locked
MS Access Forum RRS feed

  • Question

  • User-507673006 posted

    Hi, i'm currently developing a very simple forum that i can hopefuly turn into a good looking, professional forum.

    Anyway, i have made a way of showing the forum data on the forum page and i have configured that but i need someone to help me make the 'Create Forum' code. If the way i've coded is not the best way to do it in your opinion - please let me know your suggestions.

     

    Here's my default.aspx code:

     

    <%@ Page language="c#" Codebehind="default.aspx.cs" AutoEventWireup="false" Inherits="Stardeveloper.UploadAccess.DefaultForm" %>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > 
    
    <html>
    <head>
    	<style type="text/css">
    	body { margin: 0px 0px 0px 0px; padding: 10px 10px 10px 10px; }
    	body, input, td, select { font: 11pt Verdana; }
    	a { color: #5A7193; }
    	.stdInput { width: 500px; }
    	.smInput { width: 250px; }
    	.dimColor { color: Gray; }
    	</style>
    </head>
    <body>
    
    <table align="center" width="100%" border="1" bordercolor="silver" cellpadding="2" cellspacing="2">
    	<tr>
    		<td align="right">
    		Main Forum · <a href="NewForum.aspx">New Forum</a>
    		  
    		</td>
    	</tr>
    </table><br>
    
    <table align="center" width="100%" border="1" bordercolor="silver" cellpadding="2" cellspacing="2">
    	<tr>
    		<td bgcolor="#CCDDEE" align="center">MS Access Forum</td>
    	</tr>
    	<tr>
    		<td bgcolor="#F7F7F7" align="center">All Forums</td>
    	</tr>
    	<tr>
    		<td>
    		<div id="allFiles" runat="server" />
    		</td>
    	</tr>
    </table>
    	
    </body>
    </html>
    

     

    default.aspx.cs:

    using System;
    using System.Collections;
    using System.ComponentModel;
    using System.Data;
    using System.Drawing;
    using System.Web;
    using System.Web.SessionState;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Web.UI.HtmlControls;
    using System.Text;
    using System.Data.OleDb;
    
    namespace Stardeveloper.UploadAccess
    {
    	public class DefaultForm : GenericPage
    	{
    		protected const string CmdText = "SELECT ForumId, ForumTitle, ForumDescription FROM Forum";
    
    		protected HtmlGenericControl allFiles;
    
    		private void Page_Load(object sender, System.EventArgs e)
    		{
    			allFiles.InnerHtml = GetFilesFromAccessDb();
    		}
    
    		private string GetFilesFromAccessDb()
    		{
    			StringBuilder buffer = new StringBuilder(1024);
    
    			buffer.Append("&lt;table align=\"center\" width=\"95%\" border=\"0\" cellspacing=\"2\" cellpadding=\"2\"&gt;");
    			buffer.Append("&lt;tr><td width=\"40%\"&gt;<span class=\"dimColor\"&gt;Forum Title</span></td>");
    			buffer.Append("&lt;td width=\"20%\" align=\"center\"&gt;<span class=\"dimColor\"&gt;Last Post</span></td>");
    			buffer.Append("&lt;td width=\"40%\" align=\"center\"&gt;<span class=\"dimColor\"&gt;Content Type</span></td></tr>");
    			
    			using(OleDbConnection con = new OleDbConnection(ConnectionString))
    			using(OleDbCommand cmd = new OleDbCommand(CmdText, con))
    			{
    				con.Open();
    				OleDbDataReader rd = cmd.ExecuteReader(CommandBehavior.SingleResult | CommandBehavior.CloseConnection);
    
    				while(rd.Read())
    				{
    					int ForumId;
    					string ForumTitle;
    					string ForumDescription;
    
    					ForumId = rd.GetInt32(0);
    					ForumTitle = rd.GetString(1);
    					ForumDescription = rd.GetString(2);
    
    					buffer.Append("&lt;tr><td><a href=\"Forum.aspx?forum_id=");
    					buffer.Append(ForumId);
    					buffer.Append("&mode=view\"&gt;");
    					buffer.Append(ForumTitle);
    					buffer.Append("&lt;/a>");
                        buffer.Append("&lt;/td></tr>");
                        buffer.Append("&lt;tr><td>");
                        buffer.Append(ForumDescription);
    
    
    				}
    
    				rd.Close();
    				buffer.Append("&lt;/table>");
    			}
    
    			return buffer.ToString();
    		}
    
    		#region Web Form Designer generated code
    		override protected void OnInit(EventArgs e)
    		{
    			//
    			// CODEGEN: This call is required by the ASP.NET Web Form Designer.
    			//
    			InitializeComponent();
    			base.OnInit(e);
    		}
    		
    		/// <summary>
    		/// Required method for Designer support - do not modify
    		/// the contents of this method with the code editor.
    		/// </summary>
    		private void InitializeComponent()
    		{    
    			this.Load += new System.EventHandler(this.Page_Load);
    		}
    		#endregion
    	}
    }
    

     

    newForum.aspx:

