ptg 414 CHAPTER 9 Using the SqlDataSource Control Text=’<%# Bind(“Comments”) %>’ TextMode=”MultiLine” Columns=”60” Rows=”4” Runat=”server” /> <br /><br /> <asp:Button id=”btnSubmit” Text=”Submit” CommandName=”Insert” Runat=”server” /> </InsertItemTemplate> </asp:FormView> <hr /> <asp:GridView id=”grdGuestBook” DataSourceID=”srcGuestBook” Runat=”server” /> <asp:SqlDataSource id=”srcGuestBook” SelectCommand=”SELECT * FROM GuestBook ORDER BY Id DESC” InsertCommand=”INSERT GuestBook (IPAddress,Name,Comments) VALUES (@IPAddress,@Name, ConnectionString=”<%$ ConnectionStrings:GuestBook %>” Runat=”server”> <InsertParameters> <asp:ControlParameter Name=”IPAddress” ControlID=”__page” PropertyName=”IPAddress” /> </InsertParameters> </asp:SqlDataSource> </div> </form> </body> </html> The ControlID property is set to the value __page. This value is the automatically gener- ated ID for the Page class. The PropertyName property has the value IPAddress. This prop- erty is defined in the page. From the Library of Wow! eBook ptg 415 Using ASP.NET Parameters with the SqlDataSource Control 9 Using the ASP.NET CookieParameter Object The CookieParameter object represents a browser-side cookie. The CookieParameter includes all the properties of the base Parameter class and the following additional property: . CookieName—The name of the browser cookie. The page in Listing 9.19 illustrates how you can use the CookieParameter object. The page contains a voting form that you can use to vote for your favorite color. A cookie is added to the user’s browser to identify the user and prevent someone from cheating by voting more than once (see Figure 9.12). FIGURE 9.12 Vote on your favorite color. LISTING 9.19 Vote.aspx <%@ Page Language=”C#” %> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN” “http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”> <script runat=”server”> void Page_Load() { if (Request.Cookies[“VoterId”] == null) { string identifier = Guid.NewGuid().ToString(); From the Library of Wow! eBook ptg 416 CHAPTER 9 Using the SqlDataSource Control HttpCookie voteCookie = new HttpCookie(“VoterId”, identifier); voteCookie.Expires = DateTime.MaxValue; Response.AppendCookie(voteCookie); } } </script> <html xmlns=”http://www.w3.org/1999/xhtml” > <head id=”Head1” runat=”server”> <title>Vote</title> </head> <body> <form id=”form1” runat=”server”> <div> <asp:FormView id=”frmVote” DataSourceID=”srcVote” DefaultMode=”Insert” Runat=”server”> <InsertItemTemplate> <asp:Label id=”lblFavoriteColor” AssociatedControlID=”rdlFavoriteColor” Runat=”server” /> <asp:RadioButtonList id=”rdlFavoriteColor” SelectedValue=’<%#Bind(“Color”)%>’ Runat=”server”> <asp:ListItem Value=”Red” Text=”Red” Selected=”True” /> <asp:ListItem Value=”Blue” Text=”Blue” /> <asp:ListItem Value=”Green” Text=”Green” /> </asp:RadioButtonList> <br /> <asp:Button id=”btnSubmit” Text=”Submit” CommandName=”Insert” Runat=”server” /> </InsertItemTemplate> </asp:FormView> From the Library of Wow! eBook ptg 417 Using ASP.NET Parameters with the SqlDataSource Control 9 <hr /> <asp:GridView id=”grdVote” DataSourceID=”srcVote” Runat=”server” /> <asp:SqlDataSource id=”srcVote” SelectCommand=”SELECT * FROM Vote ORDER BY Id DESC” InsertCommand=”INSERT Vote (VoterId,Color) VALUES (@VoterId,@Color)” ConnectionString=”<%$ ConnectionStrings:Vote %>” Runat=”server”> <InsertParameters> <asp:CookieParameter Name=”VoterId” CookieName=”VoterId” /> </InsertParameters> </asp:SqlDataSource> </div> </form> </body> </html> The cookie is added in the Page_Load() method. A unique identifier (GUID) is generated to identify the user uniquely. Using the ASP.NET FormParameter Object The FormParameter object represents a form field submitted to the server. Typically, you never work directly with browser form fields because their functionality is encapsulated in the ASP.NET form controls. The page in Listing 9.20 contains a client-side HTML form that enables you to enter a movie title and director. When