- •Table of Contents
- •Preface
- •What is ASP.NET?
- •Installing the Required Software
- •Installing the Web Server
- •Installing Internet Information Services (IIS)
- •Installing Cassini
- •Installing the .NET Framework and the SDK
- •Installing the .NET Framework
- •Installing the SDK
- •Configuring the Web Server
- •Configuring IIS
- •Configuring Cassini
- •Where do I Put my Files?
- •Using localhost
- •Virtual Directories
- •Using Cassini
- •Installing SQL Server 2005 Express Edition
- •Installing SQL Server Management Studio Express
- •Installing Visual Web Developer 2005
- •Writing your First ASP.NET Page
- •Getting Help
- •Summary
- •ASP.NET Basics
- •ASP.NET Page Structure
- •Directives
- •Code Declaration Blocks
- •Comments in VB and C# Code
- •Code Render Blocks
- •ASP.NET Server Controls
- •Server-side Comments
- •Literal Text and HTML Tags
- •View State
- •Working with Directives
- •ASP.NET Languages
- •Visual Basic
- •Summary
- •VB and C# Programming Basics
- •Programming Basics
- •Control Events and Subroutines
- •Page Events
- •Variables and Variable Declaration
- •Arrays
- •Functions
- •Operators
- •Breaking Long Lines of Code
- •Conditional Logic
- •Loops
- •Object Oriented Programming Concepts
- •Objects and Classes
- •Properties
- •Methods
- •Classes
- •Constructors
- •Scope
- •Events
- •Understanding Inheritance
- •Objects In .NET
- •Namespaces
- •Using Code-behind Files
- •Summary
- •Constructing ASP.NET Web Pages
- •Web Forms
- •HTML Server Controls
- •Using the HTML Server Controls
- •Web Server Controls
- •Standard Web Server Controls
- •Label
- •Literal
- •TextBox
- •HiddenField
- •Button
- •ImageButton
- •LinkButton
- •HyperLink
- •CheckBox
- •RadioButton
- •Image
- •ImageMap
- •PlaceHolder
- •Panel
- •List Controls
- •DropDownList
- •ListBox
- •RadioButtonList
- •CheckBoxList
- •BulletedList
- •Advanced Controls
- •Calendar
- •AdRotator
- •TreeView
- •SiteMapPath
- •Menu
- •MultiView
- •Wizard
- •FileUpload
- •Web User Controls
- •Creating a Web User Control
- •Using the Web User Control
- •Master Pages
- •Using Cascading Style Sheets (CSS)
- •Types of Styles and Style Sheets
- •Style Properties
- •The CssClass Property
- •Summary
- •Building Web Applications
- •Introducing the Dorknozzle Project
- •Using Visual Web Developer
- •Meeting the Features
- •The Solution Explorer
- •The Web Forms Designer
- •The Code Editor
- •IntelliSense
- •The Toolbox
- •The Properties Window
- •Executing your Project
- •Using Visual Web Developer’s Built-in Web Server
- •Using IIS
- •Using IIS with Visual Web Developer
- •Core Web Application Features
- •Web.config
- •Global.asax
- •Using Application State
- •Working with User Sessions
- •Using the Cache Object
- •Using Cookies
- •Starting the Dorknozzle Project
- •Preparing the Sitemap
- •Using Themes, Skins, and Styles
- •Creating a New Theme Folder
- •Creating a New Style Sheet
- •Styling Web Server Controls
- •Adding a Skin
- •Applying the Theme
- •Building the Master Page
- •Using the Master Page
- •Extending Dorknozzle
- •Debugging and Error Handling
- •Debugging with Visual Web Developer
- •Other Kinds of Errors
- •Custom Errors
- •Handling Exceptions Locally
- •Summary
- •Using the Validation Controls
- •Enforcing Validation on the Server
- •Using Validation Controls
- •RequiredFieldValidator
- •CompareValidator
- •RangeValidator
- •ValidationSummary
- •RegularExpressionValidator
- •Some Useful Regular Expressions
- •CustomValidator
- •Validation Groups
- •Updating Dorknozzle
- •Summary
- •What is a Database?
- •Creating your First Database
- •Creating a New Database Using Visual Web Developer
- •Creating Database Tables
- •Data Types
- •Column Properties
- •Primary Keys
- •Creating the Employees Table
- •Creating the Remaining Tables
- •Executing SQL Scripts
- •Populating the Data Tables
- •Relational Database Design Concepts
- •Foreign Keys
- •Using Database Diagrams
- •Diagrams and Table Relationships
- •One-to-one Relationships
- •One-to-many Relationships
- •Many-to-many Relationships
- •Summary
- •Speaking SQL
- •Reading Data from a Single Table
- •Using the SELECT Statement
- •Selecting Certain Fields
- •Selecting Unique Data with DISTINCT
- •Row Filtering with WHERE
- •Selecting Ranges of Values with BETWEEN
- •Matching Patterns with LIKE
- •Using the IN Operator
- •Sorting Results Using ORDER BY
- •Limiting the Number of Results with TOP
- •Reading Data from Multiple Tables
- •Subqueries
- •Table Joins
- •Expressions and Operators
- •Transact-SQL Functions
- •Arithmetic Functions
- •String Functions
- •Date and Time Functions
- •Working with Groups of Values
- •The COUNT Function
- •Grouping Records Using GROUP BY
- •Filtering Groups Using HAVING
- •The SUM, AVG, MIN, and MAX Functions
- •Updating Existing Data
- •The INSERT Statement
- •The UPDATE Statement
- •The DELETE Statement
- •Stored Procedures
- •Summary
- •Introducing ADO.NET
- •Importing the SqlClient Namespace
- •Defining the Database Connection
- •Preparing the Command
- •Executing the Command
- •Setting up Database Authentication
- •Reading the Data
- •Using Parameters with Queries
- •Bulletproofing Data Access Code
- •Using the Repeater Control
- •More Data Binding
- •Inserting Records
- •Updating Records
- •Deleting Records
- •Using Stored Procedures
- •Summary
- •DataList Basics
- •Handling DataList Events
- •Editing DataList Items and Using Templates
- •DataList and Visual Web Developer
- •Styling the DataList
- •Summary
- •Using the GridView Control
- •Customizing the GridView Columns
- •Styling the GridView with Templates, Skins, and CSS
- •Selecting Grid Records
- •Using the DetailsView Control
- •Styling the DetailsView
- •GridView and DetailsView Events
- •Entering Edit Mode
- •Using Templates
- •Updating DetailsView Records
- •Summary
- •Advanced Data Access
- •Using Data Source Controls
- •Binding the GridView to a SqlDataSource
- •Binding the DetailsView to a SqlDataSource
- •Displaying Lists in DetailsView
- •More on SqlDataSource
- •Working with Data Sets and Data Tables
- •What is a Data Set Made From?
- •Binding DataSets to Controls
- •Implementing Paging
- •Storing Data Sets in View State
- •Implementing Sorting
- •Filtering Data
- •Updating a Database from a Modified DataSet
- •Summary
- •Security and User Authentication
- •Basic Security Guidelines
- •Securing ASP.NET 2.0 Applications
- •Working with Forms Authentication
- •Authenticating Users
- •Working with Hard-coded User Accounts
- •Configuring Forms Authentication
- •Configuring Forms Authorization
- •Storing Users in Web.config
- •Hashing Passwords
- •Logging Users Out
- •ASP.NET 2.0 Memberships and Roles
- •Creating the Membership Data Structures
- •Using your Database to Store Membership Data
- •Using the ASP.NET Web Site Configuration Tool
- •Creating Users and Roles
- •Changing Password Strength Requirements
- •Securing your Web Application
- •Using the ASP.NET Login Controls
- •Authenticating Users
- •Customizing User Display
- •Summary
- •Working with Files and Email
- •Writing and Reading Text Files
- •Setting Up Security
- •Writing Content to a Text File
- •Reading Content from a Text File
- •Accessing Directories and Directory Information
- •Working with Directory and File Paths
- •Uploading Files
- •Sending Email with ASP.NET
- •Configuring the SMTP Server
- •Sending a Test Email
- •Creating the Company Newsletter Page
- •Summary
- •The WebControl Class
- •Properties
- •Methods
- •Standard Web Controls
- •AdRotator
- •Properties
- •Events
- •BulletedList
- •Properties
- •Events
- •Button
- •Properties
- •Events
- •Calendar
- •Properties
- •Events
- •CheckBox
- •Properties
- •Events
- •CheckBoxList
- •Properties
- •Events
- •DropDownList
- •Properties
- •Events
- •FileUpload
- •Properties
- •Methods
- •HiddenField
- •Properties
- •HyperLink
- •Properties
- •Image
- •Properties
- •ImageButton
- •Properties
- •Events
- •ImageMap
- •Properties
- •Events
- •Label
- •Properties
