.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan
Santhakumar Munuswamy
Fauzul Azmi
Asad Ali
Post New Web Links

Use ASP Request.QueryString in SQL Select Clause... can I?

Posted By:      Posted Date: September 20, 2010    Points: 0   Category :ASP.Net
 

I want to use the QueryString to specify the column names in the SQL Select expression of <asp:SqlDataSource.

One of several data bases I referr to in the select clause has the columns:

MOSS_Personal.horas_pres,
MOSS_Personal.horas_sep,
MOSS_Personal.horas_pres,
MOSS_Personal.horas_torn

pres, sep, temp, torn are the possible values transmitted by the Query String for the column "Seccion"

Is there an elegant way to bind the column names to the Query String?

Something like MOSS_Personal.horas_<%=Request.QueryString["Seccion"] %>... which is unfortunatly not working!

Martin




View Complete Post


More Related Resource Links

question regarding request.querystring

  

I have a url like this:

http://www.somepage.com/main.aspx.  In this page, when I click on a link it takes me to a page http://www.somepage.com/cental.aspx?cid=200.  So in the cental.aspx.cs page I did the following in the page load:

 

if(request.querystring["comp"].tostring() != null)

{

//do some thing

}

So I got an error like: object reference not set to an instance of reference.

 

My problem is, I am using the same page.  So when I go from some page, I will have "comp".  but other times not.  So when there is no "comp", how do I handle it in request.querystring?

 


Request.Querystring and UrlDecoding

  

(asp.net 2.0, c#)

Hi,

I have a page requesting a qyerystring looking like this ?test=b%E4st, %E4 is the url-encoded letter ä. I can't change how this looks and encodes since I have no access to the page doing the request.

Problem:
string strTest = Request.Querystring["test"].ToString();

If I then, for instance, just Response.Write(strTest) the character ä (%E4) is broken. Displayed as a question mark. I have in my web.config the requestEncoding and responseEncoding set to utf-8. That is the way I need to have it, and I can't change that.

I've looked around for a solutions for this and the issue seems to be iso-8859-1 vs utf-8 in the querystring and url-decoding. It seems the Request.Querystring automatically url-decodes the string using the default encoding, in my case utf-8. I need it to url-decode using iso-8859-1 instead. I can achieve this by altering the web.config, but as I said earlier this is not an option.

I have tried to do this:

Encoding enc = Encoding.GetEncoding(28591);
string strTest= Request.QueryString["test"];
strTest= HttpUtility.UrlDecode(strTest, enc);

Not working, since the Request.QueryString already has url-decoded the value using utf-8.

Can I somehow override the requestEncoding in the web.config? Or is the any other way of doing this?

Can we use Select clause in Case statement

  
SELECT CASE OT.ItemTypeID WHEN 6 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID IN(6,11,12) WHEN 7 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID IN(7,14,15) WHEN 8 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID = 8 WHEN 9 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID = 9 WHEN 10 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID = 10 WHEN 11 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID IN(6,11,12) WHEN 12 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID IN(6,11,12) WHEN 14 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID IN(7,14,15) WHEN 15 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID IN(7,14,15) WHEN 18 THEN SELECT SUM(ISNULL("Item Cost",0)) FROM SUBTABLE IT WHERE IT.OrderID = OT.OrderID AND IT.ItemTypeID = 18 WHEN 19 THEN SELECT SUM(ISNULL(&qu

Write select query with a paremetrized where clause, and populate database with the retrieved column

  
I want to be able to retrieve column values using the dropdownlist values as parameters then populate the tbPO table with the retreived values. Where and how do I do it. ImportsSystem.Data.OleDb ImportsSystem ImportsSystem.IO Imports ?directcostDataSetTableAdapters PartialClass po_header  Inherits System.Web.UI.Page  Dim cn As OleDbConnection  Dim cmd As OleDbCommand  Dim dr As OleDbDataReader  Dim icount As Integer  Dim str As String  Dim vendor_id As Object   ?  Public Sub btn_click(ByVal sender As Object, ByVal e As System.EventArgs) Handles button1.ClickTry   context.Items.Add(     cmd.CommandType = System.Data.   cmd.CommandText = Dim context As HttpContext = HttpContext.Current"Company_Name", DropDownList3.Text)Dim cn As New OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:\Users\Owner\Documents\Visual Studio 2010\WebSites\WebSiteJun25\App_Data\directcost.mdb;")Dim cmd As New OleDbCommand()CommandType.Text"insert into tbPO(ponumber, suppliername, ShipTo, basictype, DateNeeded, Purpose,ShippingInstr, ProjId) values(?,?,?,?,?,?,?,?)" cmd.Parameters.AddWithValue( cmd.Parameters.AddWithValue( cmd.Parameters.AddWithValue( cmd.Parameters.AddWithValue( cmd.Parameters.AddWithValue( cmd.Parameters.AddWithValue( cmd.Parameters.AddWithValue( cmd.Parameters.Add

