Scribd
Upload
49 views8 pages

W e B A P P L I C A T I o N S W I T H D A T A B A S e A C C e S S

This document discusses creating web applications with database access using stored procedures in ASP.NET 2.0. It describes designing a database to store user information, then creating web pages for user authentication and registration that insert data into the database tables using stored procedures. Code examples are provided for connecting to the database and calling a stored procedure to register a new user.

Uploaded by

Claudiu Bosmoaga
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
49 views8 pages

W e B A P P L I C A T I o N S W I T H D A T A B A S e A C C e S S

This document discusses creating web applications with database access using stored procedures in ASP.NET 2.0. It describes designing a database to store user information, then creating web pages for user authentication and registration that insert data into the database tables using stored procedures. Code examples are provided for connecting to the database and calling a stored procedure to register a new user.

Uploaded by

Claudiu Bosmoaga
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

WEB APPLICATIONS WITH DATABASE ACCESS

Demian Horia
Anton Mihai
Universitatea din Oradea, Facultatea de Stiinte Economice, str. Universitatii Nr. 1, Oradea
410087, Bihor, Romania
Abstract
This paper present the mechanism of transferring data from web pages to a record in a database, using stored
procedures. You can see the mechanism of defining the parameters (name, type and length). A special case is
the case of uniqueidentifier.

Stored procedures, ASP2.0


ASP.NET 2.0 is the last technology created by Microsoft for developing XML web services and web
application. This paper presents some aspects regarding the process of creating web application with database
access.
First of all, we have to begin with the creation of database. The analysis of our problem, help us to decide the
informational attributes which have to be recorded in our database. For example, a database for recording some
information for persons looks.

fig.
1

In the image above, you can see Persoana table, which structures contains fields for recording the first name,
the last name, the address etc. After we have finished designing the database we have to decide the structure of
our web application. In this moment, from our analysis there are two types of information:
− for public access
− for private access
Because some information will be available only for some special visitors of our site, we have to create a
mechanism which helps us in filtering these visitors. Some will be public visitors, and other will be private
visitors. This mechanism is known as authentication. A public visitor can become a private visitor, only if this
person will provide a username and a password. So we must have a page for authentication which looks like the
page from fig. 2.

786
Fig. 2

The authentication process takes the username and password provided by visitor and compare with usernames
and passwords stored in the database. Usually there is a table which contains this king of information’s, this
table is created with private access permissions. If the authentication process finds a valid user, the public
visitors will become a private visitor.
Because all the process have to function without any interventions, a page for recording the data for users, have
to be created. Through this page, any user will provide a name, an address, a username, a password and any
other information, needed.
This page can be like the page presented in fig. 3 (above). This page was created for public access.

fig. 3.

In the following line I will present the code behind this process which help us, to record the informations
provided by visitors in table Persoana from database. Because of security reason, I used stored procedures. The
code needed for this is presented below.
using System;
using System.Data;
using System.Configuration;
using System.Collections;

787
using System.Data;
using System.Data.SqlClient;
using System.Web;
using System.Web.Configuration;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class InregistrareParticipanti : System.Web.UI.Page


{
//aceasta clasa se foloseste pentru inregistrarea unui nou participant, si prin urmare acesta inca nu a primit nici un id
//va fi nevoie sa obtinem un id de pe server in momentul in care se incarca aceasta pagina si sa il utilizam
// in momentul in care dorim salvarea datelor pe server
protected SqlConnection con;//conexiunea spre baza de date

protected void Page_Load(object sender, EventArgs e)


{
if (IsPostBack == false)
{
con = null;//initializam aceasta conexiune cu null pentru a evidentia faptul ca s-a eliberat
string lcidPersoana; //avem nevoie de 2 variabile atunci cand lucram cu un uniqueidentifier
System.Guid luidPersoana;

int lnErori;

lnErori = 0;
lcidPersoana = "00000000-0000-0000-0000-000000000000";
luidPersoana = new System.Guid(lcidPersoana);
//definim parametri de de definire a conexiunii catre server pentru obtinerea de id
string ConnectionString =
WebConfigurationManager.ConnectionStrings["sesiuneConnectionString"].ConnectionString;
con = new SqlConnection(ConnectionString); //instantiem pentru prima data obiectul conexiune
SqlCommand cmd = new SqlCommand("", con);
//comanda prin care vom apela procedura de pe server de obtinere a id-ului de persoana
//cream conexiunea catre server
try
{
con.Open();

cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "ClientOnline_NewId";//specifica numele procedurii ce urmeaza a fi exeutate
cmd.Parameters.AddWithValue("@id", "00000000-0000-0000-0000-000000000000");

cmd.Parameters["@id"].SqlDbType = SqlDbType.UniqueIdentifier;
cmd.Parameters["@id"].Direction = ParameterDirection.Output;
//verificam daca exista un astfel de utilizator
cmd.ExecuteNonQuery();

lcidPersoana = cmd.Parameters["@id"].Value.ToString();

if (string.IsNullOrEmpty(lcidPersoana) == false)

