|
Rigard wrote: What is wrong with my statement?
You inject values into the SQL, which is a security risk and causes other problems.
Use parameterised queries instead of injecting values.
|
|
|
|
|
HI..
I would like to know how to design an annotation tool for a web-based courseware using vb.net. I have to open a page in vb and then do annotation to it such as highlighting text, adding text, etc..
zarine
|
|
|
|
|
Hi all,
does anyone know about how to build a Email sending function in a website? cause we are trying to enable customers to send news and some images of our products to their friends. Our news is storded in an XML file.when we display the News we will use the XMLReader to read the whole content in the XML file and save it with some reasonable html codes into a string variable. And then display the sting variable in a label. When we run it, the formated content will be display.
And we would like to send the same News page or at least some formated XML content file to the customers' friends.
But the email we managed to send can only send string, no pictures allowed. and when we send Label1.text, it send all the stings instead of the formated page.
Can anyone help!!!
Jackie Ding
|
|
|
|
|
Hello Jackie,
see code below. It's easy to extend it to send attachments. Look at MSDN for the both classes.
Private Sub SendMail(ByVal Sender As String, ByVal Subject As String, ByVal Body As String)
Dim oSmtp As System.Web.Mail.SmtpMail
Dim oMailMsg As New System.Web.Mail.MailMessage
oMailMsg.From = Sender
oMailMsg.To = "recv1@account.com;recv2@account.com"
oMailMsg.Body = Body
oMailMsg.BodyFormat = System.Web.Mail.MailFormat.Html
oMailMsg.Subject = Subject
oSmtp.SmtpServer = ConfigurationSettings.AppSettings("MailServer")
oSmtp.Send(oMailMsg)
oMailMsg = Nothing
End Sub
Regards
Stephan
\\\| \\ - -
( @ @ )
+---------------oOOo-(_)-oOOo-----------------+
| Stephan Pilz stephan.pilz@stephan-pilz.de |
| <a href=http:
| ICQ#: 127823481 |
+-----------------------Oooo------------------+
oooO ( )
( ) ) /
\ ( (_/
\_)
|
|
|
|
|
i'm a beginner of C# any expert can help me ??
code as below !!
Sub On_Login(ByVal sender As Object, ByVal e As System.EventArgs) Handles user_pwd.TextChanged, send_btn.Click
Dim strSQL As String '存放SQL語法
Dim objConn As New System.Data.OleDb.OleDbConnection() '產生連結資料庫物件
objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;" & "Data Source=" & Server.MapPath("./App_Data/member.mdb") '指定資料庫位置
objConn.Open() '開啟資料庫
strSQL = "Select * From 會員資料 where User_ID Like '" & user_id.Text & "' And user_PSD Like '" & user_pwd.Text & "'" '指定SQL語法
Dim objCmd As New System.Data.OleDb.OleDbCommand(strSQL, objConn) '執行SQL語法
Dim objReader As System.Data.OleDb.OleDbDataReader = objCmd.ExecuteReader() '接收結果
strSQL = "Insert Into log (User_ID, User_Time) Values ('" & user_id.Text & "','" & Now().ToString() & "')"
Dim insertCmd As New System.Data.OleDb.OleDbCommand(strSQL, objConn) '執行SQL語法
insertCmd.ExecuteNonQuery()
If objReader.Read() Then '搜尋成功 允許登入
If objReader.Item(9).ToString() = "管理者" Then
Session("user_id") = objReader.Item(1).ToString()
Session("role") = objReader.Item(9).ToString()
Response.Redirect("~/Administrator.aspx")
ElseIf objReader.Item(9).ToString() = "客服人員" Then
Session("user_id") = objReader.Item(1).ToString()
Session("role") = objReader.Item(9).ToString()
Response.Redirect("~/Attendant.aspx")
Else
Session("user_id") = objReader.Item(1).ToString()
Session("role") = objReader.Item(9).ToString()
Response.Redirect("~/Customer.aspx")
End If
Else '搜尋失敗
msg_label.Text = "帳號或密碼錯誤!!"
End If
objConn.Close() '關閉資料庫
End Sub
Bryan
|
|
|
|
|
Out Instant C# VB to C# converter produces:
//TODO: INSTANT C# TODO TASK: Insert the following converted event handlers at the end of the 'InitializeComponent' method for forms or into a constructor for other classes:
user_pwd.TextChanged += new System.EventHandler(On_Login);
send_btn.Click += new System.EventHandler(On_Login);
public void On_Login(object sender, System.EventArgs e)
{
string strSQL = null; //存放SQL語法
System.Data.OleDb.OleDbConnection objConn = new System.Data.OleDb.OleDbConnection(); //產生連結資料庫物件
objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;" + "Data Source=" + Server.MapPath("./App_Data/member.mdb"); //指定資料庫位置
objConn.Open(); //開啟資料庫
strSQL = "Select * From 會員資料 where User_ID Like '" + user_id.Text + "' And user_PSD Like '" + user_pwd.Text + "'"; //指定SQL語法
System.Data.OleDb.OleDbCommand objCmd = new System.Data.OleDb.OleDbCommand(strSQL, objConn); //執行SQL語法
System.Data.OleDb.OleDbDataReader objReader = objCmd.ExecuteReader(); //接收結果
strSQL = "Insert Into log (User_ID, User_Time) Values ('" + user_id.Text + "','" + System.DateTime.Now.ToString() + "')";
System.Data.OleDb.OleDbCommand insertCmd = new System.Data.OleDb.OleDbCommand(strSQL, objConn); //執行SQL語法
insertCmd.ExecuteNonQuery();
if (objReader.Read()) //搜尋成功 允許登入
{
if (objReader[9].ToString() == "管理者")
{
Session["user_id"] = objReader[1].ToString();
Session["role"] = objReader[9].ToString();
Response.Redirect("~/Administrator.aspx");
}
else if (objReader[9].ToString() == "客服人員")
{
Session["user_id"] = objReader[1].ToString();
Session["role"] = objReader[9].ToString();
Response.Redirect("~/Attendant.aspx");
}
else
{
Session["user_id"] = objReader[1].ToString();
Session["role"] = objReader[9].ToString();
Response.Redirect("~/Customer.aspx");
}
}
else //搜尋失敗
msg_label.Text = "帳號或密碼錯誤!!";
objConn.Close(); //關閉資料庫
}
David Anton
www.tangiblesoftwaresolutions.com
Instant C#: VB to C# converter
Instant VB: C# to VB converter
Instant C++: C# to C++ converter, VB to C++ converter
Instant Python: VB to Python converter
|
|
|
|
|
thank you very much for your help !!!