Use of PATINDEX function in select clause With Linq

  
hello       i have an problem to use of PATINDEX function in select clause with Linq.      if anyone have any clue about it then please update me its urgent.Thanks In Advance.

Nested SELECT clause in SQL Compact 3.5 SP1

  
In this related question "http://social.msdn.microsoft.com/Forums/en/sqlce/thread/ac926272-2382-4acb-84e3-fc32945c7cea "  I read that SQL Compact 3.5 (SP1) support nested SELECT clause. But my request not work. I have got an error : "There was an error parsing the query. [ Token line number = X,Token line offset = XX,Token in error = select ] " t1 - table 1; t2 - table 2; c1, c2 = columns; select t1.c1, t1.c2, (select count (t2.c1) from t2 where t2.id = t1.id) as count_t from t1 Does SQL Compact 3.5 SP1 support nested SELECT clause in this case?

String encryption problem with request.querystring (urlencode/decode)

  

I need to pass a userid as a guid number through a url quesrystring

 my starting GUID is in string format =  "23c6e6a5-e9fc-4fd0-aa15-e5db9b900388"

1) I encrypt it using tripledes

the resulting string value =  "nJYKpGwOeoOWepKPSDyNnO+xk+ZcfYZnyxvAnKTNCMV/ZJ7CfDKcmA=="

if I immeadiately decrypt it get the expected original value (so my tripledes provider is working)

2) I then urlencode the value for placing into the url which results in:

urlencoded = "nJYKpGwOeoOWepKPSDyNnO%2bxk%2bZcfYZnyxvAnKTNCMV%2fZJ7CfDKcmA%3d%3d"

3) when a read it back from the url using Request.QueryString (a function which automatically decodes the value)

I get the value: "nJYKpGwOeoOWepKPSDyNnO xk ZcfYZnyxvAnKTNCMV/ZJ7CfDKcmA=="

It appears the "+" characters where replaced with " "

This incorrect value caused the tripledes decryption to fail.
I am using VS 2010 Framework 4.0, IIS7, IE8 and the System.Security.Cryptography.TripleDESCryptoServiceProvider

Is this a bug or am I doing something wrong. It appears the the problem is with the urlencode or the embeded urldecode which is part of request.querystring

Many thanks for any assistance in how to resolve this.

ARF.


Set Querystring without Page.Request.Path

  

I do now have the following code for the postback of my dropdownlist.

Response.Redirect(Page.Request.Path.ToString() + "?id=" + (Convert.ToDateTime(ddlDatum.SelectedValue)).ToString("yyyyMMdd"));

Is there another way to do this with the ddlDatum.SelectedValue remembered?


HttpContext.Session A potentially dangerous Request.QueryString value was detected from the client

  

I have an ashx handler that was working fine in VS2008 but when I upgraded to VS2010 (haven't gone back to VS2008 to double check though) and when I try to grab the value from HttpContext.Request.Params["update"] I get the following error:

+ ex {"A potentially dangerous Request.QueryString value was detected from the client (update=\"<SETIProducts><Produ...\")."} System.Exception {System.Web.HttpRequestValidationException}

"A potentially dangerous Request.QueryString value was detected from the client (update=\"<SETIProducts><Produ...\")."} System.Exception {System.Web.HttpRequestValidationException}

I've read that I can set the validateRequest to false, but I was wondering about the impacts and looking for any other suggestions. 

I know very little about security when it comes to web programming but I thought I should mention that my handler will be running on a internal file server but transmitting data to/from an eCommerce platfo

Sharepoint SPDatasource select command where clause not working for some columns

  

Hi, 

       I'm using MOSS 2007. I'm using spdatasource to bind a custom list to gridview using webuser control(webpart). spdatasource select command working for all columns except the status column. my status column is a choice- radio with the following options. Pending Review, Checked and Approved. I have checked the field internal name, every thing is correct, but only for status column filtering not happening. Gridview coming as blank

i tried using 

 SelectCommand="<Query>
           <Where>
            <Eq>
             <FieldRef Name='Status'/>
             <Value Type='Choice'>Pending Review</Value>
            </Eq>
           </Where>
          </Query>";

Any idea?????

