- •Table of Contents
- •Preface
- •What is ASP.NET?
- •Installing the Required Software
- •Installing the Web Server
- •Installing Internet Information Services (IIS)
- •Installing Cassini
- •Installing the .NET Framework and the SDK
- •Installing the .NET Framework
- •Installing the SDK
- •Configuring the Web Server
- •Configuring IIS
- •Configuring Cassini
- •Where do I Put my Files?
- •Using localhost
- •Virtual Directories
- •Using Cassini
- •Installing SQL Server 2005 Express Edition
- •Installing SQL Server Management Studio Express
- •Installing Visual Web Developer 2005
- •Writing your First ASP.NET Page
- •Getting Help
- •Summary
- •ASP.NET Basics
- •ASP.NET Page Structure
- •Directives
- •Code Declaration Blocks
- •Comments in VB and C# Code
- •Code Render Blocks
- •ASP.NET Server Controls
- •Server-side Comments
- •Literal Text and HTML Tags
- •View State
- •Working with Directives
- •ASP.NET Languages
- •Visual Basic
- •Summary
- •VB and C# Programming Basics
- •Programming Basics
- •Control Events and Subroutines
- •Page Events
- •Variables and Variable Declaration
- •Arrays
- •Functions
- •Operators
- •Breaking Long Lines of Code
- •Conditional Logic
- •Loops
- •Object Oriented Programming Concepts
- •Objects and Classes
- •Properties
- •Methods
- •Classes
- •Constructors
- •Scope
- •Events
- •Understanding Inheritance
- •Objects In .NET
- •Namespaces
- •Using Code-behind Files
- •Summary
- •Constructing ASP.NET Web Pages
- •Web Forms
- •HTML Server Controls
- •Using the HTML Server Controls
- •Web Server Controls
- •Standard Web Server Controls
- •Label
- •Literal
- •TextBox
- •HiddenField
- •Button
- •ImageButton
- •LinkButton
- •HyperLink
- •CheckBox
- •RadioButton
- •Image
- •ImageMap
- •PlaceHolder
- •Panel
- •List Controls
- •DropDownList
- •ListBox
- •RadioButtonList
- •CheckBoxList
- •BulletedList
- •Advanced Controls
- •Calendar
- •AdRotator
- •TreeView
- •SiteMapPath
- •Menu
- •MultiView
- •Wizard
- •FileUpload
- •Web User Controls
- •Creating a Web User Control
- •Using the Web User Control
- •Master Pages
- •Using Cascading Style Sheets (CSS)
- •Types of Styles and Style Sheets
- •Style Properties
- •The CssClass Property
- •Summary
- •Building Web Applications
- •Introducing the Dorknozzle Project
- •Using Visual Web Developer
- •Meeting the Features
- •The Solution Explorer
- •The Web Forms Designer
- •The Code Editor
- •IntelliSense
- •The Toolbox
- •The Properties Window
- •Executing your Project
- •Using Visual Web Developer’s Built-in Web Server
- •Using IIS
- •Using IIS with Visual Web Developer
- •Core Web Application Features
- •Web.config
- •Global.asax
- •Using Application State
- •Working with User Sessions
- •Using the Cache Object
- •Using Cookies
- •Starting the Dorknozzle Project
- •Preparing the Sitemap
- •Using Themes, Skins, and Styles
- •Creating a New Theme Folder
- •Creating a New Style Sheet
- •Styling Web Server Controls
- •Adding a Skin
- •Applying the Theme
- •Building the Master Page
- •Using the Master Page
- •Extending Dorknozzle
- •Debugging and Error Handling
- •Debugging with Visual Web Developer
- •Other Kinds of Errors
- •Custom Errors
- •Handling Exceptions Locally
- •Summary
- •Using the Validation Controls
- •Enforcing Validation on the Server
- •Using Validation Controls
- •RequiredFieldValidator
- •CompareValidator
- •RangeValidator
- •ValidationSummary
- •RegularExpressionValidator
- •Some Useful Regular Expressions
- •CustomValidator
- •Validation Groups
- •Updating Dorknozzle
- •Summary
- •What is a Database?
