Web Forms :: Uploading File With Database Parameters That Need To Return Nothing On Update?
Sep 14, 2010
Got a problem with regards to the file upload control on database updates. The problem is in my CMS, when a user tries to update content for a page it will add null to the fields containing the image path. What I need is for the system to check if the uploader has no image and if hasn't it has to do nothing. It can't add empty strings or null values as this will remove the original image path. Although they still need to be able to do image updates if the uploader has a file(this bits not a problem).
Here is a snipet of code to demonstrate what I'm trying to achieve.
[Code]....
View 1 Replies
Similar Messages:
Mar 10, 2010
I want to upload a text file and stored to my database. the column on my database it is longblob type.
View 6 Replies
Nov 30, 2010
when i specify values in my update query the query works fine and the database gets updated, but when i use parameters in my query the database does not update here is the code i have written
try
{
OdbcConnection MyConnection = new OdbcConnection(ConfigurationManager.ConnectionStrings["myconn"].ConnectionString);
MyConnection.Open();
String MyString = "UPDATE orddetpabak SET jud1=@jud1,jud2=@jud2,jud3=@jud3,adv=@adv where fil_no=@fil_no AND orderdate=@orderdate";
OdbcCommand MyCmd = new OdbcCommand(MyString, MyConnection);
String j1=DropDownList4.SelectedValue;
String j2=DropDownList5.SelectedValue;
String j3=DropDownList6.SelectedValue;
String j4=TextBox4.Text;
String j5 = HiddenField1.Value;
String j6 = TextBox3.Text;
MyCmd.Parameters.AddWithValue("@jud1",j1);
MyCmd.Parameters.AddWithValue("@jud2",j2);
MyCmd.Parameters.AddWithValue("@jud3",j3);
MyCmd.Parameters.AddWithValue("@adv",j4);
MyCmd.Parameters.AddWithValue("@fil_no",j5);
MyCmd.Parameters.AddWithValue("@orderdate",j6);
Response.Write(DropDownList4.SelectedValue);
Response.Write(" " + DropDownList5.SelectedValue);
Response.Write(" " + DropDownList6.SelectedValue);
Response.Write(" " + TextBox4.Text);
Response.Write(" " + HiddenField1.Value);
Response.Write(" " + TextBox3.Text);
MyCmd.ExecuteNonQuery();
//MyConnection.Close();
}
catch(Exception epp)
{
Response.Write(epp);
}
View 1 Replies
Dec 7, 2010
i want to upload multiple files through file upload or file control at the same time i want to privew that file and also its size and description, only one click on browse file these above tasks must performed, and i can upload multiple files type like pdf,doc,zip and in last i want to store those all files in database binary or any any other data type which is reliable for storing such data. can any one tel me that how can i do this.
View 2 Replies
Feb 1, 2010
I have been in the process of updating my code with security methods, and I've been learning this from [URL] (or "Security Guidelines: ASP.NET 2.0"). In the middle of the page under "When Constructing SQL Queries, Use Type Safe SQL Parameters" it says "Use type safe parameters when constructing SQL queries to avoid possible SQL injection attacks that can occur with unfiltered input". Now, what they suggested was to use code like:
"DataSet userDataset = new DataSet();
SqlDataAdapter myCommand = new SqlDataAdapter(LoginStoredProcedure", connection);
myCommand.SelectCommand.CommandType = CommandType.StoredProcedure;
myCommand.SelectCommand.Parameters.Add("@au_id", SqlDbType.VarChar, 11);........"
But, I was already using code like:
"var dataSource = (SqlDataSource)form1.FindControl("sqlDataSource5") ;
dataSource.UpdateParameters.Add("someVal", val);"
So now, to use type safe parameters, I decided to include it like:
"var dataSource = (SqlDataSource)form1.FindControl("sqlDataSource5") ;
dataSource.UpdateParameters.Add("@someVal", DbType.Int16, val);
dataSource.UpdateParameters["@someVal"].Size = 1;"
So, that would be how I would modify my current code base to use type safe parameters in sql updating/inserting.
