Hey everyone I am trying to figure out how to re write a url such as www.mywebsit.com/Articles/newsInfo.aspx?id=3 to www.mywebisite.com/Articles/My-News-Title.aspx
I don't know if I am misunderstanding something but below is the code i have and nothing seems to be happening. The URL stays the same.
Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs)
Dim currPath As String = Request.Url.ToString
If currPath.IndexOf("Articles") <> -1 And currPath.IndexOf("?np=") <> -1 Then
currPath = currPath.Substring(currPath.IndexOf("?np=") + 4)
Dim connectionString As String = ConfigurationManager.ConnectionStrings("MyConString").ConnectionString
Dim myreader As System.Data.SqlClient.SqlDataReader
Using myConnection As New System.Data.SqlClient.SqlConnection(connectionString)
Try
myConnection.Open()
Dim myCommand As New System.Data.SqlClient.SqlCommand()
myCommand.CommandType = Data.CommandType.Text
myCommand.CommandText = "SELECT TheNewsTitle FROM TheNews WHERE TheNewsId=" & currPath.Replace("'", "''")
myCommand.Connection = myConnection
myreader = myCommand.ExecuteReader
If myreader.HasRows Then
myreader.Read()
HttpContext.Current.RewritePath("~/Articles/" & myreader.GetValue(0).ToString.Replace(" ", "-") & ".aspx")
myreader.Close()
End If
myConnection.Close()
myCommand.Dispose()
myConnection.Dispose()
Catch ex As Exception
myConnection.Close()
myConnection.Dispose()
End Try
End Using
End If
End Sub
The code never errors out so i don't understand what is going on.
Are you trying to do actual URL Rewriting ? In other words - you want the links in your site to look like
www.mywebsite.com/Articles/My-News-Title.aspx
and be processed by
www.mywebsite.com/Articles/newsInfo.aspx?id=3
yes ?
Have a look here: -
http://msdn.microsoft.com/en-us/library/cc668201.aspx
http://msdn.microsoft.com/en-us/library/dd329551.aspx
Related
When I try to insert into databases, the following message shows up:
This website can not be accessed
The connection has been reset.
try:
Check the connection.
Check the proxy server and firewall.
Run Windows Network Diagnostic Data
my code is:
Protected Sub btnYes_Click(ByVal sender As Object, ByVal e As EventArgs) Handles btnYes.Click
Dim bday As String = DropDownList11.SelectedItem.ToString & "/" & DropDownList10.SelectedItem.ToString & "/" & DropDownList12.SelectedItem.ToString
Try
Dim conn1 As New SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\pc1\Desktop\WebApplication1111\WebApplication1\App_Data\StudentRegistration.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True")
Dim cmd As New SqlCommand("insert into students values(#std_nn, #std_sn, #std_fn, #stdsecn, #std_midn, #std_ln, #std_gndr, #std_bday, #std_cbirth, #std_ident, #stdmstatus, #std_mail, #std_phone, #std_ppic, #std_rstatus, #std_spec, #std_twjavg, #std_twjtype)", conn1)
Dim affectedrow As Integer
cmd.Parameters.Clear()
cmd.Parameters.AddWithValue("#std_nn", Session("studentno").ToString)
cmd.Parameters.AddWithValue("#std_fn", TextBox2.Text)
cmd.Parameters.AddWithValue("#stdsecn", TextBox3.Text)
cmd.Parameters.AddWithValue("#std_midn", TextBox4.Text)
cmd.Parameters.AddWithValue("#std_ln", TextBox5.Text)
cmd.Parameters.AddWithValue("#std_gndr", DropDownList1.SelectedItem.ToString)
cmd.Parameters.AddWithValue("#std_bday", bday)
cmd.Parameters.AddWithValue("#std_cbirth", TextBox6.Text)
cmd.Parameters.AddWithValue("#std_ident", TextBox7.Text)
cmd.Parameters.AddWithValue("#stdmstatus", DropDownList2.SelectedItem.ToString)
cmd.Parameters.AddWithValue("#std_mail", TextBox8.Text)
cmd.Parameters.AddWithValue("#std_phone", TextBox9.Text)
cmd.Parameters.AddWithValue("#std_ppic", Image1.ImageUrl.ToString)
cmd.Parameters.AddWithValue("#std_rstatus", "waiting")
cmd.Parameters.AddWithValue("#std_spec", DBNull.Value)
cmd.Parameters.AddWithValue("#std_twjavg", TextBox10.Text)
cmd.Parameters.AddWithValue("#std_twjtype", DropDownList3.SelectedItem.ToString)
If conn1.State = ConnectionState.Closed Then
conn1.Open()
affectedrow = cmd.ExecuteNonQuery()
End If
conn1.Close()
If affectedrow > 0 Then
add_subjects()
add_attachments()
Label1.Text = "done"
Response.Redirect("Stdinfo.aspx")
End If
Catch ex As Exception
Label1.Text = "error"
End Try
End Sub
I am having an issue with my login page. I am not getting any errors so am not able to know where the problem is?
