Common Tasks in WebForms, Step-by-Step

1 WHAT SHOULD I USE TO DISPLAY DATA?

GridView

Fields are arranged horizontally as a table.

Displays multiple rows of query results.

DetailsView

Fields are arranged vertically, with data beside.

Emphasizes a single row of query results.
Can show multiple query results as distinct pages.

FormView

Behaves like a DetailsView, but is much more flexible.

Fields are arranged and placed just like any other ASP.NET controls.
You must edit the ItemTemplate to modify the layout of a FormView.
Values are displayed in normal controls, like TextBox, CheckBox and Image, even though
these controls do not themselves know how to access data from a DataSource.
The FormView will act as an intermediary between the normal controls and the DataSource.

How do I

show a single non-editable text field from a database?

o Place a SqlDataSource
Configure the connection string. Dont create multiple connection strings.
Specify the query.
Bind relevant parameters, e.g. to a QueryString parameter, Control value, or
Session variable.
o Place Label where the value should be displayed.
o Edit the PageLoad method in the C# code:

System.Data.DataView data = dataSource.Select(DataSourceSelectArguments.Empty);

if ((data != null) && (data.Count > 0))
{
var entry = data[0];
label.Text = (string)entry["Name"];
}

2 HOW DO I INSERT DATA INTO A DATABASE?

Place a new data source, or use an existing one.

Go to the properties list and find InsertQuery. Click the ellipsis button ().
In the configuration screen, enter the INSERT SQL query that is relevant.
The INSERT query will always have parameters that must provide the values to be inserted.
Press Next to go the parameter binding screen.

You must bind every parameter to the source of that parameters information.
o For example, if the user has entered data, bind a control.
o If the data is related to the page, which receives a request argument, then you will
probably bind to a QueryString parameter.
o If the data is related to the logged in user, you might need to bind to a Session
variable, perhaps for UserID.
Place an Add button to add the data to the database.
Attach an event handler to the Add button.
Write the code to perform the insert query.
On a successful insert, you will probably want to redirect to the current page to force a
refresh of displayed content.

if (dataSource.Insert() > 0)
{
// Insert is successful!
Response.Redirect(Request.Url.AbsoluteUri);
}
else
{
// Insert made no changes.
}
// Wrap this code in a try-block to catch exceptions.
// Exception handling is covered in a different module.

3 HOW DO I ALLOW EDIT AND DELETE?

Configure your GridView or DetailsView as normal.

Click on your data source, and then configure the UPDATE and DELETE queries in the
properties window.
o The UPDATE must have parameters for the primary key, and value fields.
o It is vital that you rename most of the parameters of the UPDATE query.
Parameters with names that match fields in the SELECT query will
automatically be bound.
That is why you should make sure those parameter names match the SELECT
field names when appropriate.
Other parameters can have any name, but must be manually bound. For
example, to a QueryString field.
o It is vital that you rename the PRIMARY KEY parameters of the DELETE query.
The only parameters likely to appear in a DELETE query are PRIMARY KEY
values. These must match the corresponding fields in the SELECT query in
order to be automatically bound.
Click on your GridView or DetailsView, and use the checkboxes to enable editing and
deleting. These options only appear if you have modified the data source with UPDATE and
DELETE queries.

4 HOW DO I PROCESS LOGIN AND LOGOUT?

After a user logs in, you must store their credentials in a Session variable.
The presence of that Session variable is an indication that the user is logged in.

The absence of that variable indicates that nobody is logged in.

Logout is there easy to do. Write the following code for the Logout button.

Session.Clear();
Response.Redirect(Request.Url.AbsoluteUri);

Note that the redirect is not optional. You must redirect after installing or removing the
session. The reason is that you must force a cookie change in the browser, so redirect to
ensure the change to the cookie happens.

Login is more challenging, because the users credentials must be verified.

Place a data source, and configure it with a user SELECT query, which returns user
information for a specific user name.
The code should check that the password entered matches expectations.
Important note about security: the following code is intentionally simple. Do not use it in a
professional production system. Professional systems should use salted hashes for password
checking.

System.Data.DataView data = dataSource.Select(DataSourceSelectArguments.Empty);

if ((data != null) && (data.Count > 0))
{
var entry = data[0];
if ((string)entry["Password"] == tbPassword.Text)
{
// Valid login
Session["UserID"] = (int)entry["ID"];
Session["UserName"] = tbUserName.Text
Response.Redirect(Request.Url.AbsoluteUri);
}
}

Sometimes you need to check if there is a user currently logged in.

For instance, you may want to display panelA if nobody is logged in, and panelB if someone
is logged in. The following code shows how you might do that.

bool loggedIn = (Session["UserName"] != null);

panelA.Visible = !loggedIn;
panelB.Visible = loggedIn;