Getting to my actual question, as it was said "Use type safe parameters when constructing SQL queries to avoid possible SQL injection attacks that can occur with unfiltered input". First off, this suggests that this should apply to unfiltered input. Also, in their example they only did this for an ID.
So, what I'd like to know, when it comes to "unfiltered input", does this mean as long as the input is unfiltered I must use type safe parameters, or even filtered input shall have this (just to be sure), like, input that has been ran through a regularexpression check? Shall I do this for all values I insert/update into the database, or just IDs and important things?
The way I see it right now is that it would be a good precaution to just do type safe checks on everything (literally) that updates/inserts into the database just to be extra safe. But, I really am unsure if this is really the best idea, because if I did, would this possibly cause overprocessing of information? Can this cause too much strain on server resources? If my fears serve true, what would be a good suggestion of how I could implement this properly without having to worry about what I said?
View 1 Replies
Oct 25, 2010
I'd like to allow users to upload a .pdf file via the file upload control (if that's the best method), save the file to the db and then retrieve it so they can click on a link and open the .pdf they've uploaded. I've been looking for a tutorial on how to do this but keep running into methods of saving the file directly on the server in a directory, not in SQL server (using Linq and VB by the way)
View 4 Replies
Jan 24, 2016
Currently I was done to insert data thru upload excel file. May I know, how to UPDATE the existing data using iploading excel file.
View 1 Replies
Jan 20, 2010
I creating a page where our clients can view advertising images and then able to download the images in different file formats. So I need the images and the different download types all saved into the same row in the database so that when I go to display them on the page when they select a picture the right download links will be there. So here where my problem comes in, I don't know how to code it so that I can insert mulitiple file paths into the database at once. The images are saved in a table called images. The downloads are saved in a table called Image Downloads.
Here is the code for the page I have it coded to submit the images to the database but not sure how to add the rest. I have got three different sql datasources for each table not sure if that's the way to go.
[Code]....
View 1 Replies
May 10, 2010
I searched a lot of threads but still couldn't get my problem fixed. I have to update the "regform" table with two fields: session_ and session2. These two fields are inside the detailview edititem template which bounded to dropdown list drpsession1, drpsession2 separately. I wanted to pass the update parameters to the update sql UPDATE dbo.regform SET session_=@session_, session2=@session2 where id=@id
the @session_ is bounded to a drpsession1 and @session2 is bounded to drpsession2. I used
ControlID="ctl00$ContentPlaceHolder1$DetailsView1$drpsession1" to access the dropdown list within the detailview, but still couldn't do the updates. What's wrong with my code? Do I have to use the code behind to specify the update parameters? and How to do it? TIA.
<
"
asp:DetailsView
ID="DetailsView1"
runat="server"
AutoGenerateRows="False"
DataSourceID="SqlDataSource2"
Height="50px"
Width="544px"
DataKeyNames="id"
ondatabound="DetailsView1_DataBound">
<Fields>
<
asp:TemplateField
HeaderText="Session -Part I"
SortExpression="session_">
<
EditItemTemplate>
<asp:DropDownList
ID="drpsession1"
runat="server"
DataSourceID="SqlDataSource3"
DataTextField="session_time"
DataValueField="session_id"
SelectedValue='<%# Bind("session_") %>'
AppendDataBoundItems="True"
Width="229px">
<asp:ListItem
Text="Please select"
Value="-1"
/>
</asp:DropDownList>
<asp:SqlDataSource
ID="SqlDataSource3"
runat="server"
ConnectionString="<%$ ConnectionStrings:Connstr %>"
SelectCommand="SELECT dbo.sessions.* FROM dbo.sessions"></asp:SqlDataSource>
</EditItemTemplate>
<
asp:TemplateField
HeaderText="Session - Part II"
SortExpression="session2">
<EditItemTemplate>
<asp:DropDownList
ID="drpsession2"
runat="server"
DataSourceID="SqlDataSource4"
DataTextField="session_time"
DataValueField="session_id"
SelectedValue='<%# Bind("session2") %>'
AppendDataBoundItems="True"
