Posts by ChrisHunter

We solved this by adding a new method to the string object to replace any <script> tags in a string to defuse it.

This solution removes any potential script tags and will prevent any html tags from being encoded (useful when you're trying to render out html from a string.

Sorry I realise I've posted this in the wrong section, it's been a while since I've visited DaniWeb.

I'm currently doing some encoding work to protect a site from XSS attacks. We've stuck a bunch of <script>debugger;</script> tags in the db. Dispite my best efforts, the strings I've encoded to stop the debugger getting hit (to prevent an XSS attack), are still getting hit in developer tools.

Is there a chance that double encoding something could cause this to happen or is that not possible?

Thanks in advance!

I'll get this one in there first... DaniWeb is great for learning C#. If you have any questions people will answer and there's quite a few helpful code snippets.

I used to use C-SharpCorner when I was at Uni and there's also a site, called Pluralsight, which is useful when you're learning pretty much any programming language and has tutorials for all levels.

Hi Kiran, You should start a new thread for your question. You may receive more responces if you do.

Apologies but I don't fully understand your question.

When you click a row in the first dataGridView, do you want to select that same row in the second dataGridView?.

Plenty of hail stone showers, rain, wind and cold temp today. Temp has dropped quite a bit lately. Pales in comparison to the Philippines at the moment though so I count myself lucky.

Are you just trying to set the value to blank? If so just do textBox.Text = string.Empty;

Why don't you create a stored procedure to search for a record based on an ID passed in from the data grid view, instead of doing the query in your VB code?

It means all your stored procedures are in one place and have can be easily identified and modified.

It saves having to search through your VB code to find the string, can save you bulking your VB code out with query strings and is more managable in the long run. Especially when it comes to bigger application.

I had good knees until I had a scooter accident about 8 years ago and they've been weak ever since. They usually give in every 12 months or so and it's back to limping around with knees the size of foot a ball.

I'd take anyother joint pain over knee pain any day.

Hope the Op's work!

Plain brown rice, broccoli and chicken... It tastes as boring as it sounds.

Sorry I completely missread your code.

It's because you trying to put a string, descd.Text, into your decimal parameter without converting it.

Convert.ToDecimal(descd.Text);

Porridge made using water instead of mild and a cup of black coffee... I'm on a lean mass building diet and this my second breakfast of the day... I'm bored of eating already!

Ford Focus Zetec 1.6 for the last 4 years which I'm selling because I don't use it much anymore :(

I now ride a Suzuki SV650 SK8 in blue which is why I don't use my car anymore. Always wanted a bike, even over a car, I can't get enough of it.

GSZR700 or BMW HP4 RR next! or a van to convert like @HappyGeek is doing.

From what I've just read you might need to intall the version of .NET framework you used to build your application, on the machine you've installed it on as it may not already be installed.

Hi Sizwe, how did you get on with this problem? did you manage to solve it?

You're welcome.

Use a JOIN clause to join information from more than one table.

This should show all rooms that are available on the specified dates.

SELECT r.RoomID, r.RoomNumber, r.RoomType, r.PricePerNight, b.CheckIn, b.CheckOut
FROM Rooms r
LEFT JOIN Bookings b on b.RoomID = r.RoomID
WHERE (Convert(datetime, b.CheckIn, 103) NOT BETWEEN Convert(datetime, @CheckInDate, 103) 
        AND Convert(datetime, @CheckOutDate, 103))
AND (Convert(datetime, b.CheckOut, 103) NOT BETWEEN Convert(datetime, @CheckInDate, 103) 
        AND Convert(datetime, @CheckOutDate, 103))

I hope this helps, let me know how you get on with this.

Here is a link about the different types of joins

Replace saveFileDialog1.Close(); with Application.Exit();

saveFileDialog1.Close(); terminates the application

Try something like the following

int number

if (int.TryParse(textBox1.Text, out number))
{
    // value is valid whole number.
}
else
{
    // value is not a valid whole number.
}

Try this:

UPDATE table1 t1 
    SET table2.b = t1.b
    WHERE t1.a = table2.a 

Let me know if this works or not.

It's a question typed straight from a homework sheet by the sounds of it but what I think @Santanu Das is asking is if an item is marked at £100 and the seller sells it for a 10% loss on the the on the marked price, what is that price and how is it worked out.

@Santanu Das, to work out a persentage of something you take the number that number, devide it by 100 and then multiple it by the persentage you wish to find.

For example 10% of £100 is worked out as:
£100 / 100 = 1
1 x 10 = 10 <---- Stick a % on that and that 10% loss of a £100 item.

This can easily be googled so please show that you have at least tried solve or google it yourself before you post a question.

We're always happy to help but the rules do state that you should you have at least attempted to solve the problem yourself first.

Happy coding!

HA! That's for me to know and you to find out ;)

You're homework, your problem... Unless you've shown that you've made a conscious effort and not just looking for someone to do your homework

"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid." - Albert Einstein

Price / 100 x 10 (persentage)

I WIN !

Eating while typing is one of my worst but biting the inside of my mouth while I'm coding is the wors. I look like I'm praticing for a gurning competition and it hurts like hell by the time I'm finished!

@cgeier is right, the exception will just be passed back through the call stack until it hits the catch in MethodA.

Also as @cgeier said, if MethodB and MethodC don't do anything other than return the value returned from the method they have called they are redundent (I assumed you would be doing other functions dependent of the returned values).

Is this the kind of thing you're looking for?

        public static void MethA()
        {
            try
            {
                MethB();
                Console.WriteLine("String is NOT empty");
                Console.ReadLine();
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
                Console.ReadLine();
            }
        }

        private static bool MethB()
        {
            return MethC();
        }

        private static bool MethC()
        {
            return MethD();
        }

        private static bool MethD()
        {
            string userInput = Console.ReadLine();

            if (!string.IsNullOrEmpty(userInput))
            {
                return true;
            }
            else
            {
                throw new Exception("String is empty");
            }
        }

If you throw the exception in MethodD it either throws an exception, bombs out of the application and displays the exception or the exception is caught by the first try/ catch it comes to and is delt with accordingly.

I don't know to be honest. If its an app where the user needs to enter text I'd show a messagebox if the string was empty.

try putting the try catch in MethodA and throwing the exception in MethodD. It should just fall through to MethodA.

Can you not just return an empty string?

You could always throw an exception. It's not recommended but it's an option.

Just another reason to keep the beard!

http://www.dailymail.co.uk/news/article-2755655/Tiny-girl-s-reaction-dad-unexpectedly-shaves-beard.html

Hi dd2308, What do you mean by the code doesn't work when you put it in the form load event, does it give you an error?

Vault Wagon produce more sausages than cars (I'm not sure if that is just last year or more as a whole).

It's because your application is trying to connect to a database that doesn't exist.

You need to set up a connection, from the other machine, to the database for it to work.

Explain your situation to your tutor/ lecturer as soon as possible. They may give you more time considering the circumstances.

Also there are quite a lot of link in the sticky posts at the top of the C# forum that will help you out.

same

fare

In you stored procedure, define the datetime variables to default to null values like this:

@StartDate datetime = null,
@EndDate datetime = null

This will let you pass null values into your stored proc.

At the moment you convert your datetime variables to a varchar which means they're no longer a datetime. It might not be the best way to do it but try converting the joindate to a varchar too.

This way they are both the same datatype.

If you're writing the stored proc within the C# code us double quotation marks instead of single when you're writing the SQL string.

Single quotation marks are used define chars in SQL so it might be trying to pass in the charactors @StartDate ranter than a datetime.

Or have you posted this in the wrong forum?

You can always convert the word entered by the user into to a char array and take the charactor in the first index

Something like:

Char[] charactorArray1 = textBox1.ToCharArray();
string newString = charactorArray[0].ToString();

Char[] charactorArray2 = textBox2.ToCharArray();
string newString = newString + charactorArray2[0].ToString();

Char[] charactorArray3 = textBox3.ToCharArray();
string newString = newString + charactorArray3[0].ToString();

If you had more than 3 text boxes for the user to input into it would be best to do the above in a loop.

Check the spelling of you database name, schema name and table name.

The best thing to do will be to either use intilesence or copy and paste the names to make sure you've got the exact spelling as you might have miss spelled them when you created them (I speak from experience).

As Fenrir() said you should generate the ID in within your database. If you generate the ID within your application you risk generating duplicate IDs which will cause errors.

You should make the ID the primary key for in a table because it is be the unique identifier for each record. When you insert the a new record you can return the ID that is automatically generated.

What does the error message say?

If they're on the same server you just have to put the name of the database before the schema and table names. For example:

SELECT * FROM Database1.dbo.Table1 db1t
INNER JOIN Database2.dbo.Table2 db2t
    ON db1t.ID = db2t.ID

You should also list the specific fields you want to pull from each table rather than using SELECT *.

Google is your friend...

http://msdn.microsoft.com/en-GB/library/ms173156.aspx

http://www.csharp-station.com/Tutorial/CSharp/lesson13

http://www.dotnetperls.com/interface

Try using While (True). It should to infinite loop until the user closes the application.

My brother had an S4 and he had a problem with the battery swelling up and not charging properly/ loosing charge quickly.

Turned out to be a know fault and they replaced it so do a few searches to see if it's a known fault. Hopefully they might replace the battery for you.

Mine is more stubble than a beard. I trim it every week and haven't clean shaved in about 4 years but still can't get it to join fully on the right side!.

Since sporting the stubble at 21 I've had a maid at a hotel said "my son is his age and he doesn't look like that" and a guy I work with almost have a heart attack when he found out I was only 24 and saying "F.... hell is that it, you must have had a hard life, my watch is older that you!"

If I clean shaved I'd probabbly get turned away from the rides at Alton Towers...

Edit: This thread was near the top of the list because it had been resurected by another user. I need to look before I comment

If you bind a DataGridView to a collection/ data source then the data in the data source will be updated when you change it within the DataGridView.

Your question is very vauge and as part of using DaniWeb you have to show what you've done so. This is to show you have attempted it yourself first and so that people can try to see how you're doing it.

Here are a few more links that may me of help. One of them is about the DataGridView object and describes how it can be used...

http://www.dotnetperls.com/datagridview

http://msdn.microsoft.com/en-us/library/system.windows.forms.datagridview%28v=vs.110%29.aspx