Posts by jugosoft

That maybe happens because page and master are not in the same folder. To solve this case register script file on page load.

- Insert statement should be:

cmdSave.CommandText = "insert into tblMember(Std_ID,Last_N,First_N,Mid_N,Level,Section) values (@Std_ID,@Last_N,@First_N,@Mid_N,@Level,@Section)";

- You don't have to write explicity which data type is parameter (in some cases you must - very rare), and when you add parameter to SqlCommand there should be no '@' sign.

cmdSave.Parameters.Add(new SqlParameter("Std_ID", this.txtStud_ID.Text));
cmdSave.Parameters.Add(new SqlParameter("Last_N", this.txtLast_N.Text));
cmdSave.Parameters.Add(new SqlParameter("First_N", this.txtFirst_N.Text));
cmdSave.Parameters.Add(new SqlParameter("Mid_N", this.txtMid_N.Text));
cmdSave.Parameters.Add(new SqlParameter("Level", this.cmbLevel.Text;));
cmdSave.Parameters.Add(new SqlParameter("Section", this.txtSection.Text));

Advice

Use Trim() when inserting data into database.

If you use SQL Server Authentication (which is true this case) you must set Integrated Security parameter to false. This should work:

return new SqlConnection(@"Data Source=68.71.135.2,2121;Initial Catalog=DBTest;Integrated Security=False;User ID=myId;Password=mypass;");

1. All variables declared in class are by default private. If you want that they can be visible to any method, try putting keyword public before data type.

public int variable1;

2. If you have location map, I think that there must be X and Y cooridnate?

Sql Server keeps date in MM/dd/yyyy format. I also had a problem because in Serbia format is: dd.MM.yyyy hh:mm:ss. But following code solve it.

public DateTime convertToUkStandar(string date) 
{
    DateTime dateVariable = Convert.ToDateTime(date);

    return dateVariable.ToString("dd/MM/yyyy hh:mm:ss tt");
}

Date that you want to insert in SQL Server database must be in format MM/dd/yyyy, and time must be in format hh:mm:ss. Don't forget to set data type of collumn in database to datetime.

string dateAndTime = DateTime.Now.ToString("MM/dd/yyyy hh:mm:ss");

...
command.ExecuteNonQuery();

You can limit textbox's maximum length by settings its attribute length/max length to 4 in the Properties panel.

Your code in vulnerabile with SQL injection. Always use parametarised queries:

public void checkUsername() {
            string qry = "SELECT Password FROM Tablename WHERE User=@username";
            using (SqlConnection conn = new SqlConnection("YourConnectionString"))
            {
                try
                {
                    conn.Open();

                    SqlCommand cmd = new SqlCommand(qry, conn);
                    cmd.Parameters.Add(new SqlParameter("username", userName.Text));
                    SqlDataReader reader;

                    reader = cmd.ExecuteReader();
 
                    if (reader.HasRows)
                    {
                        while (reader.Read())
                        {
                            if (edtPassword.Text == reader["Passwrod"].ToString())
                            {
                                //what needs to happen if after this
                            }
                        }
                    }
                    else
                    {
                        MessageBox.Show("Username was not found", "Error",  MessageBoxButtons.OK, MessageBoxIcon.Error);
                    }
                }
                catch (Exception ex)
                {
                    MessageBox.Show(ex.Message, "Error Opening Database", MessageBoxButtons.OK, MessageBoxIcon.Error);
                    return;
                }
                finally
                {
                    conn.Close();
                }
 
            }
       }

You can, like you pass values to for example SqlConnection constructor.

Try with this code, I changed SQL query and parameter:

string connectionString = null;
            OleDbConnection connection;
            OleDbDataAdapter oledbAdapter = new OleDbDataAdapter();
            string sql = null;
            connectionString = "Provider=Microsoft.Jet.OLEDB.4.0;" + @"data source=Book.mdb";
            connection = new OleDbConnection(connectionString);
            sql = "delete from Books where BookKey = @BookKey";
            try
            {
                connection.Open();
                oledbAdapter.DeleteCommand = connection.CreateCommand();
                oledbAdapter.DeleteCommand.CommandText = sql;
                oledbAdapter.DeleteCommand.Parameters.Add(new OleDbParameter("BookKey", OleDbType.Char, 0, "BookKey"));

                MessageBox.Show("row deleted");
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.ToString());
            }
            finally
            {
                connection.Close();
            }

Correct, insert that validator in ASP.NET page and connect it with control. Find more informations about it on the link I gave you. I don't have too much expirience with validators.

]You can use ASP validators. More information about them you can find on next link:
http://www.w3schools.com/aspnet/aspnet_refvalidationcontrols.asp

If that is a SQL query, use next query:

SELECT * FROM table WHERE date > 'date' AND date < 'date2'

Use next code:

Private Sub TextBox_KeyPress(ByVal sender As Object, ByVal e As System.Windows.Forms.KeyPressEventArgs) Handles TextBox.KeyPress
        Dim ascii As Integer = Asc(e.KeyChar.ToString)
        
        ' Ascii code for comma is 46
        If ascii = 46 Then
            e.KeyChar = ","
        End If
    End Sub