i want to display confidential data like bank account number, mobile numbers in 123**********1232 format in ASP.net controls. Like 022-23232-2322 will be 022*********2322 and on update it should save the actual data entered.
How it would be achieved in ASP.net?
If you want to mask it only for users which can't update it as commented, it's simple:
Dim number = "022-23232-2322"
Dim token = number.split("-"c)
Dim masked = String.Format("{0}{1}{2}", token(0), New String("*"c, 9), token.last())
Result as dersired: 022*********2322
Of course you have to store the real number serverside or load it from database when you need it. You should never need to unmask it. If an authorized user wants to update it you get the new value and you don't need the old. If you need it reload it from the data-source.
Related
How to store multiple field values across different pages in a single session object and fire that to save all field values in database on button click at the last page. A small snippet of code would help.
Though your question is a bit vague but I will respond as per my understanding. This is what you have to do to store values in the Session object:
'a string on an aspx page
Me.Session("Value1") = "My String"
'an integer on some other aspx page
Me.Session("Value2") = 100
'a different string of yet another different aspx page
Me.Session("Value3") = "Another String"
Then on the page where you have button click, you can get these values like this:
Dim str1 As String = Convert.ToString(Me.Session("Value1"))
Dim myInt As Integer = Convert.ToInt32(Me.Session("Value1"))
Dim str2 As String = Convert.ToString(Me.Session("Value3"))
Note that I have used different variables to store these values. This is just to give you an idea of how things work but it will be a good approach to have a custom object of yours instead of using many different objects.
I think you should save all those field values in a class and store that class object directly in session.
Not done any programming for about 5 years so im a little rusty on this one.
I am building an Asset management system to make my job easier but am struggling on a few things.
What i have so far is the DB setup and populated with a small amount of data, The main site itself is built and the basic select statements to a gridview of any data currently in the system for that particular page/search and i also have an insert statement that is populating the relevant tables based on data filed in on a form on that page. All these functions are working seamlessly.
The problem i have is that one field that needs to be populated for the insert statement needs to populate based upon the selection that is being made from a drop down box in the same form.
i.e.
An Asset that is being registered into the system has an Asset Type (the type details are contained within a parent table Asset_Type) the form has 3 fields for display purposes (one of these fields will need to return an entry to the Asset table in the database from the form, this is working) that are taken from the Asset_Type table, the other fields only relate to the Asset table itself.
What i am trying to achieve is that a user goes to the page and sees a list of Assets registered (this is working) they then need to add a new asset by filling in a form lower down on the page (for is there and writes to DB) on this form is a drop down menu that queries the Asset_Type table and allows the user to select the Type by name (this works)
What i now need to get working is for the 2 other fields to populate based on what Asset type is selected.
These fields are currently textboxes in the form but can be changed if required.
The code i have behind the page is below:
Protected Sub Name_Model_SelectedIndexChanged(sender As Object, e As EventArgs) Handles Name_Model.SelectedIndexChanged
Using conn As New SqlConnection(ConfigurationManager.ConnectionStrings("AssetManagementConnectionString").ToString())
Dim cmd As New SqlCommand()
cmd.Connection = conn
cmd.CommandText = "SELECT [ID], [Name_Model], [Description_Spec] FROM [Asset_Type] WHERE ([ID] = #ID)"
cmd.CommandType = CommandType.Text
conn.Open()
Dim reader As SqlDataReader = cmd.ExecuteReader()
If reader.HasRows Then
While (reader.Read())
{
Type_ID.text = (reader["ID"].tostring())
Name_Model.text = (reader["Name_Model"].tostring())
Description_Spec.text = reader["Description_Spec"].tostring
}
End While
End If
End Using
End Sub
So I'm not sure about Steve's comment, but I know he is a lot more familiar with VB based on questions of my own he has answered. However I am going to suggest something.
So "Drop downs" typically have 2 pieces of data associated with them.
A DisplayMember and a ValueMember (also a SelectedValue if it's a ComboBoxColumn)
You can reference either, I believe.
Then, you can do what you please with that value using an If Then or however you plan on using it.
assetValue = YourComboBox.DisplayMember.ToString
YourTextBox.Text = assetValue
or
If ComboBox.ValueMember = YourIndex Then
assetValue = Whatever
ElseIf
....
End If
Give that a try and let me know what you get. I am just throwing ideas out there.
I want to get an idea about how can i capture the data audit trail of SSRS report getting rendered in Asp.net reportviwer.
I dont want the execution log. Example my report take department as input and give all details of employee working in that department.
Now my requirement is that, lets say i run the report for department a and get some employee then i have to log a audit trail saying i have seen records of so and so employee.
I was thinking that from SSRS itself i can insert the record which are retrieved or to be rendered but what if rendering failed, my log will still say that i have seen the record even before it appearing on ASP.Net page. Second way is that i have to make another call after data is rendered with same parameter and then log the result which can give me wrong result as data might have changed in that small interval.
secondly is there a way to track the save and print event On asp.net reportviewer control
looking forward for ideas. Thanks in advance.
