How would I take a text box value and use it in the query string on submit? I'd like it to start as this,
/News?favorites=True
and end up something like this after the user enters in a search and clicks search.
/News?query=test&favorites=True
The controller action looks like this
public ActionResult Index(string query,bool favorites)
{
//search code
}
If that Possible then How?
Response.Redirect("Manage Admin.aspx?AdminId=Select AdminId from Admins where UserName=" + Session["AdminSession"]);
Example scenario:
User login has a list of associated 'accounts' it has access to... this list of accounts is stored in a database table, say tblAccountAccessControl, something like:
login, accountID
userA, account123
userA, account456
userA, account798
userB, accountABC
userB, accountDEF
etc..
This info is used throughout the web application and determines the 'domain' of information the particular login has access to. For example there are many other tables that have the 'accountID' field and whenever a page pulls data from the table it only pulls data that the currently logged in user should be allowed to see, based on that tblAccountAccessControl data.
The security question:
Do I need to query the database every time I need to get this list of allowed accountID's? I was about to use a plain old query string to pass a particular accountID to another page but quickly caught myself as I realized that would be a major security flaw (the receiving page was going to use that accountID to grab info from the database, and there would be nothing preventing a user from simply typing in a url manually to get data from an accountID they are not supposed to be allowed to view). So I then thought I'll just store the list of accountID's in a session state variable so they will be carried with the user throughout the session.
But then I remembered there are tools out there that allow you to easily intercept and modify asp.net viewstate information and I'm not sure if that would included session state variables, but I'm guessing they would. Is there a way to create a secure query string? If I used session state would that session state information be exposed and modifyable by utilities out there? Am I just stuck having to query the database every time I need this info to assure security? What about encrypting it and then storing in session state variable (just thought of that one)?
I am building a Web Content form in which the user enters some data in asp:TextBoxes, and presses submit to store the data in the database.
I am using an Upadate Panel, in which I have put the afore mentioned asp:TextBoxes. Is there a way to set TextBox.Text = string.Empty after the submit?
Note that I have implemented code, which sets my TextBox.Text = string.Empty in my aspx.cs file, which of course does not work since I am using the update panel with an AsyncPostBackTrigger...
I have written below code to check for blank value in my textbox but its generating compilation Error.
my code in javascript:
function checkTextboxNotFilled(txtbox) {
var txtb = document.getElementById("<%= " + txtbox + ".ClientID %>");
if (GetFormattedString(txtb.value) == "") {
return true ;
}
else {
return false ;
}
}
error:
'string' does not contain a definition for 'ClientID' and no extension method 'ClientID' accepting a first argument of type 'string' could be found (are you missing a using directive or an assembly reference?)
I am calling it like this : checkTextboxNotFilled("MytextboxName")
I have developed the below web page which has an asp.net 3.5 listview control as it's frontend and an sql server db as it's backend.
[URL]
The first row on the web page is the inserting row. What I am hoping to achieve is that when the user enters their appropriate data they click the "Next" button to assign this dataset with it's own identity ID (customer_id) value within my database (this works perfectly), at the same time on the fly I want to use this customer_id as a query string variable to populate a child page (customerTrades.aspx) in order to pin further data to this identity. Currently I am attempting to use the below code within the iteminserted event of my listview control but I receive the error: "object reference not set to the instance of an object"??
protected void lvTrustAccounts_ItemInserted(object sender,
ListViewInsertedEventArgs e)
{
string customerID = e.Values["customer_id"].ToString();
Response.Redirect("http://www.tradeselector.co.uk/customerTrades.aspx?customer_id="
+ customerID + "");
}
Is this because the child page cannot find the customer_id variable being passed through the query string? Because it's not actually created yet? Am I using the wrong listview event? How can I achieve what I am looking for?
I must also mention that I'm using a linqdatasource to insert my data on runtime into my database. However, I am using the listview iteminserting event to insert my frontend dropdownlist selected values, code below:
protected void lvTrustAccounts_ItemInserting(object sender,
ListViewInsertEventArgs e)
{
e.Values["customer_created_date"]
= DateTime.Now;
e.Values["customer_update_date"]
= null;
DropDownList ddl_CountyInsert =
(DropDownList)lvTrustAccounts.InsertItem.FindControl("CountyInsertDDL");
DropDownList ddl_CityInsert =
(DropDownList)lvTrustAccounts.InsertItem.FindControl("CityInsertDDL");
DropDownList ddl_CountryInsert =
(DropDownList)lvTrustAccounts.InsertItem.FindControl("CountryInsertDDL");
e.Values["customer_county_code"]
= ddl_CountyInsert.SelectedValue;
e.Values["customer_city_code"]
= ddl_CityInsert.SelectedValue;
e.Values["customer_country_code"]
= ddl_CountryInsert.SelectedValue;
}
I would think that this would work pretty seamlessly, but I am having trouble getting the text from a textBox control in an accordion pane's content to pass into the paypal web payments https post.
