I have heard that saving connection strings and stored procedure names in web.config file of our application is not safe. It is a good practice to store the connection string in a config file rather than as a hard coded string in our code and if we need to change it,then it makes our job easier. how to protect our code in web.config?
View 4 RepliesI have an ASP.NET project which is pretty n-tier, by namespace, but I need to separate into three projects: Data Layer, Middle Tier and Front End.
I am doing this because...
A) It seems the right thing to do, and
B) I am having all sorts of problems running unit tests for ASP.NET hosted assemblies.
Anyway, my question is, where do you keep your config info?
Right now, for example, my middle tier classes (which uses Linq to SQL) automatically pull their connection string information from the web.config when instantiating a new data context.
If my data layer is in another project can/should it be using the web.config for configuration info?
If so, how will a unit test, (typically in a separate assembly) provide soch configuration info?
I want to apply some better security measures to an existing web application. Currently, my connection string contains the user name and password in plain text. I'm also using a custom membership provider, which stores user names and passwords in the web.config file as plain text [URL] I would like to secure this information using an algorithm such as SHA1.
View 1 RepliesI'm trying to encrypt the connection strings in my web.config. I'm following:
http://msdn.microsoft.com/en-us/library/2w117ede.aspx
however when I get to the part with the command:
aspnet_regiis -pe "connectionStrings" -app "/MyApplication" -prov "MyProvider"
it keeps complaining:
"The configuration for the virtual path '/MyApplication' and site 'Default Web Site' cannot be opened
Failed to map the path '/myapplication'
Failed!
I'm fairly sure I've followed the instructions correctly. I created the project named 'MyApplication' directly in the 'C:' root.
Perhaps I should be following a different set of instructions?
How Can We Have two Connection Strings In Web.Config And Switch Betweeen Them In Code Behind? when i add two connention strings in web.config so an error appears that tells us u cann't add two connection strings in web.config. i want the upper job because i have 2 databases and i want transfer data from another to the other one.
View 4 RepliesLong story short, it would be a lot easier for me to just return two values (from a many-column table, like combining columns) than to combine them in my asp project. I'm just having many problems with binding to a dropdownlist, and it would be easier not having to guess what index the column is I need :)
So, let's just say my table, "Building", has 5 columns - BuildingID, PracticeID, PracticeName, Address, & Zip (there are many more in my real table).
I already have a stored procedure that is "SELECT * FROM Building ORDER BY PracticeName". What I would like, is something that returns column values together with literal characters, like:
PracticeID - PracticeName (Address) AS First
I know I could use "SELECT PracticeName AS Name FROM Building" to simply change the name of the column I'd receive, but I want to add literal characters ( "-" and "(" and ")" and " ") with specific columns I choose.
Since I have about 20 columns in my table and I only want about 6, I don't need to SELECT *, but only those 6. That's easy enough. But since I would still like these six columns combined, I'm not sure what to do.
Again, what I want is to return something like:
PracticeID - PracticeName (Address) AS First BuildingID - Zip AS Second the "-" and "()" and " " need to be included and returned from SQL, not when I retrieve them)
I have two connection strings (both in Web.Config: CS_Local and CS_Production) for my DBML (Linq to SQL). In my Global.Asax/Application_Start I run some production preparation methods if the request is non-local (!HttpContext.Current.Request.IsLocal). Within that part, I'd also like to change the current connection string used by my DBML from the standard CS_Local to CS_Production.
View 1 RepliesIs that possible to add two connectionstrings in web.config and Can I call those two web.config in my aspx.cs file?
View 3 RepliesI have seen the examples on how to switch between connections strings for development and production enviroments. My web.config also calls out a connection string for <roleManager and membership><providers>. Can this be setup to switch between the two connection strings?
View 1 RepliesI would like to use both of the connection strings in the same web.config file how can I do this I tried this yesterday it worked I called it a night, then this morning I got this. The error being on line: 10 Parser Error Message: The entry 'ApplicationServices' has already been added.
