Cannot bind result of HTTPUtility method to session variables - asp.net

I am using ASP.NET Web Forms. I am trying to bind some data from a previous page (including the URL and some specific figures stored in the URL) to session variables for use in a SQL insert statement to a SQL Server database.
An example of one of the assignments is below:
this.Session["URL"] = HttpUtility.ParseQueryString(Request.UrlReferrer.Query)["helpurl"];
The problem I am having is that on executing the SQL insert, the value does not seem to be present and the default value is recorded. SessionState is enabled. I am able to print the result of the HttpUtility method to a label, and I am also able to assign to session variables for a SQL statement if I assign them directly, eg:
this.session["Variable"] = Variable;
Any ideas why the result of the HttpUtility function may not be assigned to the session variable prior to the execution of the SQL insert statement?

It's ok - I placed the assignments inside an
if(!IsPostBack)
And they now work ok and are being recorded to the database. I also removed the 'this' keyword from them.
Thanks anyway

Related

Using a statically assigned application item as SQL in Oracle APEX

In my Oracle Apex 19.3 application I have a SQL statement that needs to be used on several pages and changes slightly based on the user that is logged in. So that I do not need to duplicate this code over and over on each page I generate this statement as an application item called: QUERY_BASED_ON_USER.
An application computation then statically sets it to SELECT j.* FROM table(pkg_jobstatus.report()) j WHERE j.id IN (:USERIDS)
(USERIDS is a separate application item)
I wish to use the application item QUERY_BASED_ON_USER as the sql statement for a table. When setting the data source to PL/SQL and using the following code,
BEGIN
return :QUERY_BASED_ON_USER;
END;
I get this error: PL/SQL function body did not return a value.
I tried debugging this by settings a static page region to: &QUERY_BASED_ON_USER. and it outputs the query correctly.
My assumption is that the code editor does not evaluate the application computation and thus it returns an empty string, which it then refuses to validate or save. But I do not know how to validate this or how to work around this.
How can I use the application item as the sql statement?
You need to set "Use Generic Column Names" to true, and specify the number of columns your query will return:
Then the query is not parsed until runtime, when the item value is available.

How can I get a list of recent queries with parameter values, not names?

I am aware of some ways for seeing the recent queries for the current database, such as:
SELECT deqs.last_execution_time AS [Time], dest.text AS [Query], dest.*
FROM sys.dm_exec_query_stats AS deqs
CROSS APPLY sys.dm_exec_sql_text(deqs.sql_handle) AS dest
WHERE dest.dbid = DB_ID()
ORDER BY deqs.last_execution_time DESC
My problem is that the results aren't showing the values being passed to the PROC, but are instead showing the names of the parameters. I already know the name of the PROC and I have the script. I need to know what a particular ASP app is passing in.
For now I just have the PROC INSERTing the param values into a logging table, but I was wondering if there was a better way.
Try to use custom logging in the stored procedure. Whenever the stored procedure is invoked, log an entry into the log table with the passed in params.

SQL: Best practice for inserting a record if it doesn't exist

I have an asp.net Gridview that handles insert operations into a SQL database. Records are only permitted to be inserted if they meet a uniqueness criteria, and this constraint is being enforced using unique indexes in SQL server. If the user attempts to insert a record that already exists, an error message is displayed.
I'm wondering what the best practice is for implementing this.
Check if the record exists SQL side, using IF EXISTS, and locking hints (updlock, holdlock, etc). Return an error code to ASP.net depending on whether the record was inserted
Perform the INSERT operation inside a SQL server try/catch block, relying on the unique index to prevent the insert from occurring if the record exists. Return an error code depending on whether an exception was thrown.
Perform the INSERT operation SQL side, but without SQL try/catch. Handle the PK violation exception inside ASP.net instead.
Normally I'd consider using exceptions to handle valid operations to be bad practice - i.e. software should not throw exceptions unless something is broken. However if the unique index on the table in SQL is going to implement the desired constraint, why bother performing a manual check for existence of the record?
I would make a separate call to check if the record already exists. If yes, show message to user, if no make insert. The reason I would do it this way is because I prefer keeping all the business logic in the application.
If you insist in making just one stored proc call:
I would check before I insert. I would also add an output parameter to the stored proc that returns a message if the insert was unsuccessful. In my application if I see a message in the output parameter, I will display that to the user.

Getting the parameter values being passed to SQL database via SQLDataSource control

I am debugging code written by a previous developer :-)
I have a SQLDataSource control that is calling a database stored procedure, and passing quite a large number of paramaters, and the stored proc returns records that populates a gridview control.
When I walk through the code behind to determine the values being passed, is there any way that I can see exactly how the parameters are being formated and passed to the stored proc?
You can use SqlDataSource's Updating event for this. It's parameter SqlDataSourceCommandEventArgs has a property Command that contains the parameters for the query.
Instead of trying to unpick them from Code-behind, use Sql Profiler. If you are using the Express version, there's a Profiler for that too: AnjLab Sql Profiler

Equivalent of RecordSet.MoveNext while Not EOF in ASP.NET

I'm using a DataReader to display informations stored in a table.
I created Two button to go to next record and to go back.
In VB6 I used this code :
While Not Recordset1.EOF
Recordset1.MoveNext
End While
In ASP.NET I didn't find a way to do like it, because DataReader hasn't the EOF property.
EDIT :
While Not Recordset1.BOF
Recordset1.MovePrevious
End While
How can I convert this last code (VB6) to ASP.NET ??
You use Read instead of MoveNext and it'll return false if there aren't any more records.
So:
While rdr.Read()
.... ' process this row
End While
Azirar, ho1 is correct in that you should use a DataTable. If you're updating after every post back and only need a single record you could still use a DataReader, but set up your SQL statement to get a single row (storing the appropriate information needed in your SQL statement (or better yet stored procedure) to get that single record back within query strings or session variables).

Resources