Добавил:
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:

ASP.NET 2.0 Instant Results

.pdf
Скачиваний:
67
Добавлен:
17.08.2013
Размер:
11.03 Mб
Скачать

Wrox Survey Engine

</authorization>

</system.web>

</configuration>

This configuration file uses three main entries as the meat of the security settings. These are essentially a series of statements in XML format that define the security rights for that folder, hierarchically within the web site, overriding the web site’s root Web.config, as well as the machine.config on the server.

In this file, the <deny users=”?” /> phrase means that the folder should deny any unauthenticated users, denoted by the question mark. Next, the <allow roles=”Admin” /> and the <allow roles=”SuperAdmin” /> entries both represent the ability of the folder to allow access to Admin or Superadmin roles.

Two accounts are created for use within the Survey Engine, and two different roles that those accounts are assigned to, respectively. These are as follows:

Username

Password

Account Description

 

 

 

Admin

password#

This user is assigned to the Administrator role.

SuperAdmin

password#

This user is assigned to the Super Administrator

 

 

role.

 

 

 

The following two roles are already in the security database and referenced within the application for certain areas of interest to remain very secure:

Role

Role Description

 

 

Administrator

This role has the ability to add, edit, and delete surveys and their

 

questions.

Super Administrator

This role has the same privileges as the Administrator role, but also can

 

delete surveys and/or their individual questions from the system.

 

 

Thus, you can control access to form elements and folders alike, using the ASP.NET Configuration Tool, or your own scripted logic in VB .NET.

Classes Involved

Only a few basic classes are in use for the Wrox Survey Engine, but they are intelligent classes that are designed to work in an object-friendly fashion. That is, in a typical object-oriented environment, the class structures would seem to fare well as compared to other object structures.

The SurveyBase Class

The SurveyBase class (see Figure 4-14) is essentially the inheritable base class to which every survey refers. It allows the derived Survey class objects to provide exposure to the Save and New methods for consistent and convenient class management.

117

Chapter 4

Figure 4-14

The following table describes the methods available to the SurveyBase class:

Method

Return Type

Description

 

 

 

New()

n/a

The constructor for the SurveyBase class

Save()

Int

The save method used to save the derived

 

 

survey class object

 

 

 

The Survey class follows the SurveyBase class, because it is a class that inherits from the SurveyBase class. This provides access to shared methods and functionality within the SurveyBase class.

The Survey Class

The Survey class (see Figure 4-15) is used to perform the bulk of the object provisioning for the business layer of the application. Its methods are accessible as public and shared for ease of use within the various forms and controls of the application. This means that you do not have to instantiate an instance of the Survey class in order to call its methods. Instead, simply use the syntax of Survey.MethodName() in any VB .NET WebForm or control of the application to execute the function.

The following table displays the accessible members of the Survey class:

Method

Return Type

Description

 

 

 

Delete

n/a

Deletes a survey from the database by calling

 

 

Delete() in the SurveyDB class.

DeleteQuestion

n/a

Deletes a question from the database by calling

 

 

DeleteQuestion() in the SurveyDB class.

Get

Survey Class

Retrieves a survey from the database by calling

 

Object

Get() in the SurveyDB class.

GetCurrentSurvey

DataSet

Returns the current survey from the database.

 

 

 

118

 

 

 

Wrox Survey Engine

 

 

 

 

 

 

 

 

 

Method

Return Type

Description

 

 

 

 

 

GetQuestionIDs

Collection

Gets a set of question IDs for a given survey.

 

GetQuestions

DataSet

Gets a set of questions and their multiple choices

 

 

 

for a given survey.

 

GetSurveyList

DataSet

Returns a list with surveys in the specified

 

 

 

category from the database.

 

New

n/a

Provides potential functionality to process actions

 

 

 

and information on the create event for the object.

 

Save

Integer

Saves a survey in the database by calling Save()

 

 

 

in the SurveyDB class. Because this class inherits

 

 

 

the SurveyBase class, the Save method is

 

 

 

overrideable and the Me keyword is utilized.

 

SaveQuestion

Boolean

Saves a set of questions for a survey.

 

SaveResponses

Boolean

Saves a set of answers to questions for a given

 

 

 

survey.

 

SaveSurvey

n/a

Saves a survey to the database.

 

SaveSurveyAsCurrent

n/a

Saves a survey as the current survey.

 

 

 

 

Figure 4-15

119

Chapter 4

The next class represents the callable data-related methods of the application.

The SurveyDB Class

The SurveyDB class (see Figure 4-16) is used to as the data layer of the application. It is essentially the main go-between for all method calls from the business tier that require access to the database. No other class or code section of the application makes data-related executions except for this SurveyDB class.

Figure 4-16

The following table displays the accessible members of the SurveyDB class:

Method

Return Type

Description

 

 

 

Delete

n/a

Deletes a survey from the database.

DeleteQuestion

n/a

Deletes a question from the database.

Get

Survey

Returns in instance of the class by sending in

 

 

the survey ID.

GetCurrentSurvey

DataSet

Retrieves the current survey from the

 

 

database.

GetQuestionIDsForSurvey

Collection

Retrieves a collection of survey question IDs

 

 

from the database.

GetQuestionsForSurvey

DataSet

Retrieves a DataSet of survey questions from

 

 

the database.

GetSurveyList

DataSet

Retrieves a DataSet of surveys from the

 

 

database.

Save

Integer

Saves a survey to the database.

 

 

 

120

 

 

 

Wrox Survey Engine

 

 

 

 

 

 

 

 

 

Method

Return Type

Description

 

 

 

 

 

SaveQuestion

Boolean

Saves a question to the survey in the

 

 

 

database.

 

SaveResponses

Boolean

Saves a response to the question in the survey.

 

SaveSurveyAsCurrent

n/a

Makes a specified survey the current one

 

 

 

within the database.

 

 

 

 

The next class portrays the configuration class that has been commonly used in this book.

The Config Class

The Config class, depicted in Figure 4-17, is used as the configuration manager of the application. It is essentially the main access point for all configuration settings that any of the application tiers may require access to. No other class or code section of the application makes configuration-related calls except for this Config class.

Figure 4-17

The following table displays the accessible members of the Config class:

Property

Return Type

Description

 

 

 

ConnectionString

String

The connection string property that pulls

 

 

from Web.config.

CurrentTheme

String

The current theme of the web site as defined

 

 

in the Web.config file.

PageTitle

String

The HTML title value that each page displays,

 

 

as defined here from the Web.config file.

 

 

 

So you have a good idea at this point about what classes are involved in the application, and how those classes may be used. The next section explains the detailed business logic within the application and the processes or workflow that they accommodate.

121

Chapter 4

Code and Code Explanation

This section explains each of the essential code files in the Wrox Survey Engine project. You look in detail at the files in the each of the different folders and learn how they interact and are used across the project.

Root Files

The root of the Wrox Survey Engine contains several important files, including the main ASPX shellpages, and the configuration and formatting pages.

Web.config

The Web.config stores vital configuration entries used within the application. One entry, named the SqlServerConnectionString, controls the connection to the database, as shown here:

<connectionStrings>

<add name=”ConnectionString” connectionString=”Data Source=(local)\SqlExpress;AttachDbFilename=|DataDirectory|\SurveyDB.mdf;Integrated Security=True;User Instance=True” providerName=”System.Data.SqlClient”/> </connectionStrings>

The SqlServerConnectionString also contains information managing the SMTP e-mail settings for sending out e-mails:

<appSettings>

<add key=”EmailFrom” value=”admin@mysurveyengine.com” /> <add key=”EmailTo” value=”admin@mysurveyengine.Com” />

The Web.config is also used to provide easy modification to the themes in use for the entire site. You can find more information on this in the “Themes and Skins” section earlier in the chapter.

Survey.vb

The Survey class is one of the most important areas of the Survey Engine application. The class contains methods and properties that allow for the storage of survey-related information and logic to implement updates to that information within the data access layer. Some of the methods provide access to the general information for surveys, whereas others provide the capability to obtain a full dataset of all surveys. In addition, the GetQuestions method returns all of the questions for any given survey.

This Survey.vb class can also be bound to an ObjectDataSource control within the user interface, thereby providing a business layer for the application. Its methods are listed as public and shared to provide a more rapid development model without being required to instantiate an instance of the Survey class in order to call its methods or access its members.

By using #Region tags in the Survey.vb class file, the Visual Studio IDE allows the page to be grouped into organized sections. Sections that are commonly used to group the code in this way include Variables, Constructors, Methods, and Properties. This does not impact the .NET assemblies in any way, but is simply a great way to maintain organized logic. Figure 4-18 is a visual display of the regionalized code as it is displayed within the Visual Studio IDE.

122

Wrox Survey Engine

Figure 4-18

One of the more important method calls of the survey is the SaveSurvey method. The code for this is as follows:

Public Shared Sub SaveSurvey(ByVal Name As String, ByVal Description As String, ByVal ID As Integer)

Dim mSurvey As New Survey

mSurvey.ID = ID

mSurvey.Name = Name

mSurvey.Description = Description

SurveyDB.Save(mSurvey)

End Sub

This method provides the means by which to hand off a Survey class object to the data tier for processing.

Config.vb

The Config class is used as an available object with three static members. Its members are listed as properties in order to abstract the location in which these values are stored. Currently, the three properties are ConnectionString, CurrentTheme, and PageTitle. The values for the three properties are stored in the Web.config file, with a Config class to retrieve them when they are needed:

Imports Microsoft.VisualBasic

Public Class Config ‘’’ <summary>

‘’’ The connection string property that pulls from the web.config ‘’’ </summary>

Public Shared ReadOnly Property ConnectionString() As String Get

Return ConfigurationManager.ConnectionStrings(“ConnectionString”)

.ConnectionString End Get

123

Chapter 4

End Property ‘’’ <summary>

‘’’ The current theme of the website as defined in the web.config file ‘’’ </summary>

Public Shared ReadOnly Property CurrentTheme() As String Get

Return ConfigurationManager.AppSettings(“CurrentTheme”).ToString() End Get

End Property ‘’’ <summary>

‘’’ The HTML title value that each page displays, as defined here from the web.config file

‘’’ </summary>

Public Shared ReadOnly Property PageTitle() As String Get

Return ConfigurationManager.AppSettings(“PageTitle”).ToString() End Get

End Property End Class

As the preceding Config class displays, the properties ConnectionString, CurrentTheme, and PageTitle are marked as Public Shared ReadOnly, which allows them to be accessed from anywhere in the project by the config-dot notation. An example of this would be config.ConnectionString(). This would return the connection string from the Config class, without instantiating a Config class object first.

SurveyDB.vb

This class is essentially the data layer for the application. It provides method calls in order to retrieve information from the database and insert or update data within the database as well. This class serves as the only file or object that will have access to the database files. In this way, you isolate data-specific operations outside of the business logic layer. In so doing, you can see that it protects a developer from writing duplicate data access code because it is organized in nature and located in the same place. This also allows for the application to be logically separated into tiers, or layers, with the deliberate feasibility of migrating and expanding the application onto separate servers at any point in time.

In line with the documented function call from the Survey class, the surveyDB class contains a Save method, as displayed here:

Public Shared Function Save(ByVal mSurvey As Survey) As Integer

Using mConnection As New SqlConnection(Config.ConnectionString)

Dim mNewSurveyID As Integer

Dim mCommand As SqlCommand = New

SqlCommand(“sprocSurveyInsertUpdateItem”, mConnection)

mCommand.CommandType = CommandType.StoredProcedure If mSurvey.ID > 0 Then

mCommand.Parameters.AddWithValue(“@id”, mSurvey.ID)

Else

mCommand.Parameters.AddWithValue(“@id”, DBNull.Value) End If

mCommand.Parameters.AddWithValue(“@name”, mSurvey.Name)

124

Wrox Survey Engine

mCommand.Parameters.AddWithValue(“@description”, mSurvey.Description) If mSurvey.IsCurrentSurvey = False Then

mCommand.Parameters.AddWithValue(“@iscurrentsurvey”, 0)

Else

mCommand.Parameters.AddWithValue(“@iscurrentsurvey”, 1) End If

mConnection.Open()

mNewSurveyID = mCommand.ExecuteScalar() mConnection.Close()

Return mNewSurveyID

End Using

End Function

This accepts a parameter of the type survey and accesses the members to save values into the database.