Width="234px">
<asp:ListItem
Text="Please select"
Value="-1"
/>
</asp:DropDownList>
<asp:SqlDataSource
ID="SqlDataSource4"
runat="server"
ConnectionString="<%$ ConnectionStrings:Connstr %>"
SelectCommand="SELECT dbo.sessions2.* FROM dbo.sessions2">
</asp:SqlDataSource>
</EditItemTemplate>
</Fields>
</asp:DetailsView>
<
asp:SqlDataSource
ID="SqlDataSource2"
runat="server"
ConnectionString="<%$ ConnectionStrings:Connstr %>"
UpdateCommand
where regform.id=@id">
="UPDATE dbo.regform SET session_=@session_, session2=@session2 where id=@id">
<UpdateParameters>
<asp:ControlParameter
ControlID="ctl00$ContentPlaceHolder1$DetailsView1$drpsession1"
Name="session_"
PropertyName="SelectedValue"
Type="String"
/>
<asp:ControlParameter
ControlID="ctl00$ContentPlaceHolder1$DetailsView1$drpsession2"
Name="session2"
PropertyName="SelectedValue"
Type="String"
/>
<asp:ControlParameter
ControlID="DetailsView1"
Name="id"
PropertyName="SelectedValue"
/>
</UpdateParameters>
</asp:SqlDataSource>
View 2 Replies
Apr 27, 2016
I tried to update existing image using the code shown below. Then when I retrieve the image file, my image button only shows "X" icon. What is wrong with this code.
Dim filePath As String = FileUpload2.PostedFile.FileName
Dim filename As String = Path.GetFileName(filePath)
Dim ext As String = Path.GetExtension(filename)
Dim contenttype As String = String.Empty
Dim filestr As Stream = FileUpload2.PostedFile.InputStream
[CODE]...
View 1 Replies
Jan 30, 2013
I want to update the record of xls file into the database after every 5 min in asp.net ?
View 1 Replies
Oct 15, 2010
It seems like this would be fairly straight forward. I've got a gridview that loads up using one stored proc, but I've got a searchbox to filter the grid, and when the user enters some criteria I want to use a different proc to return the results. Something tells me I should be doing this with one procedure, but I can't seem to make that work either. When the form loads, my grid is populated. And if I leave my search criteria blank and search anyway, my grid is still populated correctly. But if I enter search creteria, I get diddley squat. What gives? Here is the relevent snippets.
[Code]....
View 1 Replies
Feb 20, 2010
I want to delete file available on server and same time I want to update the filename column in my database.If I delete file first and then update database and an error come in updating database my file is already gone.If I update database first and then delete file from from disk and an error occur my file information in database is already gone Can any one tell me how I can do it both successfully. I means either both operations should succeed or I should not lose my physical file or its information in database.
View 3 Replies
Feb 25, 2011
i've got a gridview and sql datasource. Its connected to a stored proc that has four optional parameters. In VS when i set up the data source, if i use the test option, and dont supply any values for the sproc, it returns all the values in the table which is what it should do. Now when i try to fill the gridview, it wont return anything at all unless i provide values for all 4 parameters.
It's not even trying to search because i had sql profiler open and nothing shows up until i provide all 4 values. any idea why it's doing this? How do i get it to actually bind even if provide less then all 4 (or none) of the values?
View 1 Replies
Apr 6, 2010
I need to browse excel file and update the neccessary tables based on some ID. It is basically updating employees in bulk.
View 7 Replies
Dec 20, 2010
I have a problem that currently we are use a sybase database and we want to create application that give me a output in excel report that's mean my data stored at sybase or mysql and we access it from this after it generate my report in excel form and give this output on excel format?
View 1 Replies
Jun 10, 2010
i am using a file uploader to upload files. Now when i am using this on a mobile emulator with default browser IE it is uploading only those files whose name is less than 6 character. the files with name more than 6 character is not uploading through mobile emulator or mobile phone (PDA). I need this solution very soon.
View 1 Replies
Nov 20, 2013
In my asp.net project i have a folder (folder name "Data").
I upload .pdf file and save the .pdf file in My Data folder.
In same day if i upload same name file then the previous file is overwrite without any message.