Line 8: <add name="ApplicationServices"
Line 9: connectionString="Data Source=Mysource;Initial Catalog=travelatlantic;User ID=MyID; Password=MyPassword;" />
Line 10: <add name="ApplicationServices"
Line 11: connectionString="Data Source=MySource;Initial Catalog=travelatlantic2;User ID=Myid; Password=MyPassword;" />
Line 12: </connectionStrings>
I have a stored procedure which returns a table. The stored proc is called via a linq datacontext.
It works fine and I get the table back however I really want to also get the title relating to each particular cell returned.
The stored procedure call is like:
var table = DataContext.GetTable().ToList();
So I get a List<GetTable>. The data is fine I just want the column names as well.
I'm have on my web page a text search box which I want users to type in there favourite football team and this will display a gridview of the teams with the replica shirts I offer.
This is where I thought about creating a stored procedure to carry out this task.
I looked online for ideas but I not found anything as yet.
I am helping a club create a site that has a password protected "members only area". I have never done anything password protected. I used VWD and created the user names and passwords. Apparently using the AspNetSqlProvider. The site and password protected area work great when tested locally. The problem is when the site is uploaded to the hosting company, the login area will not work. I found that I had to create an SQL database in the appropriate area of the hosting company. The login still won't work. I am thinking that I have to create a connection string in the web config file. The problem is - when I tried that the site wouldn't work when I tested it locally. I really need lots of help with this part.
View 5 RepliesI used the script where the image array has static images.I want to convert it dynamically by finding my images names from index.aspx.cs files which are stored in hidden fields.
my hiddenfileds has value:
uploads/../uploads/M_Banner_3-JO633939707781250000.jpg;uploads/../uploads/M_Banner_4-JO634014944056581250.jpg;uploads/../uploads/M_Banner_2-I-85634067544720151968.jpg;uploads/../uploads/M_Banner_1-Plan634067543966714468.jpg
I want to split this hidden filed and assign it to imagearray.how can i do this
var mygallery2=new fadeSlideShow({
wrapperid: "fadeshow2", //ID of blank DIV on page to house Slideshow
dimensions: [568, 313], //width/height of gallery in pixels. Should reflect dimensions of largest image
imagearray: [
["images/1.jpg", "", "", ""],
["images/2.jpg", "", "", ""],
["images/3.jpg"],
["images/4.jpg", "", "", ""] //<--no trailing comma after very last image element!
],
displaymode: {type:'auto', pause:2500, cycles:0, wraparound:false},
persist: false, //remember last viewed slide and recall within same session?
fadeduration: 500, //transition duration (milliseconds)
descreveal: "always",
togglerid: "fadeshow2toggler"
})
Not sure what's going on with this procedure, im kind of new at dynamic DB programming. As of right now if i click a button that triggers the execution of this stored procedure the page says the connection has been timed out..despite other stored procedures working flawlessly.
[code]....
Is it possible to call stored procedure in the web.config? I created the additional ID field in aspnet_membership, adding Stored procedure which stores additional information. This information I have entered in the web.config. Is it possible to call a Stored procedure in the web.config and write this information, or call the Stored procedure in C #?
View 2 RepliesI'm trying to find out how i store user names and passwords in the web.config file. I have tried looking for documentation on this but haven't found any so far.
I see in the class library it says that the Authenticate method of the FormsAuthentication class is for use in authenticating credentials against those stored in the config file, but i don't know how to store them there to begin with. I want to store two username:password pairs in the web.config file preferably encrypted.
one of these username:password pairs i want to be hard coded. The other i want to be able to be reset with a password reset form which I will code later. I guess there maybe a method for creating a sername:password entry in the web.config which could be used with my password reset form if such a method exists. But I need to know how to hand code the username:password entries into the web.config file to begin with and to beable to create the hard coded pair.
code I need to add to my web.config file i need to add and in what section?
also can you point me in the direction of a method used for creating username:password entries in web.config
My question is: I have update stored procedure in my database (simple update stmt) I am finding difficulty in writing a ADO.Net(C#) connection string for update stored procedure. i have 4 columns and i first 3 columns have constant values. The 4th column values needs to be updated. At the same time i need to increment and then update the table.
View 2 RepliesI'm using forms authentication and gettnig the following error: Server Error in '/' Application. Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Data.SqlClient.SqlException: Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'.
Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace:
[SqlException (0x80131904): Could not find stored procedure 'dbo.aspnet_CheckSchemaVersion'.]
System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) +2030802
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +5009584
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning() +234
System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +2275
System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) +215
System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async) +987
System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result) +162
System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe) +178
System.Data.SqlClient.SqlCommand.ExecuteNonQuery() +137
System.Web.Util.SecUtility.CheckSchemaVersion(ProviderBase provider, SqlConnection connection, String[] features, String version, Int32& schemaVersionCheck) +392
System.Web.Security.SqlMembershipProvider.CheckSchemaVersion(SqlConnection connection) +84
System.Web.Security.SqlMembershipProvider.GetPasswordWithFormat(String username, Boolean updateLastLoginActivityDate, Int32& status, String& password, Int32& passwordFormat, String& passwordSalt, Int32& failedPasswordAttemptCount, Int32& failedPasswordAnswerAttemptCount, Boolean& isApproved, DateTime& lastLoginDate, DateTime& lastActivityDate) +827
System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved, String& salt, Int32& passwordFormat) +105
System.Web.Security.SqlMembershipProvider.ValidateUser(String username, String password) +106
System.Web.UI.WebControls.Login.AuthenticateUsingMembershipProvider(AuthenticateEventArgs e) +60
System.Web.UI.WebControls.Login.OnAuthenticate(AuthenticateEventArgs e) +129
System.Web.UI.WebControls.Login.AttemptLogin() +127
System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +101
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +37
System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +125
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +167
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +5563
here's my code on my web.config file:
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="OleConnectionStringSource" connectionString="Data Source=alg-sql01;Initial Catalog=PriceFinder;User ID=PriceFinderUser;Password=******;Integrated Security=false"
providerName="System.Data.SqlClient" />
<add name="OleConnectionStringTarget" connectionString="Data Source=alg-sql01;Initial Catalog=PriceFinder;User ID=PriceFinderUser;Password=******;Integrated Security=false"
providerName="System.Data.OleDb;" />
<add name="PriceFinderConnectionString" connectionString="Data Source=alg-sql01;Initial Catalog=PriceFinder;Integrated Security=True"
providerName="System.Data.SqlClient" />
<add name="PriceFinderConnectionString2" connectionString="Data Source=alg-sql01;Initial Catalog=PriceFinder;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Forms">
<forms loginUrl="~/default.aspx" timeout="2880" />
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="OleConnectionStringSource"
enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
</providers>
</roleManager>
i have a folder where some txt files are located.
i want to get list of those txt files using query in SQL Procedure.
I tried some Query it is not returning Txt files in List. It just Listing Folders.
how can i achieve this.
I was following the tutorials from this two sites:
http://www.15seconds.com/issue/070104.htm
http://aspnet.4guysfromrolla.com/articles/020404-1.aspx
Following the first site, it had worked but when I´ve moved the pages and files to other folders and set the web.config file on this folder, now it won´t work at all!!!
The file is an *.swf object. I did put the asapi.dll to map the extension on the website root, I´ve put the
[Code]....
on the web.config new folder and on the web.config website´s root.
It won´t work!!! I can access the file directly!!! on the web.config of the folder that contains the file, there is a <deny users="*" /> line.
have made a file as "SQLQuery2.sql"
and a stored procedure named p1one
using sql server managmt stdio express 2005
how to call these query and the stored procedure and store the result in dataset to bind to gridview
This is surareddy. i nead some small clarification in the "Stored Procedure"
how to convert the oracle Stored Procedure to sqlserver2005/2008 Stored Procedure.
right now i am enhancing the project that project already developed the oracle Stored Procedure. now our company is using sqlserver 2005/2008.
how to convert the Oracle Stored Procedure to sqlserver 2005 Stored Procedure
Initially, I have tried to use stored procedure. But I changed my mind and preferred to call sql query in codebase with command text. However, it stills tries to find initially-called stored procedure (which is neither called or exists).I think that it is related caching. But I tried it with different browsers it did not work.What might be the reason?
View 4 RepliesIn my application there are 4 connection strings...from that i want one connectionstring should be default connection string.How to do ?
View 1 Replies