If I put an amount in the querystring in my codebehind isntead of passing the text string and click the button in the accordion pane, it works perfectly on the paypal page. But for some reason, I am getting a null return in the text string when I try to make the amount in the querystring whatever the text in the textbox is.
I have tried putting the accordion in an update panel and got the same results....
Am I missing something the get the text from the textbox?
Here is my accordian pane:
<cc1:AccordionPane ID="AccordionPane1" runat="server">
<Header>
<a href="" onclick="return false;" style="color:#FFFFFF; font-weight:bold;">Donor</a>
</Header>
<Content>
<b>$150-299</b>
<asp:BulletedList ID="BulletedList2" runat="server" Font-Size="Small">
<asp:ListItem>Program Listing</asp:ListItem>
<asp:ListItem>10% Off other productions</asp:ListItem>
</asp:BulletedList>
<div style="text-align:center;">
<asp:TextBox ID="donorAmt" runat="server" Width="100" Height="15px"></asp:TextBox> <asp:LinkButton ID="LinkButton1" runat="server" Text="Make Payment Online" OnClick="LinkButton1_Click" />
<cc1:TextBoxWatermarkExtender ID="TextBoxWatermarkExtender1" runat="server" TargetControlID="donorAmt" WatermarkText="Your Amount" WatermarkCssClass="accTextWM" />
</div>
</Content>
</cc1:AccordionPane>
Here is how I am getting the text string in codeBehind:
Protected Sub LinkButton1_Click(ByVal sender As Object, ByVal e As System.EventArgs)
Dim amt As String = donorAmt.Text
Response.Redirect("https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=XXXXXX@XXXXX.org&amount=" & amt & "&no_note=0&item_name=ALT Donor Level Annual Membership&sra=1¬ify_url=http://XXXXX.com/IPN.aspx&no_shipping=0&return=http://www.XXXXXX.com/donate/thanks.aspx&rm=2")
End Sub
Note: Some of the paypal string has been removed for privacy
[Code]....
[Code]....
Get Gridview item template textbox value to string variable?
How Can Redirect Search TextBox Value to default page On Search Button Click Asp.net..Here is my Code
div>
<asp:TextBox ID="TextBox1" runat="server" Height="37px" Width="526px" style="background-color: #CCFFFF"></asp:TextBox>
<asp:Button ID="btnsearch" runat="server" placeholder="Search By Brand Name" Text="Search" OnClick="btnsearch_Click" Style="font-weight: 700; color: #0000CC; background-color: #FF6600;" Height="39px" Width="108px" />
<asp:Label ID="Label4" runat="server" Text=""></asp:Label>
</div>
I Have A TextBox for Search Box And A button On My About Us Page ...i want to redirect The Search Box Value On default Page With Search Data from My Datalist That is belongs to Default Page.When I Click On Search Button The Value of Search Box Redirect To Default Page And Show value Data from Datalist
I'm tyring to write a simple DetailsView only used for inserting new records that will pre-fill a textbox with a query string value. Here's the DetailsView:
[code]....
All I want to do is set VenueID_FK.Text to = the "VenueID" querry string. I also want the user to be able to see the VenueID number as they are filling out GridView1.
I know this is probably a simple thing, but I am very new to asp.net. I thought I could handle this in the page load event, but when I try something like this
TextBox VenueID_FK = (TextBox)DetailsView1.FindControl("VenueID_FK");
And then follow by setting the Text property programitically. I've accomplished something similar to this on a different page using a FormView, but only for ReadOnly mode and it was handled in the databound event on that page.
I get the error "The name 'DetailsView1' doesn't exist in the current context." when trying to do the above mentioned. When trying the same line in the databound event here, I get the same error.
How do I do this? I want to search my database in listview form with the text from a textbox or an item from a drop down list which is on another page.
View 1 RepliesI am trying to use a variable from the code-behind page in a sqlDataSource WHERE statement. I am using Membership.GetUser().ProviderUserKey to obtain the UserId of the logged in user and I would like to only show record that have this UserId as a foreign key. How can I write the SQL for this?