 

Regards

Wilson 


Delete Statement with nested select in where clause deletes all entries in a table

  

I have fallen into a trap unadvertedly causing all records in a table being deleted. Can anybody tell me, if this a the intended behaviour of SQL Server 2008 R2 or does anybody know a method how to safely discover those kinds of typos in advance?

Regards, Markus

Here follows a script reproducing the behaviour:

SET

 

ANSI_NULLS ON

GO

SET

 

QUOTED_IDENTIFIER ON

GO

Perfomance of EXISTS clause with different result styles of nested SELECT

  

Is there any difference (perfomance difference) between:

.. WHERE EXISTS (SELECT * FROM myTable)

and another variant

.. WHERE EXISTS (SELECT TOP (1) * FROM myTable)

??


Request.QueryString works in IE but not Firefox

  

 I am using a query parameter to pass info from a asp:hyperlink to another webpage.  All works fine in IE but no value comes over in Firefox.  I've attached the relevant code from the start page and the code-behind of the called page. As I mentioned, when using Firefox, the "ChartType" parameter is null when the Page_Load function is called.  Any help would be appreciated.

 

        <td valign="top">
            <asp:HyperLink id="ViewChart1" runat="server" style="float:right" ImageUrl="Images/ViewNewWindow1.png" onclick="window.showModelessDialog('UnpinnedChartView.aspx?ChartType=1',window,dlgProps); return false;" ToolTip="View Chart in New Window" NavigateUrl="UnpinnedChartView.aspx" />
        </td>


 

 

 

    protected void Page_Load(object sender, EventArgs e)
    {
        if (!Int32.TryParse(HttpContext.Current.Request.QueryString["ChartType"], out SourceChart)) return;
        HttpContext.Current.Response.Expires = 0;
        HttpContext.Current.Response.Cache.SetNoStore();
        HttpContext.Current.Response.AppendHeader("Pragma", "no-cache");  
 

Request.QueryString parameter check

  

How do i check that a parameter in a url exists or is not mispelled.

for example:

say the url should be passed as:

http://www.myweb.com/default.aspx?productID=123

but accidentally gets passed as:

http://www.myweb.com/default.aspx?produtID=123 ---- missing the 'c'

how to check for the mispelling (or the exsitance) of productID, as shown in the 2nd url example?

Thanks


If or Case in a LINQ SQL code, How to Use Count() Request.QueryString("imageidentity")

  

Hi

If i want to get some diffrent data from a DB
and its by using Request.QueryString("SortBy")

What do u use !?
If The Else or Case !?

What i want is that if SortBy in the Url link is NameUP, then its sorts by A, B C and so on
and if NameDown then the other way.

Im using this LINQ code.

    Public Sub linqdb()

        Dim DBconn As New GetProductListDataContext()
        Dim Q = _
        From p In DBconn.GetTable(Of Product)() _
        Where p.IsEnabled = "1" _
             Order By p.PName Descending _
        Select p
        Dim L = Q.ToList
        MyRep.DataSource = Q
        MyRep.DataBind()
        PValue.Text = L.Count().ToString()

    End Sub


 How do i also get this code to Count the outgoing records !?
I cant get any number from PValue.Text = L.Count().ToString()
from my CB to my .ASPX site with a <asp:Label ....


Error:A potentially dangerous Request.QueryString value was detected from the client

  

 Hi,

 

I am creating the web application using c# in which i got a situation like this.

 

When I pass the Querystring as

http://localhost:14966/root/Default.aspx?Home=1?UID=<USER_ID>&SID=<SESSION_ID>&PROFILE=<PROFILE_ID>

I'm getting the following error. I need to  Trap this error by  redirecting  to a page say 'Access Denied.aspx' when the user types this query string.

And I dont want to disable request validation by setting validateRequest=false in the page directive.

Server Error in '/root' Application.

AJAX GridView Checkbox Select All in ASP.Net

  
In the previous article GridView Select Multiple Rows you learnt the multiple row selection in GridView control. Here you will get the C# code sample to select all the gridview rows using single checkbox server control. You can highlight the selected rows with different color and Font state Bold. If you want to use the selection values on different ASP.Net
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend