ASP.NET 2.0 Instant Results
.pdfWrox Survey Engine
</authorization>
</system.web>
</configuration>
This configuration file uses three main entries as the meat of the security settings. These are essentially a series of statements in XML format that define the security rights for that folder, hierarchically within the web site, overriding the web site’s root Web.config, as well as the machine.config on the server.
In this file, the <deny users=”?” /> phrase means that the folder should deny any unauthenticated users, denoted by the question mark. Next, the <allow roles=”Admin” /> and the <allow roles=”SuperAdmin” /> entries both represent the ability of the folder to allow access to Admin or Superadmin roles.
Two accounts are created for use within the Survey Engine, and two different roles that those accounts are assigned to, respectively. These are as follows:
Username |
Password |
Account Description |
|
|
|
Admin |
password# |
This user is assigned to the Administrator role. |
SuperAdmin |
password# |
This user is assigned to the Super Administrator |
|
|
role. |
|
|
|
The following two roles are already in the security database and referenced within the application for certain areas of interest to remain very secure:
Role |
Role Description |
|
|
Administrator |
This role has the ability to add, edit, and delete surveys and their |
|
questions. |
Super Administrator |
This role has the same privileges as the Administrator role, but also can |
|
delete surveys and/or their individual questions from the system. |
|
|
Thus, you can control access to form elements and folders alike, using the ASP.NET Configuration Tool, or your own scripted logic in VB .NET.
Classes Involved
Only a few basic classes are in use for the Wrox Survey Engine, but they are intelligent classes that are designed to work in an object-friendly fashion. That is, in a typical object-oriented environment, the class structures would seem to fare well as compared to other object structures.
The SurveyBase Class
The SurveyBase class (see Figure 4-14) is essentially the inheritable base class to which every survey refers. It allows the derived Survey class objects to provide exposure to the Save and New methods for consistent and convenient class management.
117
Chapter 4
Figure 4-14
The following table describes the methods available to the SurveyBase class:
Method |
Return Type |
Description |
|
|
|
New() |
n/a |
The constructor for the SurveyBase class |
Save() |
Int |
The save method used to save the derived |
|
|
survey class object |
|
|
|
The Survey class follows the SurveyBase class, because it is a class that inherits from the SurveyBase class. This provides access to shared methods and functionality within the SurveyBase class.
The Survey Class
The Survey class (see Figure 4-15) is used to perform the bulk of the object provisioning for the business layer of the application. Its methods are accessible as public and shared for ease of use within the various forms and controls of the application. This means that you do not have to instantiate an instance of the Survey class in order to call its methods. Instead, simply use the syntax of Survey.MethodName() in any VB .NET WebForm or control of the application to execute the function.
The following table displays the accessible members of the Survey class:
Method |
Return Type |
Description |
|
|
|
Delete |
n/a |
Deletes a survey from the database by calling |
|
|
Delete() in the SurveyDB class. |
DeleteQuestion |
n/a |
Deletes a question from the database by calling |
|
|
DeleteQuestion() in the SurveyDB class. |
Get |
Survey Class |
Retrieves a survey from the database by calling |
|
Object |
Get() in the SurveyDB class. |
GetCurrentSurvey |
DataSet |
Returns the current survey from the database. |
|
|
|
118
|
|
|
Wrox Survey Engine |
|
|
|
|
|
|
|
|
|
Method |
Return Type |
Description |
|
|
|
|
|
GetQuestionIDs |
Collection |
Gets a set of question IDs for a given survey. |
|
GetQuestions |
DataSet |
Gets a set of questions and their multiple choices |
|
|
|
for a given survey. |
|
GetSurveyList |
DataSet |
Returns a list with surveys in the specified |
|
|
|
category from the database. |
|
New |
n/a |
Provides potential functionality to process actions |
|
|
|
and information on the create event for the object. |
|
Save |
Integer |
Saves a survey in the database by calling Save() |
|
|
|
in the SurveyDB class. Because this class inherits |
|
|
|
the SurveyBase class, the Save method is |
|
|
|
overrideable and the Me keyword is utilized. |
|
SaveQuestion |
Boolean |
Saves a set of questions for a survey. |
|
SaveResponses |
Boolean |
Saves a set of answers to questions for a given |
|
|
|
survey. |
|
SaveSurvey |
n/a |
Saves a survey to the database. |
|
SaveSurveyAsCurrent |
n/a |
Saves a survey as the current survey. |
|
|
|
|
Figure 4-15
119
Chapter 4
The next class represents the callable data-related methods of the application.
The SurveyDB Class
The SurveyDB class (see Figure 4-16) is used to as the data layer of the application. It is essentially the main go-between for all method calls from the business tier that require access to the database. No other class or code section of the application makes data-related executions except for this SurveyDB class.
Figure 4-16
The following table displays the accessible members of the SurveyDB class:
Method |
Return Type |
Description |
|
|
|
Delete |
n/a |
Deletes a survey from the database. |
DeleteQuestion |
n/a |
Deletes a question from the database. |
Get |
Survey |
Returns in instance of the class by sending in |
|
|
the survey ID. |
GetCurrentSurvey |
DataSet |
Retrieves the current survey from the |
|
|
database. |
GetQuestionIDsForSurvey |
Collection |
Retrieves a collection of survey question IDs |
|
|
from the database. |
GetQuestionsForSurvey |
DataSet |
Retrieves a DataSet of survey questions from |
|
|
the database. |
GetSurveyList |
DataSet |
Retrieves a DataSet of surveys from the |
|
|
database. |
Save |
Integer |
Saves a survey to the database. |
|
|
|
120
|
|
|
Wrox Survey Engine |
|
|
|
|
|
|
|
|
|
Method |
Return Type |
Description |
|
|
|
|
|
SaveQuestion |
Boolean |
Saves a question to the survey in the |
|
|
|
database. |
|
SaveResponses |
Boolean |
Saves a response to the question in the survey. |
|
SaveSurveyAsCurrent |
n/a |
Makes a specified survey the current one |
|
|
|
within the database. |
|
|
|
|
The next class portrays the configuration class that has been commonly used in this book.
The Config Class
The Config class, depicted in Figure 4-17, is used as the configuration manager of the application. It is essentially the main access point for all configuration settings that any of the application tiers may require access to. No other class or code section of the application makes configuration-related calls except for this Config class.
Figure 4-17
The following table displays the accessible members of the Config class:
Property |
Return Type |
Description |
|
|
|
ConnectionString |
String |
The connection string property that pulls |
|
|
from Web.config. |
CurrentTheme |
String |
The current theme of the web site as defined |
|
|
in the Web.config file. |
PageTitle |
String |
The HTML title value that each page displays, |
|
|
as defined here from the Web.config file. |
|
|
|
So you have a good idea at this point about what classes are involved in the application, and how those classes may be used. The next section explains the detailed business logic within the application and the processes or workflow that they accommodate.
121
Chapter 4
Code and Code Explanation
This section explains each of the essential code files in the Wrox Survey Engine project. You look in detail at the files in the each of the different folders and learn how they interact and are used across the project.
Root Files
The root of the Wrox Survey Engine contains several important files, including the main ASPX shellpages, and the configuration and formatting pages.
Web.config
The Web.config stores vital configuration entries used within the application. One entry, named the SqlServerConnectionString, controls the connection to the database, as shown here:
<connectionStrings>
<add name=”ConnectionString” connectionString=”Data Source=(local)\SqlExpress;AttachDbFilename=|DataDirectory|\SurveyDB.mdf;Integrated Security=True;User Instance=True” providerName=”System.Data.SqlClient”/> </connectionStrings>
The SqlServerConnectionString also contains information managing the SMTP e-mail settings for sending out e-mails:
<appSettings>
<add key=”EmailFrom” value=”admin@mysurveyengine.com” /> <add key=”EmailTo” value=”admin@mysurveyengine.Com” />
The Web.config is also used to provide easy modification to the themes in use for the entire site. You can find more information on this in the “Themes and Skins” section earlier in the chapter.