- •Creating your First Database
- •Creating a New Database Using Visual Web Developer
- •Creating Database Tables
- •Data Types
- •Column Properties
- •Primary Keys
- •Creating the Employees Table
- •Creating the Remaining Tables
- •Executing SQL Scripts
- •Populating the Data Tables
- •Relational Database Design Concepts
- •Foreign Keys
- •Using Database Diagrams
- •Diagrams and Table Relationships
- •One-to-one Relationships
- •One-to-many Relationships
- •Many-to-many Relationships
- •Summary
- •Speaking SQL
- •Reading Data from a Single Table
- •Using the SELECT Statement
- •Selecting Certain Fields
- •Selecting Unique Data with DISTINCT
- •Row Filtering with WHERE
- •Selecting Ranges of Values with BETWEEN
- •Matching Patterns with LIKE
- •Using the IN Operator
- •Sorting Results Using ORDER BY
- •Limiting the Number of Results with TOP
- •Reading Data from Multiple Tables
- •Subqueries
- •Table Joins
- •Expressions and Operators
- •Transact-SQL Functions
- •Arithmetic Functions
- •String Functions
- •Date and Time Functions
- •Working with Groups of Values
- •The COUNT Function
- •Grouping Records Using GROUP BY
- •Filtering Groups Using HAVING
- •The SUM, AVG, MIN, and MAX Functions
- •Updating Existing Data
- •The INSERT Statement
- •The UPDATE Statement
- •The DELETE Statement
- •Stored Procedures
- •Summary
- •Introducing ADO.NET
- •Importing the SqlClient Namespace
- •Defining the Database Connection
- •Preparing the Command
- •Executing the Command
- •Setting up Database Authentication
- •Reading the Data
- •Using Parameters with Queries
- •Bulletproofing Data Access Code
- •Using the Repeater Control
- •More Data Binding
- •Inserting Records
- •Updating Records
- •Deleting Records
- •Using Stored Procedures
- •Summary
- •DataList Basics
- •Handling DataList Events
- •Editing DataList Items and Using Templates
- •DataList and Visual Web Developer
- •Styling the DataList
- •Summary
- •Using the GridView Control
- •Customizing the GridView Columns
- •Styling the GridView with Templates, Skins, and CSS
- •Selecting Grid Records
- •Using the DetailsView Control
- •Styling the DetailsView
- •GridView and DetailsView Events
- •Entering Edit Mode
- •Using Templates
- •Updating DetailsView Records
- •Summary
- •Advanced Data Access
- •Using Data Source Controls
- •Binding the GridView to a SqlDataSource
- •Binding the DetailsView to a SqlDataSource
- •Displaying Lists in DetailsView
- •More on SqlDataSource
- •Working with Data Sets and Data Tables
- •What is a Data Set Made From?
- •Binding DataSets to Controls
- •Implementing Paging
- •Storing Data Sets in View State
- •Implementing Sorting
- •Filtering Data
- •Updating a Database from a Modified DataSet
- •Summary
- •Security and User Authentication
- •Basic Security Guidelines
- •Securing ASP.NET 2.0 Applications
- •Working with Forms Authentication
- •Authenticating Users
- •Working with Hard-coded User Accounts
- •Configuring Forms Authentication
- •Configuring Forms Authorization
- •Storing Users in Web.config
- •Hashing Passwords
- •Logging Users Out
- •ASP.NET 2.0 Memberships and Roles
- •Creating the Membership Data Structures
- •Using your Database to Store Membership Data
- •Using the ASP.NET Web Site Configuration Tool
- •Creating Users and Roles
- •Changing Password Strength Requirements
- •Securing your Web Application
- •Using the ASP.NET Login Controls
- •Authenticating Users
- •Customizing User Display
- •Summary
- •Working with Files and Email
- •Writing and Reading Text Files
- •Setting Up Security
- •Writing Content to a Text File
- •Reading Content from a Text File
- •Accessing Directories and Directory Information
- •Working with Directory and File Paths
- •Uploading Files
- •Sending Email with ASP.NET
- •Configuring the SMTP Server
- •Sending a Test Email
- •Creating the Company Newsletter Page
- •Summary
- •The WebControl Class
- •Properties
- •Methods
- •Standard Web Controls
