Im passing sensitive details from my asp.net web app to a database on a different server. I've set up encryption on my database. Should I encrypt the data in the code behind file of the web app and then pass it to my database stored procedure or pass it to the stored procedure as it is and encrypt it there?
View 4 RepliesIm saving sensitive data from my asp.net web app back to a database on another server. I have set up encryption on the database. Do I need to set up more encryption in the code behind of the web app and encrypt the data there then pass the data to the database or should I pass it as it is and then encrypt it in my stored procedure.
View 1 RepliesI want to create a site where users can create a very basic profile, with fields like full name, City, Age and Gender, and I want the data for every new member that signs up to go into a simple Table in my sql data base. reason being I want members to be able to view other members info in a table. I am familiar with the "CreateUserWizard", but that only allows me to work with certain predefined info (email, user id, etc). If I just anually add new columns to the table in which user ID and such is saved to, and customize the CreateUserWizard controller to have text boxes for the additional data that I want (i.e. city), will the CreateUserWizard know to save that additional data in the table?
Also, I know I can add fields to the <profile> tag in the web.config files, but I dont know where that gets stored. I want all the info for the user to be stored in one table in a sql data base so that I can easily access it with a quary. I dont see where the profile properties get stored, and how it can be linked to a User ID. by the way I noticed in other posts, there was a mention of a membership provider. I noticed that although I've added some "Login" controlls (i.e. login and CreateUserWizard), no membership provider has been added to my web.config file. Do I need to do this manually? or is there a menu item that adds it for me?
I'm teaching myself ASP.net. I'm creating an application that needs to store sensitive data. So, I found the following Blog to encrypt and decrypt data.
[URL]
I'm sure it's my app, but I wanted to make sure I'm not missing anything obvious. For some reason, my app and Encryptor only works when I pass < then 7 characters. If a pass 8, it doesn't commit to the database. If I remove Encryptor, the app will store
How do i perform signing sensitive data in WebApp?
My algoritm:
[Code]....
The code above works in WinApp but doesn't in WebApp .
Can you fix the code above so it can run under WebApp -or- other method to protect sensitive data from modifying?
I have situation where I need to authenticate a client across multiple web services. Basically each service needs to identify the client and know a few other small pieces of information about the client.
The way I have it working now is that the needed identifying information is stored in a session table in a database by the authenticating web server. The web server hands the client an string, which IDs the database entry and gets passed to the other web services. The web services then use this string to pull the needed information about the client from the database entry.
It has occurred to me that it might be possible to give the client an encrypted blob that contains the user ID and other needed information, which is rather small, and avoid using the database for this completely. The client would just pass around the blob (like the string in the previous paragraph) without needing to know what it contains, and only the web services would know how to decrypt it.
This should eliminate the need for the database to store the session information and would make the whole process a good bit simpler. With the database you have to worry about cleaning up old sessions and timeouts and so on.
So my question: is passing around sensitive data from service to service via client considered safe and acceptable? Is it possible to do this in a way that would eliminate worry about the client tampering with the data? What encryption algorithms would be good to use?
Let's say a control X has a template called RowTemplate.
So X's markup would be like:
<foo:X>
<RowTemplate>
<foo:Y>...</foo:Y>
</RowTemplate>
</foo:X>
My question is: How can the Y control be sensitive to the data context? I know I can use template inline tags to get access to the data context: <%# Eval("Id") %>, but I cannot pass this information to Y because template inline tags are not allowed in server controls.
So I don't know how I could use the Object's Id (Eval("Id")) in Y.
Hi creating a simple blog site where u can login and save blog entries. I want to use the loginname control to automaticly save the username of the one entering the blog.
View 2 Repliesi am trying to save an image to database as a byte[]
The array size before i save it = 2118.
but in SQL 2008 the maximum size for an image type is 16.
so i am trying to get the image using Response.BinaryWrite(byte[]) I get an empty image.
My web application is on a Webserver that is in a DMZ .
the web application must save on the server in LAN some files, but the webserver cannot access the file server because has no right to access. i wouldn't create an account for the web server, but i would that any time the application has to upload a file onto the file server make a connection that encapsulate credentials, then the upload starts ,finally the connection closes.
Is possible with some Objects to do this type of work?
I have to save user Credantials but I dont know how to save the password into the sql database
View 4 RepliesI want to save my password and it sould be saved in encryptd form in my db SQl Server in asp.net.