788
{
//stergem din cache vechea valoare pentru idPersoana si o introducem pe cea noua
Session.Remove("idPersoana");
Session.Add("idPersoana", lcidPersoana);
}
}
catch (Exception eExecutie)
{
//capturam erorile ce apar
lnErori = 1; //marcam faptul ca au aparut erori
}
finally
{
//conexiunea a reusit , la fel si obtinerea id-ului de persoana
con.Close();
}

}
}
protected void btnInregistrare_Click(object sender, EventArgs e)
{
//vom face verificarea completarii campurilor si vom trimite datele catre server in vederea inregistrarii persoanei
bool llOk;
string lcTitlu;
string lcNume;
string lcPrenume;
string lcParola;
string lcConfirmareParola;
string lcEmail;
string lcInstitutia;
string lcAdresa;
string lcLocalitatea;
string lcCodPostal;
string lcJudet;
string lcTara;
string lcTelefon;
string lcMobil;
bool llStudent;
bool llPrezenta;
int lnEroare;

lnEroare = 0;
//aceasta procedura adauga nodurile radacina ale arborelui urmand ca in momentul in care utilizatorul
// selecteaza un nod acesta sa fie populat cu copii lui
string lcidPersoana;
System.Guid luidPersoana;
llOk = true; //pp ca totul este OK
txtMesaje.Text = ""; //resetam casuta de mesaje pentru a nu ramane acolo vechile mesaje
//verificam completarea titlului
lcTitlu = txtPrefix.Text.ToString();
if (string.IsNullOrEmpty(lcTitlu) == true)
{

789
llOk = false;
txtMesaje.Text = "Completati campul Titlu/Title ";
}
//verificam completarea numelui
lcNume = txtNume.Text.ToString();
if ( llOk == true )
{
if (string.IsNullOrEmpty(lcNume) == true)
{
llOk = false;
txtMesaje.Text = "Completati campul Nume/Sure Name ";
}
}
//verificam completarea prenumelui
//…………………………………………………………………………
llStudent = chkStudent.Checked;
llPrezenta = chkPrezenta.Checked;
//verificam completarea telefonului
//daca totul este completat pana in acest moment atunci putem continua cu incercarea de a salva datele pe server
if (llOk == true)
{
//continuam cu salvarea
if (con == null)
{
string ConnectionString =
WebConfigurationManager.ConnectionStrings["sesiuneConnectionString"].ConnectionString;
con = new SqlConnection(ConnectionString);
}
try
{
if (con.State == ConnectionState.Closed)
{
//daca conexiunea este inchisa atunci o deschidem
con.Open();
}
//definim variabila utilizata pentru executarea comenzii de inserare
SqlCommand cmd = new SqlCommand("", con);
lcidPersoana = Session["idPersoana"].ToString();
if ((lcidPersoana != "00000000-0000-0000-0000-000000000000") && (string.IsNullOrEmpty(lcidPersoana)
== false))
{
lnEroare = 0; //initial pp ca totul se va desfasura fara probleme
luidPersoana = new System.Guid(lcidPersoana);
//definim paramteri comenzii
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "ClientOnline_InregistrareAutor";
//specifica numele procedurii ce urmeaza a fi exeutate
cmd.Parameters.AddWithValue("@idPersoana", luidPersoana);
cmd.Parameters.AddWithValue("@Prefix", lcTitlu);
cmd.Parameters.AddWithValue("@Nume", lcNume);
cmd.Parameters.AddWithValue("@Prenume", lcPrenume);
cmd.Parameters.AddWithValue("@Parola", lcParola);
cmd.Parameters.AddWithValue("@Email", lcEmail);