Here is what I have so far:
SQL Query:
SelectCommand="SELECT [UserID], [CarID], [Make], [Model], [Year] FROM [Vehicle]"
Code-Behind
String user2 = ((Guid)Membership.GetUser().ProviderUserKey).ToString();
And I want to add WHERE UserID = user2 to the SQL Query.
Initially before page load I declared list string variable
List<string> Emails = new List<string>();
Then I am adding value in for each as
Emails.Add(Convert.ToString(item["E-mail Address"]));
I checked value are ading properly. Then on btn_click event I am retrieving value as
foreach (string emailid in Emails
{
Response.Write(emailid .ToString());
}
Nothing is displaying, it seems on form submit list string is initializing.
Example:
[URL]
I added the iis tag because I am guessing it also depends on what server technology you use?
I'm trying to figure how to on a submit button execute an sql file.
We have a job recruiting application, and for the subsidiaries companies they all have their own database setup for the jobs. At night the application has a consolidator script built in to pull all the jobs posted in those companies and load the posting into the parent companies website job listing. This listing will then point back to the Subsidiary website for the applicant to apply.
The issue with that script is the time it took to execute which is 20hrs to run as a scheduled task. We have created a more efficient script and would like to place a submit button in the admin panel for the HR recruiters to click which will automatically upload their updated job listings to the parent company.
So what would be the proper coding framework to use on the submit form to execute our new consolidator sql script?
I m facing some problem. i m not passing Dynamic string through query string..
I m using this code
string abc = "CPCB_" + TextBox1.Text + "_" + TextBox2.Text;
Response.Write("<script>window.open('xml.aspx?Flag=3&date='+abc,target='new');</script>");
I have a HTML form a string variable.e.g: there are below string in FormBody variable string.
<form id='paymentUTLfrm' action='...' method='post'>
<input type='hidden' name='CardAcqID' value='131211234234667' />
<input type='hidden' name='AmountTrans' value='1' />
[code]...
Is It Possible to send a string consists of (,.&') in a query string ?
View 7 RepliesI have a simple ASP.net page:
<form id="form1" runat="server">
<p><asp:TextBox id="input_box" runat="server"></asp:TextBox>
<asp:Button Text="OK" runat="server" OnClick="run" /></p>
</form>
I want to send input from input_box to a query string, and then keep this input in the input_box when the page reloads.
That's the code behind page:
protected void Page_Load(object sender, EventArgs e)
{
input_box.Text = Request.QueryString["input"];
}
protected void run(object sender, EventArgs e)
{
string url = string.Format("?input={0}", input_box.Text);
Response.Redirect(Request.Url.AbsolutePath + url);
}
Problem is that when query string is not empty, string from input_box cannot be passed to query string. How to correct it?
We are sending an HTML encoded string in the Query string. It was working fine on IIS 6 (windows 2003). We have recently moved the website to Windows 2008 (IIS 7.x). Since the move any Query String that contains "+" sign i.e., "%2b" gives error on the server "404 -File or directory not found."
View 2 RepliesI have a value in string i want to use that value on next page.
How can i access it with previous page property?
Or is there any other way to fetch value store in string variable on next page?
How to display the string data stored in a string[] variable into gridview?
View 9 RepliesI want to enter a url of the form [URL] and pass the "MC001" to a query string.
the query string I have now is:
qry = "SELECT QRID, QRContent FROM " & tablename & WHERE QRID= '" & request.querystring() & "'"
Why does this not work?
I'm having some trouble writing a query using variables. Here's my code
Dim bondnumber as String = "69836"
Dim PasswordCheck As String = "DECLARE @investor varchar(10),
@thepassword varchar(20), @linkedserver2 varchar(25), @sql varchar(1000) "
PasswordCheck += "SELECT @investor = '" & bondnumber & "',
@linkedserver2 = 'binfodev', "PasswordCheck += "@sql = 'SELECT * FROM ' +
@linkedserver2 + ' WHERE bondno = ''@investor'' ' EXEC(@sql)"
It doesn't seem to be passing the variables properly in the query and I'm not sure where I'm going wrong.
I wanted to create a URL like http://localhost/menu.aspx/?id so that on typing this, it displays all the id's in the database. for eg:134
123
543
234
may be the id's which should be displayed after fetching from the database. However, it should be displayed as it it is without any control or without arranging in any gird etc. How can that be done?