- •AdRotator
- •Properties
- •Events
- •BulletedList
- •Properties
- •Events
- •Button
- •Properties
- •Events
- •Calendar
- •Properties
- •Events
- •CheckBox
- •Properties
- •Events
- •CheckBoxList
- •Properties
- •Events
- •DropDownList
- •Properties
- •Events
- •FileUpload
- •Properties
- •Methods
- •HiddenField
- •Properties
- •HyperLink
- •Properties
- •Image
- •Properties
- •ImageButton
- •Properties
- •Events
- •ImageMap
- •Properties
- •Events
- •Label
- •Properties
- •LinkButton
- •Properties
- •Events
- •ListBox
- •Properties
- •Events
- •Literal
- •Properties
- •MultiView
- •Properties
- •Methods
- •Events
- •Panel
- •Properties
- •PlaceHolder
- •Properties
- •RadioButton
- •Properties
- •Events
- •RadioButtonList
- •Properties
- •Events
- •TextBox
- •Properties
- •Events
- •Properties
- •Validation Controls
- •CompareValidator
- •Properties
- •Methods
- •CustomValidator
- •Methods
- •Events
- •RangeValidator
- •Properties
- •Methods
- •RegularExpressionValidator
- •Properties
- •Methods
- •RequiredFieldValidator
- •Properties
- •Methods
- •ValidationSummary
- •Properties
- •Navigation Web Controls
- •SiteMapPath
- •Properties
- •Methods
- •Events
- •Menu
- •Properties
- •Methods
- •Events
- •TreeView
- •Properties
- •Methods
- •Events
- •HTML Server Controls
- •HtmlAnchor Control
- •Properties
- •Events
- •HtmlButton Control
- •Properties
- •Events
- •HtmlForm Control
- •Properties
- •HtmlGeneric Control
- •Properties
- •HtmlImage Control
- •Properties
- •HtmlInputButton Control
- •Properties
- •Events
- •HtmlInputCheckBox Control
- •Properties
- •Events
- •HtmlInputFile Control
- •Properties
- •HtmlInputHidden Control
- •Properties
- •HtmlInputImage Control
- •Properties
- •Events
- •HtmlInputRadioButton Control
- •Properties
- •Events
- •HtmlInputText Control
- •Properties
- •Events
- •HtmlSelect Control
- •Properties
- •Events
- •HtmlTable Control
- •Properties
- •HtmlTableCell Control
- •Properties
- •HtmlTableRow Control
- •Properties
- •HtmlTextArea Control
- •Properties
- •Events
- •Index
Chapter 9: ADO.NET
how to execute SQL queries and retrieve their results using ADO.NET
how to display data that is read from a database
how to handle data access errors
Introducing ADO.NET
In previous chapters, we learned how to use Visual Web Developer and SQL Management Studio to connect to a database and execute SQL queries. Now, it’s time to apply this knowledge. Within our web application, we’ll use ADO.NET’s classes to connect to the database; we’ll then use that connection to execute SQL queries.
ADO.NET 2.0 and Generic Data Access
ADO.NET is able to use different types of data connections, depending on the kind of database to which the application is trying to connect. The ADO.NET classes whose names start with Sql (such as the previously mentioned SqlConnection, SqlCommand, etc.) are specifically built to connect to SQL Server.
Similar classes are provided for other databases—for example, if you’re working with Oracle, you can use classes such as OracleConnection, OracleCommand, and so on. If, on the other hand, you’re working with database systems for which such classes are not specifically designed, you can use generic low-level interfaces; most databases can be accessed through the OLE DB interface (using classes such as OleDbConnection and OleDbCommand), or the older ODBC interface (using classes such as
OdbcConnection and OdbcCommand).
In this book, we’ll use only the Sql classes, but it’s good to know that you have options!
In order to use ADO.NET, we must first decide which kind of database we’ll use, and import those namespaces containing classes that work with the database. Since we’re using SQL Server, you’ll need to import the System.Data.SqlClient namespace. This contains all the required Sql classes, the most important of which are:
SqlConnection
This class exposes properties and methods for connecting to an SQL Server database.