Reporting Services may not be the solution for you if you want to add behaviour to data access. Reports are best as a display of data, not having side effects.
That said, probably the best you can do is to audit the rendering process using custom code. For instance, when you go to display the employee code you call a function recording that it was displayed and by who:
Function AuditEmployeeAccess(EmployeeCode As String) As String
' Connect to database, audit access (off the top of my head, could be bad)
Dim con As New SqlConnection
Dim cmd As New SqlCommand
con.ConnectionString = "Data Source=MyServer;Initial Catalog=AuditDb;User ID=username;Password=password"
con.Open()
' Don't do this, use parameters
cmd.CommandText = ("insert into audit (AuditEmployeeCode, AccessEmployeeCode) values ('" + Globals!UserId.Value + "', '" + EmployeeCode + "')")
cmd.Connection = con
cmd.ExecuteNonQuery()
con.Close()
' Return the employee code for display in the report
Return EmployeeCode
End Function
then instead of the cell holding the field value, it uses the expression:
=Code.AuditEmployeeAccess(Fields!EmployeeCode.Value)
Now this will audit whenever the employee code renders rather than when it is looked at. For instance, if the report is 5 pages long but the viewer only looks at the first two pages the access will still be audited for those on page 5.
For this reason you are probably better off creating a custom screen rather than using a report.
I have a multiview with 4 views. To switch between the views I use 4 buttons and switch the multiview's activeview index to the relevant view inside the click event of each button.
In each view there are various controls to capture data. There is then a submit button at the bottom of the final view to write all the data to a database.
What I want to achieve is to capture a time stamp of when the user clicks the button to move to each view (which will ultimately be written to the database). I can assign a timestamp to a variable by using the below code in the click event of each of the 4 buttons
Dim phase1TimeStamp as string = DateTime.Now.TimeOfDay.ToString()
The problem is, when I come to write the records to the database in the click event of the submit button, it cannot see the values assigned to these time stamp variables.
Is there a way I can pass these variable values to the submit button click event or is there a different way I can achieve this altogether? Thanks
The easiest way to do this is probably by saving the variable to session, then retrieving it. You didn't say if this was ASP .NET Web Forms or MVC, so I will give you an option for each. MVC has a few different ways you can achieve this (ViewData, ViewBag, TempData, or directly to Session). I'm not quite as familiar with Web Forms but you can at least save to Session.
Web Forms
to save to session:
HttpContext.Current.Session("phase1TimeStamp") = phase1TimeStamp.ToString()
to retrieve it (you may have to cast it, depending on the type and your VB settings):
Dim myVar as String = HttpContext.Current.Session("phase1TimeStamp")
MVC
to save to session:
Session("phase1TimeStamp") = phase1TimeStamp.ToString()
to retrieve it:
Dim myVar as String = Session("phase1TimeStamp")
A note about MVC: If you want this to work across multiple sessions (I.E., for different users or even for the same user but with multiple tabs open), you will need to append the identifier ("phase1TimeStamp") in this case with some sort of unique identifier.
You can store the values in Session cache, like this:
Session("MultiView1_Clicked_DateTime") = DateTime.Now.TimeOfDay.ToString()
Session("MultiView2_Clicked_DateTime") = DateTime.Now.TimeOfDay.ToString()
Session("MultiView3_Clicked_DateTime") = DateTime.Now.TimeOfDay.ToString()
Session("MultiView4_Clicked_DateTime") = DateTime.Now.TimeOfDay.ToString()
The Session value will exist in memory across page requests.
Note: You can name the Session key whatever you wish, but to get the value back out you need to match that key name exactly. Also, everything in Session is stored as an Object so you will need to cast the value to a String when you want to retrieve the value.
I am currently working on a website where we can track small event for our clients. I am using linq-to-sql and asp.net to build it. So far the site is really small about 10 pages, and only 2 tables, events and clients. I have listed the columns for each table below:
Events:
-eventid
-eventname
-datecreated
-details
-datedue
-status
-clientname (this should be clientid)
-sentemail
Clients:
-clientid
-clientname
-clientemail
-clientphone
the issue I am having is getting the 2 database tables* to work together. Ideally I would like to have clientname replaced with clientid in the Events table.
I had it set up this way before but ran into an issue when listing out the events:
When I am listing out the events I would like it to show the client name as appose to the clientID. Unfortunately I am pretty new to ASP.net and although I could easily do it in PHP have no idea how to get it to work. Its not a huge deal but I would like to be able to update the client list and events apart from one another.
Sorry If this makes little to no sense, If there is any confusion I will try to word it better.
*correction on my part
Once you've got your database normalized, create a Linq2Sql context, and then you can write a query similar to this (to get a list of event names and their client names):
var results = from e in dbContext.Events join c in dbContext.Clients on e.clientid equals c.clientid select new { e.eventname, c.clientname };
in addition to the answer of Andrew Lewis you need to:
1) add the clientid field to the events table
2) run a sql query to fill the clientid field:
update events set clientid = (select clientid from client where name = events.clientname)
3) remove the clientname field from the events table