Solved

Add records to sql sever database through asp.net website - visual studio 2008

Posted on 2013-11-11
3
383 Views
Last Modified: 2013-11-13
I'm using Visual Studio 2008 and firstly create asp.net website. I can connect to the information in SQL Server database using dataview or gridview and can query a particular entry (ie. Eqipment Id. -brings up all details linking to that Equipment).
I can then edit the details of that Equipment and this would update the SQL Server Db.
What I need to do is to have a form that simply enters new details for a new Equipment. ie. Enter Equipment Name:   [__] Enter Serial Number: [__]. Then for this to update the database. By using the gridview or dataview I am able to view all fields that exist in the table and edit them. Is there a way that I can get a blank gridview/dataview template (which includes all the fields in the table) and fill it out to then update the database?
0
Comment
Question by:cookiejar
  • 2
3 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 39640719
Your asp app needs to have a form with the fields.
Your existing code needs to be modified to display a blank form rather than query the database and then populate the data in the response.
0
 

Author Comment

by:cookiejar
ID: 39645089
Could you direct me to a good tutorial that will show me how to do this?
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 39645994
Without understanding what you currently have, I am guessing based on what you posted.

It sounds that your current rendering is based on a query into the database and then building out the form to present to the user.
One way to maintain this and get what you want is to query such that you do not get any valid responses but only have the fields.

The tool you are using to consrtuct these presumably has an empty form

<form action=processdata.aspx>
<input name=column>
<input type=submit
</FORM


http://www.w3schools.com/aspnet/aspnet_forms.asp has
Look for any ASP.net guide.  There are many sites on the web that provide access to the books that provide introduction/examples of constructing.
make sure to take into account that your current code suggests that it is likely open to SQL injection.  Deals with whether the data you receive from the web site, is being directly pumped into the sql server such that a well placed ' could terminate the execution of your sql query and then will process the directives that follow that well placed (').
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Occasionally there is a need to clean table columns, especially if you have inherited legacy data. There are obviously many ways to accomplish that, including elaborate UPDATE queries with anywhere from one to numerous REPLACE functions (even within…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now