the form is submitted to the server, the values of the form fields are saved to the Movies database table (see Figure 9.13). From the Library of Wow! eBook ptg 418 CHAPTER 9 Using the SqlDataSource Control LISTING 9.20 ShowFormParameter.aspx <%@ Page Language=”C#” %> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN” “http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”> <script runat=”server”> void Page_Load() { if (Request.Form[“AddMovie”] != null) srcMovies.Insert(); } </script> <html xmlns=”http://www.w3.org/1999/xhtml” > <head id=”Head1” runat=”server”> <title>Show FormParameter</title> </head> <body> <form action=”ShowFormParameter.aspx” method=”post”> <label for=”txtTitle”>Movie Title:</label> <br /> FIGURE 9.13 Using a client-side HTML form. From the Library of Wow! eBook ptg 419 Using ASP.NET Parameters with the SqlDataSource Control 9 <input name=”txtTitle” /> <br /><br /> <label for=”txtDirector”>Movie Director:</label> <br /> <input name=”txtDirector” /> <br /><br /> <input name=”AddMovie” type=”submit” value=”Add Movie” /> </form> <form id=”form1” runat=”server”> <div> <asp:GridView id=”grdMovies” DataSourceID=”srcMovies” Runat=”server” /> <asp:SqlDataSource id=”srcMovies” SelectCommand=”SELECT * FROM Movies” InsertCommand=”INSERT Movies (Title,Director,CategoryId,DateReleased) VALUES (@Title,@Director,0,’12/25/1966’)” ConnectionString=”<%$ ConnectionStrings:Movies %>” Runat=”server”> <InsertParameters> <asp:FormParameter Name=”Title” FormField=”txtTitle” DefaultValue=”Untitled” /> <asp:FormParameter Name=”Director” FormField=”txtDirector” DefaultValue=”Allen Smithee” /> </InsertParameters> </asp:SqlDataSource> </div> </form> </body> </html> You check whether a form field named AddMovie exists in the Page_Load() method. This is the name of the submit button. If this field exists, you know that the client-side form was submitted and the SqlDataSource control’s Insert() method can be called to add the form fields to the database. From the Library of Wow! eBook ptg 420 CHAPTER 9 Using the SqlDataSource Control Using the ASP.NET ProfileParameter Object The ProfileParameter object enables you to represent any of the properties of the Profile object. The ProfileParameter includes all the properties of the Parameter class and the following property: . PropertyName—Indicates the namex of the Profile property associated with this ProfileParameter. For example, imagine that you build a Guest Book application and you want to allow users to enter their display names when adding entries to a guest book. You can add a DisplayName property to the Profile object with the web configuration file in Listing 9.21. LISTING 9.21 Web.config <?xml version=”1.0”?> <configuration> <connectionStrings> <add name=”GuestBook” connectionString=”Data Source=.\SQLEXPRESS; AttachDbFilename=|DataDirectory|GuestBookDB.mdf; Integrated Security=True;User Instance=True” /> </connectionStrings> <system.web> <profile enabled=”true”> <properties> <add name=”DisplayName” defaultValue=”Anonymous” /> </properties> </profile> </system.web> </configuration> NOTE The Profile object automatically stores user-specific information across visits to a website. The Profile object is discussed in detail in Chapter 28, “Maintaining Application State.” The web configuration file in Listing 9.21 includes the definition of a Profile property named DisplayName. The default value of this property is Anonymous. The page in Listing 9.22 uses the ProfileParameter object to read the value of the DisplayName property automatically when new entries are added to a Guest Book. From the Library of Wow! eBook ptg 421 Using ASP.NET Parameters with the SqlDataSource Control 9 LISTING 9.22 ShowProfileParameter.aspx <%@ Page Language=”C#” %> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN” “http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”> <html xmlns=”http://www.w3.org/1999/xhtml” > <head id=”Head1” runat=”server”> <title>Show