Another method of interest is the GetCurrentSurvey() method, returning a DataSet of the currently selected survey in the system. The following is a code excerpt for this method:

‘’’ <summary>

‘’’ Retrieves the ‘current’ survey from the database ‘’’ </summary>

Public Shared Function GetCurrentSurvey() As DataSet Dim dsSurveys As DataSet = New DataSet()

Try

Using mConnection As New SqlConnection(Config.ConnectionString)

Dim mCommand As SqlCommand = New SqlCommand (“sprocSurveySelectSingleItemWhereCurrent”, mConnection)

mCommand.CommandType = CommandType.StoredProcedure

Dim myDataAdapter As SqlDataAdapter = New SqlDataAdapter()

myDataAdapter.SelectCommand = mCommand myDataAdapter.Fill(dsSurveys) mConnection.Close()

Return dsSurveys End Using

Catch ex As Exception

‘When you call the “Throw” statement, you are raising the error to the global.asax file, which will use the default error handling page to process/display the custom error to the user

Throw End Try

End Function

The preceding page logic performs the following steps:

1.Creates a new SqlCommand object, passing in the stored procedure name and the connection.

2.Sets the command type to be stored procedure.

3.Creates a new DataAdapter.

4.Assigns the SelectCommand of the DataAdapter to the newly created command.

125

Chapter 4

5.Calls the data adapter’s Fill method, passing in the DataSet to be filled with data.

6.Closes the connection.

7.Returns the DataSet to the caller.

It is worth mentioning that the CurrentSurvey web user control is the way that you currently display a survey to the user. By extending the application, you could offer a list of surveys to choose from, and provide dynamic page logic to pull the right survey for the user to complete.

WebForms

The WebForms are standard ASPX pages that contain the client-side graphical user interface of the application. A few WebForms are of particular importance within the project, as noted in the following sections.

Default.aspx

The Default.aspx file is of course used as the first page that loads when the site is accessed. Within this page is an instance of the user control currentsurvey.ascx, which provides visibility to the title and description of the survey that is marked as current in the database. In this way, the web site viewers will be able to see a survey they can click to complete and view the results.

Login.aspx

The Login page contains a Login control and a PasswordRecovery control. As mentioned in other chapters, these are brand new to the .NET environment. This Login.aspx WebForm is located at the root of the site and is not using a master page. The login controls contain HTML markup that defines the specific values for the destination page and text values of the controls:

<fieldset style=”height: 128px; width: 270px;”>

<asp:Login ID=”Login1” runat=”server” DestinationPageUrl= “~/Management/ Admin.aspx”>

</asp:Login>

</fieldset>

<fieldset style=”height: 118px; width: 270px;”> <asp:PasswordRecovery ID=”PasswordRecovery1” runat=”server”> </asp:PasswordRecovery>

</fieldset>

This HTML markup contains the control definitions for the Login and PasswordRecovery controls and their properties.

TakeSurvey.aspx

The TakeSurvey.aspx WebForm is used to provide a survey from the database to complete with inserts into the response table. The basic controls on the WebForm are an ObjectDataSource control, SqlDataSource control, DataList control, and a set of fields within the DataList control that are bound to the object properties. The following excerpt is the defined values of an ObjectDataSource

control as it is used to bind to values from the SelectMethod of its designated Survey business object. The GetQuestions method is used to retrieve the survey table records in the form of a DataSet, for this

ObjectDataSource control to bind to:

126