backend code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
namespace WebApplication17
{
public partial class WebForm1 : System.Web.UI.Page
{
string cs = ConfigurationManager.ConnectionStrings["test"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
string q = "select * from tblProductInventory";
displayrecord(q);
}
}
protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(cs);
try
{
SqlCommand cmd = new SqlCommand("spsqlinjectionofproduct", con);
cmd.Parameters.AddWithValue("@productname", TextBox1.Text);
cmd.CommandType = CommandType.StoredProcedure;
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
GridView1.DataSource = rdr;
GridView1.DataBind();
}
catch (Exception ex)
{
Response.Write("ERROR IS FOUND " + ex);
}
finally
{
con.Close();
}
}
public void displayrecord(string q)
{
SqlConnection con = new SqlConnection(cs);
try
{
SqlCommand cmd = new SqlCommand(q, con);
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
GridView1.DataSource = rdr;
GridView1.DataBind();
}
catch (Exception ex)
{
Response.Write("ERROR IS FOUND " + ex);
}
finally
{
con.Close();
}
}
}
}
Front end code:
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm1.aspx.cs" Inherits="WebApplication17.WebForm1" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:TextBox ID="TextBox1" runat="server" Width="268px"></asp:TextBox>
<asp:Button ID="Button1" runat="server" Text="Search" OnClick="Button1_Click" />
<asp:GridView ID="GridView1" runat="server" CellPadding="4" ForeColor="#333333" GridLines="None" Height="441px" Width="861px">
<AlternatingRowStyle BackColor="White" />
<EditRowStyle BackColor="#7C6F57" />
<FooterStyle BackColor="#1C5E55" Font-Bold="True" ForeColor="White" />
<HeaderStyle BackColor="#1C5E55" Font-Bold="True" ForeColor="White" />
<PagerStyle BackColor="#666666" ForeColor="White" HorizontalAlign="Center" />
<RowStyle BackColor="#E3EAEB" />
<SelectedRowStyle BackColor="#C5BBAF" Font-Bold="True" ForeColor="#333333" />
<SortedAscendingCellStyle BackColor="#F8FAFA" />
<SortedAscendingHeaderStyle BackColor="#246B61" />
<SortedDescendingCellStyle BackColor="#D4DFE1" />
<SortedDescendingHeaderStyle BackColor="#15524A" />
</asp:GridView>
<h1>
<asp:Label ID="Label1" runat="server" Text=""></asp:Label>
</h1>
</div>
</form>
</body>
</html>
web.config code:
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<connectionStrings>
<add name="test" connectionString="Data Source=faculty-35;Initial Catalog=ADODOTNET_LEARNING;Persist Security Info=True;User ID=sa;Password=aptech" providerName="System.Data.SqlClient"/>
</connectionStrings>
</configuration>
No comments:
Post a Comment