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Login.Click
'connection string
Dim mysqlconn As MySqlConnection = New MySqlConnection("server=localhost;user id=root;Password=123;database=users;persist security info=False")
Dim cmd As New MySqlCommand
Dim da As New MySqlDataAdapter
Dim mydata As New DataTable
Dim reader As MySqlDataReader
Try
mysqlconn.Open()
Dim query As String
query = "SELECT * FROM login_form where Username = '" & rfvUser.Text & "' and Password='" & rfvPWD.Text & "'"
cmd = New MySqlCommand(query, mysqlconn)
reader = cmd.ExecuteReader
While reader.Read()
If rfvUser.Text = "admin" And rfvPWD.Text = "admin" Then
Me.Session("User") = Me.rfvUser.Text
Server.Transfer("Admin.aspx")
ElseIf (rfvUser.Text = reader("UserName").ToString()) And (rfvPWD.Text = reader("Password").ToString()) Then
Me.Session("User") = Me.rfvUser.Text
Server.Transfer("Ersal_send.aspx")
Else
ClientScript.RegisterStartupScript(Page.[GetType](), "validation", "<script language='javascript'>alert('Invalid Username or Password')</script>")
reader.Close()
End If
End While
Catch ex As Exception
MsgBox(ex.Message)
Finally
mysqlconn.Dispose()
End Try
End Sub
End Class
Have you tried running the query directly via a SQL client? If your query is not returning any rows, then your procedure will simply exit without any errors as it will never enter the While loop.
Another advice: It is never a good idea to pass user input directly into a query. This leads to SQL injection. Use parameterised queries. Google for it.
I'm attempting to create a search page, which will display the results into a Gridview, but keep getting the following error when I click the my search button: Invalid attempt to call Read when reader is closed.
This is my code:
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As EventArgs)
Dim connectionString As [String] = ConfigurationManager.ConnectionStrings("myDbConnectionString1").ConnectionString
Dim connection As New SqlConnection(connectionString)
connection.Open()
Dim mySQLQuery As String
Dim vID As String
vID = Request.QueryString("pgResults")
mySQLQuery = "SELECT name,address,results,url FROM myTb WHERE name LIKE '%" + TextBox1.Text + "%'"
Dim myCommand As New SqlCommand(mySQLQuery, connection)
Dim myReader1 As SqlDataReader = myCommand.ExecuteReader(CommandBehavior.CloseConnection)
While (myReader1.Read())
GridView1.DataSource = myReader1
GridView1.DataBind()
End While
panelBody.Visible = False
panelSearchResults.Visible = True
connection.Close()
End Sub
Could I get some help please?
You cannot call Read() and then use a IDataReader as a DataSource, let DataBinding handle that. try this:
Dim myReader1 As SqlDataReader = myCommand.ExecuteReader(CommandBehavior.CloseConnection)
GridView1.DataSource = myReader1
GridView1.DataBind()
Im facing the error when execute the data reader command in vb.net. it throw handling. This field like when you enter employee id in textbox then it will capture in database for other field name,department.
here is my code
Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
Dim conn As New MySql.Data.MySqlClient.MySqlConnection
Dim strConnectionString As String =ConfigurationManager.ConnectionStrings("testConnectionString").ConnectionString
Dim sqlQuery As String = "SELECT * hr_record WHERE Emplid='" & txt1.Text & "'"
Using sqlConn As New MySqlConnection(strConnectionString)
Using sqlComm As New MySqlCommand()
With sqlComm
.CommandText = sqlQuery
End With
Try
sqlConn.Open()
Dim sqlReader As MySqlDataReader = sqlComm.ExecuteReader()
While sqlReader.Read()
txt1.Text = sqlReader("Emplid").ToString()
TextBox1.Text = sqlReader("Nama").ToString()
TextBox2.Text = sqlReader("DeptDesc").ToString()
End While
Catch ex As MySqlException
MessageBox.Show(ex.Message)
End Try
End Using
End Using
End Sub
Try to change your select query like
Dim sqlQuery As String = "SELECT * from hr_record WHERE Emplid='" & txt1.Text & "'"
Note:- Cannot use code like that in Page_Load.Try to make one Function and call that function from Page_Load and always use Parameterized query.
