a user from simply typing in a url manually to get data from an accountID they are not supposed to be allowed to view). So I then thought I'll just store the list of accountID's in a session state variable so they will be carried with the user throughout the session.
But then I remembered there are tools out there that allow you to easily intercept and modify asp.net viewstate information and I'm not sure if that would included session state variables, but I'm guessing they would. Is there a way to create a secure query string? If I used session state would that session state information be exposed and modifyable by utilities out there? Am I just stuck having to query the database every time I need this info to assure security? What about encrypting it and then storing in session state variable (just thought of that one)?
I have to build a screen that tracks despatched goods on trucks on a certain date. I have created a form (using C# and ASP.NET) where I am displaying the calendar and am allowing the user to select the date he wants to check for the despatched goods.
My question is how to store the date that was clicked by a user in a variable which I want to use it later in an SQL query.
Should I store the date as a session variable? Suppose I want to display the date that the user clicked, how do I display it?
I have developed the below web page which has an asp.net 3.5 listview control as it's frontend and an sql server db as it's backend.
[URL]
The first row on the web page is the inserting row. What I am hoping to achieve is that when the user enters their appropriate data they click the "Next" button to assign this dataset with it's own identity ID (customer_id) value within my database (this works perfectly), at the same time on the fly I want to use this customer_id as a query string variable to populate a child page (customerTrades.aspx) in order to pin further data to this identity. Currently I am attempting to use the below code within the iteminserted event of my listview control but I receive the error: "object reference not set to the instance of an object"??
Is this because the child page cannot find the customer_id variable being passed through the query string? Because it's not actually created yet? Am I using the wrong listview event? How can I achieve what I am looking for?
I must also mention that I'm using a linqdatasource to insert my data on runtime into my database. However, I am using the listview iteminserting event to insert my frontend dropdownlist selected values, code below:
I'm using the DetailView control to display employee details from a specfic company, but it seems when I try to create the query in the data source wizard I'm unable to select the variable for the WHERE clause, only the web pages control components.
The employees are selected through the company name which is entered at the beginning of the page and in turn is used to select the company id.
I am attempting to do an insert query on a webpage for a simple member registration form I have created in vs2010. I have done this type of thing before without problem using an access database, but now I'm using a sqlexpress db created from within vs2010. This is the screenshot of my insert query:
Now, when I execute this query in the form, I get an error that says:
Must declare the scalar variable "@FirstName".Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Must declare the scalar variable "@FirstName".
Version Information: Microsoft .NET Framework Version:2.0.50727.4952; ASP.NET Version:2.0.50727.4955
At first I just had my query with all ?'s instead of @FirstName, etc in the insert statement itself, but I got an error on that as well but it was different, it just said syntax error near "?" or something to that effect. If I manually perform this query in the builder, and it pops up a window that asks for values on everything, I put something into each field and the insert works great. It just won't work with these parameters for some reason. Can someone advise what I need to do?
I have a problem with SELECT COUNT query in ASP.net. I want to create CMS with articles which have categories (which have the option to be deleted). The problem is that I want to get the number of articles within the specified category so if there aren't any articles with the specified category I can proceed with the category deletion.I have the following code:
[Code]....
After I click the button "Obriši" (Delete) I receive the following error: "Must declare the scalar variable "@KategorijaID"." I understand that the problem is with parameter, but I don't know how to correct it to use it for both the "command" and "brisanje" SQLCommands.