Survey.vb
The Survey class is one of the most important areas of the Survey Engine application. The class contains methods and properties that allow for the storage of survey-related information and logic to implement updates to that information within the data access layer. Some of the methods provide access to the general information for surveys, whereas others provide the capability to obtain a full dataset of all surveys. In addition, the GetQuestions method returns all of the questions for any given survey.
This Survey.vb class can also be bound to an ObjectDataSource control within the user interface, thereby providing a business layer for the application. Its methods are listed as public and shared to provide a more rapid development model without being required to instantiate an instance of the Survey class in order to call its methods or access its members.
By using #Region tags in the Survey.vb class file, the Visual Studio IDE allows the page to be grouped into organized sections. Sections that are commonly used to group the code in this way include Variables, Constructors, Methods, and Properties. This does not impact the .NET assemblies in any way, but is simply a great way to maintain organized logic. Figure 4-18 is a visual display of the regionalized code as it is displayed within the Visual Studio IDE.
122
Wrox Survey Engine
Figure 4-18
One of the more important method calls of the survey is the SaveSurvey method. The code for this is as follows:
Public Shared Sub SaveSurvey(ByVal Name As String, ByVal Description As String, ByVal ID As Integer)
Dim mSurvey As New Survey
mSurvey.ID = ID
mSurvey.Name = Name
mSurvey.Description = Description
SurveyDB.Save(mSurvey)
End Sub
This method provides the means by which to hand off a Survey class object to the data tier for processing.
Config.vb
The Config class is used as an available object with three static members. Its members are listed as properties in order to abstract the location in which these values are stored. Currently, the three properties are ConnectionString, CurrentTheme, and PageTitle. The values for the three properties are stored in the Web.config file, with a Config class to retrieve them when they are needed:
Imports Microsoft.VisualBasic
Public Class Config ‘’’ <summary>
‘’’ The connection string property that pulls from the web.config ‘’’ </summary>
Public Shared ReadOnly Property ConnectionString() As String Get
Return ConfigurationManager.ConnectionStrings(“ConnectionString”)
.ConnectionString End Get
123
Chapter 4
End Property ‘’’ <summary>
‘’’ The current theme of the website as defined in the web.config file ‘’’ </summary>
Public Shared ReadOnly Property CurrentTheme() As String Get
Return ConfigurationManager.AppSettings(“CurrentTheme”).ToString() End Get
End Property ‘’’ <summary>
‘’’ The HTML title value that each page displays, as defined here from the web.config file
‘’’ </summary>
Public Shared ReadOnly Property PageTitle() As String Get
Return ConfigurationManager.AppSettings(“PageTitle”).ToString() End Get
End Property End Class
As the preceding Config class displays, the properties ConnectionString, CurrentTheme, and PageTitle are marked as Public Shared ReadOnly, which allows them to be accessed from anywhere in the project by the config-dot notation. An example of this would be config.ConnectionString(). This would return the connection string from the Config class, without instantiating a Config class object first.
SurveyDB.vb
This class is essentially the data layer for the application. It provides method calls in order to retrieve information from the database and insert or update data within the database as well. This class serves as the only file or object that will have access to the database files. In this way, you isolate data-specific operations outside of the business logic layer. In so doing, you can see that it protects a developer from writing duplicate data access code because it is organized in nature and located in the same place. This also allows for the application to be logically separated into tiers, or layers, with the deliberate feasibility of migrating and expanding the application onto separate servers at any point in time.
In line with the documented function call from the Survey class, the surveyDB class contains a Save method, as displayed here:
Public Shared Function Save(ByVal mSurvey As Survey) As Integer
Using mConnection As New SqlConnection(Config.ConnectionString)
Dim mNewSurveyID As Integer
Dim mCommand As SqlCommand = New
SqlCommand(“sprocSurveyInsertUpdateItem”, mConnection)
mCommand.CommandType = CommandType.StoredProcedure If mSurvey.ID > 0 Then
mCommand.Parameters.AddWithValue(“@id”, mSurvey.ID)
Else
mCommand.Parameters.AddWithValue(“@id”, DBNull.Value) End If
mCommand.Parameters.AddWithValue(“@name”, mSurvey.Name)
124
Wrox Survey Engine
mCommand.Parameters.AddWithValue(“@description”, mSurvey.Description) If mSurvey.IsCurrentSurvey = False Then
mCommand.Parameters.AddWithValue(“@iscurrentsurvey”, 0)
Else
mCommand.Parameters.AddWithValue(“@iscurrentsurvey”, 1) End If
mConnection.Open()
mNewSurveyID = mCommand.ExecuteScalar() mConnection.Close()
Return mNewSurveyID
End Using
End Function
This accepts a parameter of the type survey and accesses the members to save values into the database.