Updated answer:
Page_Load
Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
DataBind()
End Sub
Outside Method:
Public Sub DataBind()
Dim sConnection As String = "server=(local);uid=sa;pwd=PassWord;database=DatabaseName"
Using Con As New MySqlConnection(sConnection)
Con.Open()
Using Com As New MySqlCommand("SELECT * from hr_record WHERE Emplid='"txt1.Text
"'", Con)
Using RDR = Com.ExecuteReader()
If RDR.HasRows Then
Do While RDR.Read
txt1.Text = RDR.Item("Emplid").ToString()
TextBox1.Text = RDR.Item("Nama").ToString()
TextBox2.Text = RDR.Item("DeptDesc").ToString()
Loop
End If
End Using
End Using
Con.Close()
End Using
End Sub
Note:Try to implement your logic like that and also modified as per your requirements.
Hope it works.
You try to get Emplid in page load,but it's still nothing you should use button to check if Emplid exist
Thanks to all thanks helping me..finally this code it works thanks to all .
this the code will be function
Dim conn As New MySql.Data.MySqlClient.MySqlConnection
Dim strConnectionString As String = ConfigurationManager.ConnectionStrings("testConnectionString").ConnectionString
Using sqlConn As New MySqlConnection(strConnectionString)
sqlConn.Open()
Using sqlComm As New MySqlCommand()
sqlComm.Connection = sqlConn
With sqlComm
.CommandText = "SELECT * from hr_record WHERE Emplid='" & txt1.Text & "'"
End With
Try
Dim sqlReader As MySqlDataReader = sqlComm.ExecuteReader()
While sqlReader.Read()
txt1.Text = sqlReader("Emplid").ToString()
TextBox1.Text = sqlReader("Nama").ToString()
txtdep.Text = sqlReader("DeptDesc").ToString()
End While
Catch ex As MySqlException
MessageBox.Show(ex.Message)
End Try
sqlConn.Close()
End Using
End Using
End Sub
Protected Sub GridView3_RowCommand(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.GridViewCommandEventArgs) Handles GridView3.RowCommand
For Each myRow As GridViewRow In GridView3.Rows
'Find the checkbox
Dim lab1 As Label = DirectCast(myRow.FindControl("Label1"), Label)
If e.CommandName = "Sumit" Then
Dim cmd As New Data.SqlClient.SqlCommand
Dim con As New Data.SqlClient.SqlConnection(constr)
Try
Dim strSql As String = "DELETE * FROM hotels WHERE hotelid =" & lab1.Text
'------------"
con.Open()
cmd.Connection = con
cmd.CommandText = strSql
cmd.ExecuteNonQuery()
Catch ex As Exception
Response.Write(ex.Message)
Finally
cmd.Dispose()
con.Dispose()
End Try
End If
Next
GridView3.DataBind()
End Sub
I'm not sure why you think that will delete everything in the table, as I'm fairly certain it will not even execute. DELETE does not require any columns or * to be specified. It should just be DELETE FROM hotels WHERE [etc, etc].
Also, you should seriously consider giving this article a read: How To: Protect From SQL Injection in ASP.NET. Especially "Step 3. Use Parameters with Dynamic SQL", which detail how you could change your code to prevent SQL injection.
I believe what you are looking for is this:
Protected Sub GridView3_RowCommand(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.GridViewCommandEventArgs) Handles GridView3.RowCommand
Dim myRow As GridViewRow = DirectCast((System.Web.UI.Control)(sender)).NamingContainer, GridViewRow)
'Find the checkbox
Dim lab1 As Label = DirectCast(myRow.FindControl("Label1"), Label)
If e.CommandName = "Sumit" Then
Dim cmd As New Data.SqlClient.SqlCommand
Dim con As New Data.SqlClient.SqlConnection(constr)
Try
Dim strSql As String = "DELETE FROM hotels WHERE hotelid =" & lab1.Text
'------------"
con.Open()
cmd.Connection = con
cmd.CommandText = strSql
cmd.ExecuteNonQuery()
Catch ex As Exception
Response.Write(ex.Message)
Finally
cmd.Dispose()
con.Dispose()
End Try
End If
GridView3.DataBind()
End Sub
The syntax may be off I'm not too familiar with VB. As well it would be better to pass the ID of the hotel record in the e.CommandArgument thus you would not have to retrieve it from a label on the page. It is deleting all your records because you are looping through all your rows in the grid view and deleting each record.