    <%@ Page language="c#" Codebehind="default.aspx.cs" AutoEventWireup="false" Inherits="Stardeveloper.UploadAccess.DefaultForm" %>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
    
    <html>
    <head>
    	<style>
    	body { margin: 0px 0px 0px 0px; padding: 10px 10px 10px 10px; }
    	body, input, td, select { font: 11pt Verdana; }
    	a { color: #5A7193; }
    	.stdInput { width: 500px; }
    	.smInput { width: 250px; }
    	.dimColor { color: Gray; }
    	</style>
    </head>
    <body>
    
        <form id="form1" runat="server">
    
    <table align="center" width="100%" border="1" bordercolor="silver" cellpadding="2" cellspacing="2">
    	<tr>
    		<td align="right">
    		<a href="default.aspx">Main Forum</a> · New Forum
    		  
    		</td>
    	</tr>
    </table>
    <br />
    <table align="center" width="100%" border="1" bordercolor="silver" cellpadding="2" cellspacing="2">
    	<tr>
    		<td bgcolor="#F7F7F7" align="center">Status Message:</td>
    	</tr>
    	<tr>
    		<td>
    		<div id="message" runat="server" />
    		</td>
    	</tr>
    </table>
    
        <br>
    
    <table align="center" width="100%" border="1" bordercolor="silver" cellpadding="2" cellspacing="2">
    	<tr>
    		<td bgcolor="#CCDDEE" align="center">MS Access Forum</td>
    	</tr>
    	<tr>
    		<td bgcolor="#F7F7F7" align="center">New Forum</td>
    	</tr>
    	<tr>
    		<td>
    		<div id="NewForum" runat="server" />
    		<table>
    		<tr>
    		<td>
    		Forum Title:
    		</td>
    		<td>
                <asp:TextBox ID="ForumTitle" runat="server"></asp:TextBox>
    		</td>
    		</tr>
    		<tr>
    		<td>
    		Forum Description:
    		</td>
    		<td>
                <asp:TextBox ID="ForumDescription" runat="server"></asp:TextBox>
    		</td>
    		</tr>
    		<tr>
    		<td>
                <asp:Button ID="Button1" runat="server" Text="Submit Data" />
    		</td>
    		</tr>
    		</table>
    		</td>
    	</tr>
    </table>
    	
        </form>
    	
    </body>
    </html>
    

     

    i just need help on the c# file for the newForum.aspx page.

    Thursday, January 15, 2009 12:39 PM

Answers

  • User-507673006 posted

    It's ok, i've sorted it now. I just made a page in vb and used the following code that dosn't connect to my class 'GenericPage': (don't ask me why i used vb - jsut found it a little easier for this [:)])

     

    Imports System.Data
    Imports System.Data.OleDb
    
    
    Partial Class NewForum2
        Inherits System.Web.UI.Page
    
        Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
            Dim strConn As String = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" _
                                    & Server.MapPath("ASPNetDB.mdb") & ";"
            Dim MySQL As String = "INSERT INTO Forum " & _
               "(ForumTitle, ForumDescription) VALUES " & _
               "('" & ForumTitle.Text & "','" & ForumDescription.Text & "')"
            Dim MyConn As New OleDBConnection(strConn)
            Dim cmd As New OleDBCommand(MySQL, MyConn)
            MyConn.Open()
            cmd.ExecuteNonQuery()
            MyConn.Close()
            Response.Redirect("default.aspx")
    
        End Sub
    End Class
    
     

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, January 15, 2009 3:19 PM

All replies

  • User-507673006 posted

    sorry for double post [:O]

    Thursday, January 15, 2009 12:58 PM
  • User-507673006 posted

    It's ok, i've sorted it now. I just made a page in vb and used the following code that dosn't connect to my class 'GenericPage': (don't ask me why i used vb - jsut found it a little easier for this [:)])

     

    Imports System.Data
    Imports System.Data.OleDb
    
    
    Partial Class NewForum2
        Inherits System.Web.UI.Page
    
        Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
            Dim strConn As String = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" _
                                    & Server.MapPath("ASPNetDB.mdb") & ";"
            Dim MySQL As String = "INSERT INTO Forum " & _
               "(ForumTitle, ForumDescription) VALUES " & _
               "('" & ForumTitle.Text & "','" & ForumDescription.Text & "')"
            Dim MyConn As New OleDBConnection(strConn)
            Dim cmd As New OleDBCommand(MySQL, MyConn)
            MyConn.Open()
            cmd.ExecuteNonQuery()
            MyConn.Close()
            Response.Redirect("default.aspx")
    
        End Sub
    End Class
    
     

     

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, January 15, 2009 3:19 PM
  • User-1199946673 posted

    Good that it works now, but it doesn't mean you are on the right track! Your code is vulnarable to SQL injections, so I would suggest to use parameter queries

    Friday, January 16, 2009 10:15 AM
  • User-507673006 posted

    thanks... i'll look into it. But for now i'm just making a simple working forum app that i can develop and work on to make secure and easy to use.

    Friday, January 16, 2009 3:32 PM