Another method of interest is the GetCurrentSurvey() method, returning a DataSet of the currently selected survey in the system. The following is a code excerpt for this method:
‘’’ <summary>
‘’’ Retrieves the ‘current’ survey from the database ‘’’ </summary>
Public Shared Function GetCurrentSurvey() As DataSet Dim dsSurveys As DataSet = New DataSet()
Try
Using mConnection As New SqlConnection(Config.ConnectionString)
Dim mCommand As SqlCommand = New SqlCommand (“sprocSurveySelectSingleItemWhereCurrent”, mConnection)
mCommand.CommandType = CommandType.StoredProcedure
Dim myDataAdapter As SqlDataAdapter = New SqlDataAdapter()
myDataAdapter.SelectCommand = mCommand myDataAdapter.Fill(dsSurveys) mConnection.Close()
Return dsSurveys End Using
Catch ex As Exception
‘When you call the “Throw” statement, you are raising the error to the global.asax file, which will use the default error handling page to process/display the custom error to the user
Throw End Try
End Function
The preceding page logic performs the following steps:
1.Creates a new SqlCommand object, passing in the stored procedure name and the connection.
2.Sets the command type to be stored procedure.
3.Creates a new DataAdapter.
4.Assigns the SelectCommand of the DataAdapter to the newly created command.
125
Chapter 4
5.Calls the data adapter’s Fill method, passing in the DataSet to be filled with data.
6.Closes the connection.
7.Returns the DataSet to the caller.
It is worth mentioning that the CurrentSurvey web user control is the way that you currently display a survey to the user. By extending the application, you could offer a list of surveys to choose from, and provide dynamic page logic to pull the right survey for the user to complete.
WebForms
The WebForms are standard ASPX pages that contain the client-side graphical user interface of the application. A few WebForms are of particular importance within the project, as noted in the following sections.
Default.aspx
The Default.aspx file is of course used as the first page that loads when the site is accessed. Within this page is an instance of the user control currentsurvey.ascx, which provides visibility to the title and description of the survey that is marked as current in the database. In this way, the web site viewers will be able to see a survey they can click to complete and view the results.
Login.aspx
The Login page contains a Login control and a PasswordRecovery control. As mentioned in other chapters, these are brand new to the .NET environment. This Login.aspx WebForm is located at the root of the site and is not using a master page. The login controls contain HTML markup that defines the specific values for the destination page and text values of the controls:
<fieldset style=”height: 128px; width: 270px;”>
<asp:Login ID=”Login1” runat=”server” DestinationPageUrl= “~/Management/ Admin.aspx”>
</asp:Login>
</fieldset>
<fieldset style=”height: 118px; width: 270px;”> <asp:PasswordRecovery ID=”PasswordRecovery1” runat=”server”> </asp:PasswordRecovery>
</fieldset>
This HTML markup contains the control definitions for the Login and PasswordRecovery controls and their properties.
TakeSurvey.aspx
The TakeSurvey.aspx WebForm is used to provide a survey from the database to complete with inserts into the response table. The basic controls on the WebForm are an ObjectDataSource control, SqlDataSource control, DataList control, and a set of fields within the DataList control that are bound to the object properties. The following excerpt is the defined values of an ObjectDataSource
control as it is used to bind to values from the SelectMethod of its designated Survey business object. The GetQuestions method is used to retrieve the survey table records in the form of a DataSet, for this
ObjectDataSource control to bind to:
126