332
Importing the SqlClient Namespace
SqlCommand
This class holds data about the SQL queries and stored procedures that you intend to run on your SQL Server database.
SqlDataReader
Data is returned from the database in an SqlDataReader class. This class comes with properties and methods that let you iterate through the data it contains. Traditional ASP developers can think of the SqlDataReader as being similar to a forward-only RecordSet, in which data can only be read forward, one record at a time, and we cannot move back to the beginning of the data stream.
The System.Data.SqlClient namespace exposes many more than the few classes listed above. We’ll discuss some of the more advanced classes in the next few chapters.
Once you’re ready to begin working with ADO.NET, the task of establishing a link between the database and your application is a straightforward, six-step process:
1.Import the necessary namespaces.
2.Define a connection to your database with an SqlConnection object.
3.When you’re ready to manipulate your database, set up the appropriate query in an SqlCommand object.
4.Open the connection and execute the SQL query to return the results into a SqlDataReader object.
5.Extract relevant database data from the SqlDataReader object and display it on your web page.
6.Close the database connection.
Let’s walk through this process, discussing each step.
Importing the SqlClient Namespace
It’s been a while since we’ve written some VB or C# code! Let’s fire up our old friend, Visual Web Developer, and load the Learning project. We’ll use this application to create a few simple scripts; then we’ll move to Dorknozzle, where we’ll add more functionality to the project site.
333
Chapter 9: ADO.NET
After opening the Learning project, go to File > New File… to create a new file.
Select the Web Form template, and name it AccessingData.aspx. Uncheck the
Place code in separate file and Select master page checkboxes, as shown in Figure 9.1.
Figure 9.1. Creating the AccessingData.aspx web form
After the form is created, we can import the SqlClient namespace:
File: AccessingData.aspx (excerpt)
<%@ Page Language="VB" %>
<%@ Import Namespace = "System.Data.SqlClient" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
Defining the Database Connection
With our import of the SqlClient namespace complete, we can create a new instance of the SqlConnection, which will facilitate our connection to the database. To initialize this connection, we need to specify a connection string—a string in which we specify the database we want to connect to, and provide any
334
Defining the Database Connection
required authentication details. A typical connection string for a SQL Server Express database looks like this:
Server=computer\SqlExpress;Database=database;User ID=username;
Password=password
The connection string must specify the name of the computer on which the database is located (you can always use localhost to refer to the local machine) and the name assigned to the database server instance (SqlExpress is the default for SQL Server Express). Also required are the name of the database (such as Dorknozzle), the user ID, and the password for that user account.
SQL Server supports two methods of authentication: SQL Server Authentication and Windows Authentication. The form of authentication we’ve used in previous chapters to connect to SQL Server was Windows Authentication, which doesn’t require you to supply a SQL Server name and password, but instead uses the credentials of your Windows user account. To tell SQL Server that we’re logging in using Windows Authentication, our connection string would include Integrated Security=True, rather than a username and password, as shown here:
Server=computer\SqlExpress;Database=database;Integrated Security=True
SQL Server Authentication
Be aware that, when the ASP.NET web application is run by ASP.NET through IIS, it authenticates to SQL Server using a special account named ASPNET. We’ll discuss more about configuring SQL Server authentication a bit later; for now, let’s assume that your code can access your database successfully.
Let’s put this into practice by creating an SqlConnection in the Page_Load event handler. To have Visual Web Developer create an empty Page_Load event handler for you, switch to Design View, and double-click somewhere within the form. This should take you back to Source View where you can see the Page_Load method that was created for you. If you’re using VB, enter the code shown in bold below:
Visual Basic |
File: AccessingData.aspx (excerpt) |
Protected |
Sub Page_Load(ByVal sender As Object, _ |
ByVal |
e As System.EventArgs) |
' Define database connection
Dim conn As New SqlConnection("Server=localhost\SqlExpress;" & _ "Database=Dorknozzle;Integrated Security=True")
End Sub
335