ProfileParameter</title> </head> <body> <form id=”form1” runat=”server”> <div> <asp:FormView id=”frmGuestBook” DataSourceID=”srcGuestBook” DefaultMode=”Insert” Runat=”server”> <InsertItemTemplate> <asp:Label id=”lblComments” Text=”Enter Your Comments:” Runat=”server” /> <br /> <asp:TextBox id=”txtComments” Text=’<%# Bind(“Comments”) %>’ TextMode=”MultiLine” Columns=”50” Rows=”4” Runat=”server” /> <br /> <asp:Button id=”btnInsert” Text=”Add Comments” CommandName=”Insert” Runat=”server” /> </InsertItemTemplate> </asp:FormView> <hr /> <asp:GridView id=”grdGuestBook” DataSourceID=”srcGuestBook” Runat=”server” /> From the Library of Wow! eBook ptg 422 CHAPTER 9 Using the SqlDataSource Control <asp:SqlDataSource id=”srcGuestBook” SelectCommand=”SELECT Name,Comments,EntryDate FROM GuestBook ORDER BY Id DESC” InsertCommand=”INSERT GuestBook (Name,Comments) VALUES (@Name,@Comments)” ConnectionString=”<%$ ConnectionStrings:GuestBook %>” Runat=”server”> <InsertParameters> <asp:ProfileParameter Name=”Name” PropertyName=”DisplayName” /> </InsertParameters> </asp:SqlDataSource> </div> </form> </body> </html> The SqlDataSource control in Listing 9.22 includes a ProfileParameter object. This object represents the DisplayName profile property. Using the QueryStringParameter Object The QueryStringParameter object can represent any query string passed to a page. The QueryStringParameter class includes all the properties of the base Parameter class with the addition of the following property: . QueryStringField—The name of the query string that the QueryStringParameter represents. This type of parameter is particularly useful when you build Master/Detail pages. For example, the page in Listing 9.23 displays a list of movie titles. Each movie title links to a page that contains detailed information for the movie. LISTING 9.23 ShowQueryStringParameterMaster.aspx <%@ Page Language=”C#” %> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN” “http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”> <html xmlns=”http://www.w3.org/1999/xhtml” > <head id=”Head1” runat=”server”> <title>Show QueryStringParameter Master</title> </head> <body> <form id=”form1” runat=”server”> <div> From the Library of Wow! eBook ptg 423 Using ASP.NET Parameters with the SqlDataSource Control 9 <asp:GridView id=”grdMovies” DataSourceId=”srcMovies” AutoGenerateColumns=”false” ShowHeader=”false” Runat=”server”> <Columns> <asp:HyperLinkField DataTextField=”Title” DataNavigateUrlFields=”Id” DataNavigateUrlFormatString= ➥ “ShowQueryStringParameterDetails.aspx?id={0}” /> </Columns> </asp:GridView> <asp:SqlDataSource id=”srcMovies” SelectCommand=”SELECT * FROM Movies” ConnectionString=”<%$ ConnectionStrings:Movies %>” Runat=”server” /> </div> </form> </body> </html> The ID of the movie is passed to the ShowQueryStringParameterDetails.aspx page. The movie ID is passed in a query string field named id. The page in Listing 9.24 displays detailed information for a particular movie. LISTING 9.24 ShowQueryStringParameterDetails.aspx <%@ Page Language=”C#” %> <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN” “http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”> <html xmlns=”http://www.w3.org/1999/xhtml” > <head id=”Head1” runat=”server”> <title>Show QueryStringParameter Details</title> </head> <body> <form id=”form1” runat=”server”> <div> From the Library of Wow! eBook . the ASP. NET ProfileParameter Object The ProfileParameter object enables you to represent any of the properties of the Profile object. The ProfileParameter includes all the properties of the Parameter. eBook ptg 41 5 Using ASP. NET Parameters with the SqlDataSource Control 9 Using the ASP. NET CookieParameter Object The CookieParameter object represents a browser-side cookie. The CookieParameter. of Wow! eBook ptg 42 1 Using ASP. NET Parameters with the SqlDataSource Control 9 LISTING 9.22 ShowProfileParameter.aspx <%@ Page Language=”C#” %> <!DOCTYPE html PUBLIC -/ /W3C//DTD XHTML