- •LinkButton
- •Properties
- •Events
- •ListBox
- •Properties
- •Events
- •Literal
- •Properties
- •MultiView
- •Properties
- •Methods
- •Events
- •Panel
- •Properties
- •PlaceHolder
- •Properties
- •RadioButton
- •Properties
- •Events
- •RadioButtonList
- •Properties
- •Events
- •TextBox
- •Properties
- •Events
- •Properties
- •Validation Controls
- •CompareValidator
- •Properties
- •Methods
- •CustomValidator
- •Methods
- •Events
- •RangeValidator
- •Properties
- •Methods
- •RegularExpressionValidator
- •Properties
- •Methods
- •RequiredFieldValidator
- •Properties
- •Methods
- •ValidationSummary
- •Properties
- •Navigation Web Controls
- •SiteMapPath
- •Properties
- •Methods
- •Events
- •Menu
- •Properties
- •Methods
- •Events
- •TreeView
- •Properties
- •Methods
- •Events
- •HTML Server Controls
- •HtmlAnchor Control
- •Properties
- •Events
- •HtmlButton Control
- •Properties
- •Events
- •HtmlForm Control
- •Properties
- •HtmlGeneric Control
- •Properties
- •HtmlImage Control
- •Properties
- •HtmlInputButton Control
- •Properties
- •Events
- •HtmlInputCheckBox Control
- •Properties
- •Events
- •HtmlInputFile Control
- •Properties
- •HtmlInputHidden Control
- •Properties
- •HtmlInputImage Control
- •Properties
- •Events
- •HtmlInputRadioButton Control
- •Properties
- •Events
- •HtmlInputText Control
- •Properties
- •Events
- •HtmlSelect Control
- •Properties
- •Events
- •HtmlTable Control
- •Properties
- •HtmlTableCell Control
- •Properties
- •HtmlTableRow Control
- •Properties
- •HtmlTextArea Control
- •Properties
- •Events
- •Index
Displaying Lists in DetailsView
<asp:Parameter Name="HomePhone" Type="String" /> <asp:Parameter Name="Extension" Type="String" /> <asp:Parameter Name="MobilePhone" Type="String" /> <asp:Parameter Name="EmployeeID" Type="Int32" />
</UpdateParameters>
<SelectParameters>
<asp:ControlParameter ControlID="grid" Name="EmployeeID" PropertyName="SelectedValue" Type="Int32" />
</SelectParameters>
<InsertParameters>
<asp:Parameter Name="DepartmentID" Type="Int32" /> <asp:Parameter Name="Name" Type="String" /> <asp:Parameter Name="Username" Type="String" /> <asp:Parameter Name="Password" Type="String" /> <asp:Parameter Name="Address" Type="String" /> <asp:Parameter Name="City" Type="String" /> <asp:Parameter Name="State" Type="String" /> <asp:Parameter Name="Zip" Type="String" /> <asp:Parameter Name="HomePhone" Type="String" /> <asp:Parameter Name="Extension" Type="String" /> <asp:Parameter Name="MobilePhone" Type="String" />
</InsertParameters>
</asp:SqlDataSource>
As you can see, the SqlDataSource contains the UPDATE, DELETE, and INSERT queries it needs to execute when the user performs these actions on the DetailsView. These are parameterized queries, and a data type is specified for each of the parameters, which, as you already know, is good programming practice. You might also notice that the names of the fields and tables are surrounded by square brackets ([ and ]). These square brackets allow us to include spaces and other special characters in table names. Since none of our field or table names contain spaces, we haven’t had to worry about this issue so far, but facilitating the inclusion of spaces is a good idea.
The SqlDataSource is the perfect tool when you need to create fully featured forms such as the address book quickly and easily for smaller projects like the Dorknozzle intranet. As the DetailsView and GridView controls are tightly integrated with the data source controls, they allow us to implement a lot of functionality without writing any code.
Displaying Lists in DetailsView
We want to improve on our DetailsView by making it show a list of departments instead of department IDs. This makes sense, as it’s much easier for users to select
489
Chapter 12: Advanced Data Access
the name of a department than a department ID when they’re updating or inserting the details of an employee. Figure 12.16 shows how the page will look once we’ve created this functionality.
Figure 12.16. Viewing the Department drop-down list in DetailsView
Start by adding a new SqlDataSource control beside the two existing data source controls in AddressBook.aspx. Name the control departmentsDataSource, click its smart tag, and select Configure Data Source. In the first screen, select the Dorknozzle connection, then click Next. Specify the Departments table and select both of its columns, as shown in Figure 12.17.
