An IT Solution

In my application I have a target to show message if user does not have permission to navigate to another page. I can do this by using server code but it will make a round trip to server and make a bad user experience so, I decided to use java script. Following is the function of Java Script <script language="javascript" type="text/javascript"> function func_Message(obj) { if (parseFloat(obj)>0) { return true; } else { alert("Please assign a value before viewing the details"); return false; } } </script> And following is the code of Link Button from where I am passing value to Java Script Function <asp:LinkButton ID="lnk_Details" runat="server" Text="Details" CommandArgument='<%# Eval("festi_id") +"~" + Eval("user_id") %>' CommandName="ViewDet...

When I am working in core asp mail sending is one of the biggest task. For mail sending I have to check for third party on server. I have to according to third party avalibale on different server. But, now say thanks to Microsoft who had made that task easy. Sending a email using ASP.NET 2.0 and C# 2.0 is actually very simple. First, you will need to import the System.Net.Mail namespace. The System.Net.Mail namespace contains the SmtpClient and MailMessage Classes that we need in order to send the email. You have to write this code to your page. public static void Send(string SMTPServerName, string SMTPUserName, string SMTPPassWord, string MailFrom, string MailTo, string CC, string BCC, string Subject, string Body, bool BodyHTML, string Attachment) { MailMessage message = new MailMessage(MailFrom, MailTo, Subject, Body); /******************************************/ //Adding multiple To Addresses foreach (string sTo...

Recommended reading part I Use Type-Safe SQL Parameters The Parameters collection in SQL Server provides type checking and length validation. If you use the Parameters collection, input is treated as a literal value instead of as executable code. An additional benefit of using the Parameters collection is that you can enforce type and length checks. Values outside the range will trigger an exception. The following code fragment shows using the Parameters collection: SqlDataAdapter myCommand = new SqlDataAdapter("AuthorLogin", conn); myCommand.SelectCommand.CommandType = CommandType.StoredProcedure; SqlParameter parm = myCommand.SelectCommand.Parameters.Add("@au_id",SqlDbType.VarChar, 11); parm.Value = Login.Text; In this example, the @au_id parameter is treated as a literal value instead of as executable code. This value is checked for type and length. If the value of @au_id does not comply with the specified type and length constraints, an exception will be thrown....

When first time I had heard about SQL Injection attack, I got afraid what the thing about, who can even insert, select and drop my tables from my database. After searching on internet and visiting many of website I came to some of the conclusions. What is SQL injection attack? SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker. The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. When the stored strings are subsequently conca...

File uploading was always been a tedious task for the web developer community. Either we have to use a third party component or write several lines of code. Now, ASP.Net had make this easy to implemnet and deploy With ASP.NET file uploading has become a lot easier, importantly without the need for third party components. All we have to do is to use the ASP.NET HTML File control and write a few lines of C# code. In classic ASP we would use the HTML file control for uploading files. In ASP.net we replace this with the ASP.NET HTML File control. The declaration of ASP.NET HTML file control is much like normal HTML file control except for the runat attribute set to server. (e.g) <input type="file" id="myfile" name="myfile" runat="server" /> Similarly we use the ASP.NET button control which the the user will click to upload the file he has selected using the file control. As ASP.NET follows event based programming model we can attach a server s...