790
cmd.Parameters.AddWithValue("@Institutia", lcInstitutia);
cmd.Parameters.AddWithValue("@xType", llStudent);
cmd.Parameters.AddWithValue("@AdresaPostala", lcAdresa);
cmd.Parameters.AddWithValue("@Localitatea", lcLocalitatea);
cmd.Parameters.AddWithValue("@CodPostal", lcCodPostal);
cmd.Parameters.AddWithValue("@Judet", lcJudet);
cmd.Parameters.AddWithValue("@Tara", lcTara);
cmd.Parameters.AddWithValue("@TelefonFix", lcTelefon);
cmd.Parameters.AddWithValue("@Mobil", lcMobil);
cmd.Parameters.AddWithValue("@Prezenta", llPrezenta);
cmd.Parameters.AddWithValue("@eroare", lnEroare);

cmd.Parameters["@idPersoana"].Direction = ParameterDirection.Input;
cmd.Parameters["@idPersoana"].SqlDbType = SqlDbType.UniqueIdentifier;
cmd.Parameters["@Prefix"].Direction = ParameterDirection.Input;
cmd.Parameters["@Prefix"].SqlDbType = SqlDbType.Char;
cmd.Parameters["@Prefix"].Size = 10;
cmd.Parameters["@Nume"].Direction = ParameterDirection.Input;
cmd.Parameters["@Nume"].SqlDbType = SqlDbType.Char;
cmd.Parameters["@Nume"].Size = 50;
cmd.Parameters["@Prenume"].Direction = ParameterDirection.Input;
cmd.Parameters["@Prenume"].SqlDbType = SqlDbType.Char;
cmd.Parameters["@Prenume"].Size = 50;
cmd.Parameters["@Parola"].Direction = ParameterDirection.Input;
cmd.Parameters["@Parola"].SqlDbType = SqlDbType.Char;
cmd.Parameters["@Parola"].Size = 10;
cmd.Parameters["@Email"].Direction = ParameterDirection.Input;
cmd.Parameters["@Email"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@Email"].Size = 100;
cmd.Parameters["@Institutia"].Direction = ParameterDirection.Input;
cmd.Parameters["@Institutia"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@Institutia"].Size = 200;
cmd.Parameters["@xType"].Direction = ParameterDirection.Input;
cmd.Parameters["@xType"].SqlDbType = SqlDbType.SmallInt;
cmd.Parameters["@AdresaPostala"].Direction = ParameterDirection.Input;
cmd.Parameters["@AdresaPostala"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@AdresaPostala"].Size = 200;
cmd.Parameters["@Localitatea"].Direction = ParameterDirection.Input;
cmd.Parameters["@Localitatea"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@Localitatea"].Size = 100;
cmd.Parameters["@CodPostal"].Direction = ParameterDirection.Input;
cmd.Parameters["@CodPostal"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@CodPostal"].Size = 20;
cmd.Parameters["@Judet"].Direction = ParameterDirection.Input;
cmd.Parameters["@Judet"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@Judet"].Size = 100;
cmd.Parameters["@Tara"].Direction = ParameterDirection.Input;
cmd.Parameters["@Tara"].SqlDbType = SqlDbType.NVarChar;
cmd.Parameters["@Tara"].Size = 100;
cmd.Parameters["@TelefonFix"].Direction = ParameterDirection.Input;
cmd.Parameters["@TelefonFix"].SqlDbType = SqlDbType.Char;
cmd.Parameters["@TelefonFix"].Size = 20;

791
cmd.Parameters["@Mobil"].Direction = ParameterDirection.Input;
cmd.Parameters["@Mobil"].SqlDbType = SqlDbType.Char;
cmd.Parameters["@Mobil"].Size = 20;
cmd.Parameters["@Prezenta"].Direction = ParameterDirection.Input;
cmd.Parameters["@Prezenta"].SqlDbType = SqlDbType.Bit;
cmd.Parameters["@eroare"].Direction = ParameterDirection.Output;
cmd.Parameters["@eroare"].SqlDbType = SqlDbType.SmallInt;
//verificam daca exista un astfel de utilizator
cmd.ExecuteNonQuery();
lnEroare = int.Parse(cmd.Parameters["@eroare"].Value.ToString());
if (lnEroare == 1)
{
txtMesaje.Text = "Exista deja o persoana inregistrata cu aceasta adresa de email!";
llOk = false;
}
}
else
{
txtMesaje.Text = "Nu s-a putut aloca un nou id pentru aceasta persoana!";
}
}
catch (Exception eExecutie)
{
txtMesaje.Text = eExecutie.Message;
}
finally {
//finalizarea se termina cu inchiderea conexiunii catre server
con.Close();
}
}

}//sfarsit buton Inregistrare Click


}
}
Like you see, I manually have created the connection from web application to the database server. The data is
first verified, and only after these validations I will try to save it in the database. A very important improvement
is provided by the connection pooling mechanism which decides how many connections will be made to the
database, or if an available connection will be used for another user. I have opened two web pages, in two
different browsers, one after the other without closing them. In the image above, at a specified moment in time
there is only one, even if I closed it in my code. There is latency.

Fig. 4

792
793

You might also like