So I would like to know, how can i show a message like ("same name file is exit ,Do u want to replace it").
View 1 Replies
Mar 28, 2011
internal static void GetUserData(int userId, out string userName,
out string userEmail, out string userPassword)
{
using (SqlConnection con = Util.GetConnection())
{
con.Open();
using (SqlCommand cmd = new SqlCommand("usp_UD_SelectById", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@UD_ID", SqlDbType.Int).Value = userId;
cmd.Parameters.Add("@UD_UserName", SqlDbType.NVarChar, 100).Direction = ParameterDirection.Output;
cmd.Parameters.Add("@UD_Password", SqlDbType.NVarChar, 100).Direction = ParameterDirection.Output;
cmd.Parameters.Add("@UD_Email", SqlDbType.NVarChar, 100).Direction = ParameterDirection.Output;
cmd.ExecuteNonQuery();
userName = Convert.ToString(cmd.Parameters["@UD_UserName"].Value);
userEmail = Convert.ToString(cmd.Parameters["@UD_Email"].Value);
userPassword = Convert.ToString(cmd.Parameters["@UD_Password"].Value);
}
}
}
and the call
string userEmail;
string userName;
string userPassword;
MemberHelper.GetUserData(userId, out userName, out userEmail, out userPassword);
Sometimes I need to get just one parameter from the out parameters, how can I call the function when I want to get just one:
string userPassword;
MemberHelper.GetUserData(userId,"","",out userPassword);
View 1 Replies
Jan 17, 2010
I try to have an URL like this /Forum/Index/2 for url I have a route {controller}/{action}/{page} in my global.asax
If i test the above url with the Route Debugger it corresponds to the above route ( and some other but this is the fist one in the list ) but if I create an url with the ActionLink
( like this : [Code]....
),
this methode return me this URL /Forum/Index?page=2 Is there a way to a have an url with nothing in querystring with the ActionLink methode ? Gauthier
View 10 Replies
Jul 22, 2010
I pass two parameters to my repository to return one record
I am strugling to wite the code to return one record.
Here is my repository-
public Classifieds_Ads GetUserClassifiedDetailsToModify(int classifiedid, Guid UserGuid)
{
return context.Classifieds_Ads.Where(c => c.User.Id == UserGuid && c => c.CatID == classifiedid);
}
View 1 Replies
Jan 20, 2010
I have a Business Intelligent project with many reports and I would implentent that reports in a ASP.Net page in server processmode.
I create a master page, and a normal page for this master page with report to view:
<rsweb:ReportViewer ID="ReportViewer1" runat="server" Font-Names="Verdana" Font-Size="8pt"
Height="500px" ProcessingMode="Remote" Width="100%" >
<ServerReport ReportPath="/reportServer/simpleReport" ReportServerUrl="http://localhost/reportserver" />
[Code]....
But i get back this error
The 'Gender' parameter is missing a value This problem is in only one report, this report have a multiview parameters.
View 1 Replies
Jun 2, 2010
I have site that I need to have a vendor send an Http Post to us, using querystring parameters, then I have to look up some data and return a few results and parameters back to them. Can this be done using CLASSIC ASP? I ask this because I am still in a learning phase with .NET and have limited resources available to set up a web service.
View 2 Replies
May 2, 2010
I keep running into a problem when trying to connect to my web service. THe problem only occurs when I try to update the database linq to sql file. When I do this and then upload the wcf services and attempt to connect I get this error: Quote: The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.
Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMess age methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at IService1.GetPollById(Int32 pollId)
at Service1Client.GetPollById(Int32 pollId)
If I then revert back to the old linq to sql file it works fine.
View 1 Replies
Jul 2, 2010
I'am Developing a commercial website using vs2005 and sql 2005,where my users will download and upload wallpapers and ringtones,so my issue is, i got the coding for uploading ,
But the problem is it is storing the files two times,
If FileUpload1.PostedFile IsNot Nothing Then
Dim FileName As String = System.IO.Path.GetFileName(FileUpload1.PostedFile.FileName)
FileUpload1.SaveAs(Server.MapPath("Images/" & FileName))
[Code].....
View 4 Replies