Click Next, then Finish to save the data source configuration. The definition of your new data source control will look like this:
File: AddressBook.aspx (excerpt)
<asp:SqlDataSource id="departmentsDataSource" runat="server" ConnectionString="<%$ ConnectionStrings:Dorknozzle %>"
490
Displaying Lists in DetailsView
Figure 12.17. Specifying the Departments data source
SelectCommand="SELECT [DepartmentID], [Department] FROM [Departments]" />
Now, with AddressBook.aspx open in Design View, click the DetailsView control’s smart tag, select Edit Fields, and transform the Department ID BoundField into a TemplateField—you learned how to do this back in Chapter 11. Now, switch to Source View, and locate the Department ID TemplateField that you just generated. It should look something like this:
File: AddressBook.aspx (excerpt)
<asp:TemplateField HeaderText="DepartmentID" SortExpression="DepartmentID">
<EditItemTemplate>
<asp:TextBox ID="TextBox1" runat="server"
Text='<%# Bind("DepartmentID") %>'></asp:TextBox> </EditItemTemplate>
<InsertItemTemplate>
<asp:TextBox ID="TextBox1" runat="server"
Text='<%# Bind("DepartmentID") %>'></asp:TextBox> </InsertItemTemplate>
<ItemTemplate>
<asp:Label ID="Label1" runat="server"
491
Chapter 12: Advanced Data Access
Text='<%# Bind("DepartmentID") %>'></asp:Label> </ItemTemplate>
</asp:TemplateField>
Modify this generated template as highlighted below:
File: AddressBook.aspx (excerpt)
<asp:TemplateField HeaderText="Department" SortExpression="DepartmentID">
<EditItemTemplate>
<asp:DropDownList id="didDdl" runat="server" DataSourceID="departmentsDataSource" DataTextField="Department" DataValueField="DepartmentID" SelectedValue='<%# Bind("DepartmentID") %>' />
</EditItemTemplate>
<InsertItemTemplate>
<asp:DropDownList ID="didDdl" runat="server" DataSourceID="departmentsDataSource" DataTextField="Department" DataValueField="DepartmentID" SelectedValue='<%# Bind("DepartmentID") %>' />
</InsertItemTemplate>
<ItemTemplate>
<asp:DropDownList ID="didDdl" runat="server" DataSourceID="departmentsDataSource" DataTextField="Department" DataValueField="DepartmentID" SelectedValue='<%# Bind("DepartmentID") %>' Enabled="False" />
</ItemTemplate>
</asp:TemplateField>
When you reload your address book now, you’ll see that the departments are displayed in a drop-down list. You can use that list when you’re inserting and editing employee data—a feature that the intranet’s users are sure to find very helpful!
More on SqlDataSource
The SqlDataSource object can make programming easier when it’s used correctly and responsibly. However, the simplicity of the SqlDataSource control comes at the cost of flexibility and maintainability, and introduces the potential for performance problems.
492
More on SqlDataSource
The main advantage of your new AddressBook.aspx file is that it’s incredibly easy and quick to implement, especially if you’re using Visual Web Developer.
However, embedding SQL queries right into your .aspx files does have a major disadvantage if you intend to grow your web site: in more complex applications containing many forms that perform many data-related tasks, storing all of your SQL queries inside different SqlDataSource controls can degenerate very quickly into a system that’s very difficult to maintain. When you’re writing real-world applications, you’ll want to have all the data access logic centralized in specialized classes. This way, a change to the database design would mean that you’d need to change only the data access code; if your application was written using SqlDataSource controls, you’d need to check each web form and update it manually.
Another disadvantage of using the SqlDataSource is that its sorting and paging features usually aren’t as fast and efficient as they could be if you used a custom SQL query that returned the data already paged and/or sorted from the database. When we use the GridView’s paging feature, for example, the SqlDataSource control doesn’t limit the number of records we read from the database. Even if only a small subset of data needs to be shown, unless customizations are implemented, the entire table will be read from the database, and a subset of the data displayed. Even if only three records need to be displayed, all of the records in the table will be returned.
An interesting property of SqlDataSource that’s worth noting is DataSourceMode, whose possible values are DataSet or SqlDataReader. The DataSet mode is the default mode, and implies that the SqlDataSource will use a DataSet object to retrieve its data. We’ll analyze the DataSet class next. The other mode is
SqlDataReader, which makes the SqlDataSource use your old friend, the SqlDataReader, behind the scenes.
So, what is this DataSet? The .NET Framework has, since version 1.0, come with a number of objects—DataSet, DataTable, DataView, SqlDataAdapter, and others—that provide disconnected data access. So, instead of having the database return the exact data you need for a certain task in the exact order in which you need it, you can use these objects to delegate some of the responsibility of filtering and ordering the data to your C# or VB code.
Both the DataSet and SqlDataReader settings of DataSourceMode have advantages and disadvantages, and the optimum approach for any task will depend on the task itself. There are circumstances in which it makes sense to store the data
493