View 1 RepliesI'd like to allow users to upload a .pdf file via the file upload control (if that's the best method), save the file to the db and then retrieve it so they can click on a link and open the .pdf they've uploaded. I've been looking for a tutorial on how to do this but keep running into methods of saving the file directly on the server in a directory, not in SQL server (using Linq and VB by the way)
View 4 RepliesI have a requirement to have a multiline textbox that accepts any text from any language and stores this into the database for later use. I am using Linq with ASP .NET 3.5 with a SQL Server 2005 database.
View 2 RepliesI have a validator on a textbox that validates against a list to ensure that the user doesn't input the same name. When testing it, if I type in the same name including the same case structure, it returns an error. If I change one letter to a different case, it doesn't return an error but rather my SQL server returns a duplicate error. How do I change the server-side validator so that it picks up duplicate names regardless of case?
View 4 RepliesHere is what I am basically trying to accomplish I want to upload images to the server separated into categories and save the file path into the database. I have found plenty of documentation on saving to a file and the file path to a database. But, I haven't found anything that will allow me to seperate the images into categoies.
I have made three tables in the database
[code]....
What I am trying to do is create a gallery for our clients to browse and download different vesions of posters and ad cards.
i have a custom class has extra information about my users , i want to create an object of this class and attach it to current Authentication ticket , what is the best way to do that , i have read there is a userdata thing in the authentication ticket but it's type is String
View 5 RepliesI created a column named InputUserId for the purpose of saving the user's id upon inputing data using formview(so I know who inputed). I would like the user's id to be saved in the table (column InputUserId) and the table's Id (RId) to be saved in the user's profile.
View 8 RepliesI am using  a  viewstate to store the company Ids and splitting at hyphen.
protected void onCompanychange(object sender, EventArgs e) {
ViewState["companyID"] += companydropdown.SelectedValue + "-";
String companyids = ViewState["companyID"].ToString();
string pattern = "-";
company_array = Regex.Split(companyids, pattern);
company_length = company_array.Length;
}
Company array is a string array  where i have stored the company ids
the problem is company_array[0] has the initial value of the dropdownlist(company) --select company which is why m getting the error(cannot convert data type nvarchar to int) . Â I have used the same logic in many places in my project it did not give any error.
int count = 0;
company_length = company_length - 1;
while (count < GridView3.Rows.Count && compid_counter < company_length ) {
cmd = new SqlCommand("insertWorkDetais", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@trainerId",trainerID);
[Code] .....
I've been using this programming style, that I've seen in an example and just started using it, because it does the job... I would like to know other programmers' opinion about it...
So the situation is when you have a GridView, or a control based on it like the RadGrid, and you want to keep track of a data table while you are adding, editing, reordering and deleting rows.
Using the session to hold the data table (or list of data) may not be the best solution, because the user may open two identical web pages... Using the ViewState to hold the data may be and option... I have been using an approach like the following:
[code]....
So using a static List variable, of a custom object (class), declared in the code-behind of the Aspx page, and updating it whenever the data is edited.
I used the following link to add textboxes inside Gridview and saving data to Database.URL...The above article is very useful, but my problem is I want the Textboxes to be display in Rowwise instead of Columnwise. Means like I need to display is Â
Name  texbox1                                                  Â
Age     texbox2                                                  Â
Salary  texbox3                                                                Â
SAVEÂ ButtonThen SAVE button to save data entered in the textboxes to the database. Gridview design to achieve like this.
I am asp.net developer and I work with SQL Server 2005 .
I have a table with 4 columns
say
Name
RollNo
Std
Div
if client enters
Name
RollNo
Std
but doesn't enters 4.Div column data and try's to save data, it should not give error, it should save the data in database
A variety of files (pdf, images, etc.) are stored in a ntext field on a MS SQL Server. I am not sure what type is in this field, other than it shows question marks and undefined characters, I am assuming they are binary type.
The script is supposed to iterate through the rows and extract and save these files to a temp directory. "filename" and "contenttype" are given, and "data" is whatever is in the ntext field.
[code].....
This works, but the file should be saving to the server instead of popping up save-as dialog. I am not sure if there is a way to save the response to file.
my application raises security issue while saving data from server to local machine.but everything working well locally.
View 2 Replieshow to save record in GridView into SQL server?
View 5 Replies