really thanks a lot !!!
Bryan
|
|
|
|
|
Sample Grid Image[^]
I'm looking to create the above sample using a datagridview. I'll be creating the grid at run-time and will have different time increaments for each grid. The row header with the (times) will be frozen and need to scroll with the grid. I'm thinking I'll need to us 2 grids side-by-side and link the scrolling events. But I'd like the forums input on it and if anyone has any differnet solutions. Thanks!
|
|
|
|
|
Can anybody help me? I am filling a datagrid with a file. one on the columns is currency (dollar and cents). I fcan convert the column to always create the cents (preferred) and the access DB shows ($1.00), but when I fill the datagrid is shows (1) and (7.93). I want to show ($1.00 and $7.93)
Thanks
silver-gray
|
|
|
|
|
FormatCurrency(columnVariable, 2)
FormatCurrency("1", 2) = $1.00
FormatCurrency("7.93", 2) = $7.93
|
|
|
|
|
I'm new to VB.NET and I'm trying to validate the input from a Textbox control to ensure no text is entered in the control.
How can I test the values entered are numerical instead of everything else (ie: string)?
|
|
|
|
|
The following will test to see if a textBox contains a non-numeric value:
If Not IsNumeric(txtTextBox.Text) Then
'do whatever you want to do after an invalid type is entered
End IF
Nate Lindley, .NET Aficionado
|
|
|
|
|
Thank you so much!
|
|
|
|
|
Hi - We have an interface which call a stored proc, sends in input parameters which in turn then inserts into the table.
This sp by itself, exec "sp name", runs for 6 minutes, don't ask, it is a huge dB!! I have set a command timeout of 400 seconds and my interface still comes back with a timeout issue.
Is there anything else we could set?
Thanks!
|
|
|
|
|
I'm sure you've already tried but I would suggest putting it at 500; maybe it takes a little more than 6 minutes? Otherwise it shouldn't time out... let me know if you've tried that, and i'll look into it a little more.
Nate Lindley, .NET Aficionado
|
|
|
|
|
Yes - I have tried that as well, setting it to 500.
Exact Error Message: system.data.sqlclient.sqlexception: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
Right now only changing the Command timeout property - should we change the commandtimeout for connection object as well?
thanks.
|
|
|
|
|
Yes, you can do that. But, 6 minutes is a LONG time to wait for a command. I would recommend seting this up and running the SP without waiting for any return values. You can use SQL Server's Notification Services if you want something returned.
Dave Kreskowiak
Microsoft MVP - Visual Basic
|
|
|
|
|
What do you mean - like a task?
I have a message - after the user clicks submit button to upload the data, it comes back with "successful" message.
You mean something that runs in the background? How would they know if it was successful?
Thanks.
|
|
|
|
|
SQL Server support sending COM-based notifications back to registered clients. For SQL Server 2000, you have to install Notification Services seperately. For 2005, SQL Server comes with it.
Notification Services[^]
Dave Kreskowiak
Microsoft MVP - Visual Basic
|
|
|
|
|
Hi - solved this by setting the command timeout to 0 - this implies unlimited - the customer doesn't mind waiting how ever long it takes - as long as it is done successfully.
Thanks.
|
|
|
|
|
6 minutes?? Wait until there's more data in there. 6 minutes will be an eternity to wait. I would have long since thought the app failed by then.
But, I'm not bashing you at all!! Sometimes the customer just doesn't know what they're getting into...
Dave Kreskowiak
Microsoft MVP - Visual Basic
|
|
|
|
|
Hey,
My question, if you couldn't already guess, has to deal with the .NET BindingNavigator. I'm using it to sort through some records and thats all fine and dandy. But my question is, when I am trying to search for a record based on its PK, is there an easy way to do it via the BindingNavigator? Or do I have to open a connection, fill a new dataset, and search for the pk via data table/data row access? Anyone who has used the BN for this purpose, or anyone who just wants to comment on the situation, let me know what you think and it will be much appreciated.
Thanks!
Nate Lindley, .NET Aficionado
|
|
|
|
|
The BindingNavigator doens't expose any method of searching, so no, it's really not cut out for this. You're best method is to get the PK, open a new connection and fill a dataset with a query specific for returning records with that PK.
Dave Kreskowiak
Microsoft MVP - Visual Basic
|
|
|
|
|
Hello,
I am facing a problem in key event handler for datagrid textbox cells. The event is fired for all the function key presses except for F2 and F5 keys. Any ideas or pointers are welcome.
Thanks,
Neo
|
|
|
|
|
F2 is reserved by the DataGridView to trigger editing whichever cell is currently selected. Change the DGV's EditMode property if you want to use this key for something else.
Dave Kreskowiak
Microsoft MVP - Visual Basic
|
|
|
|