c# - asp.net mvc / Sql double register -


i made new mvc project , made insert function db. problem when enter model db records twice. tried debugging, unfortunately couldn't find mistake. there miss in code below?

 public class dbcode     {         protected sqlconnection conn;          public bool open(string connection = "mydb")         {             conn = new sqlconnection(@webconfigurationmanager.connectionstrings[connection].tostring());             try             {                 var b = true;                 if (conn.state.tostring() != "open")                 {                     conn.open();                 }                 return b;             }             catch (sqlexception ex)             {                 return false;             }         }          public bool close()         {             try             {                 conn.close();                 return true;             }             catch (exception ex)             {                 return false;             }         }          public int toint(object s)         {             try             {                 return int32.parse(s.tostring());             }             catch (exception)             {                 return 0;             }          }          public int datainsert(string sql)         {             int lastid = 0;             string query = sql + ";select @@identity;";             try             {                 if (conn.state.tostring() == "open")                 {                     sqlcommand cmd = new sqlcommand(query, conn);                     cmd.executenonquery();                     lastid = this.toint(cmd.executescalar());                 }                 return this.toint(lastid);             }             catch             {                 return 0;             }         }     }    public class studentmodel     {         [required]         [stringlength(5)]         public string productname { get; set; }          [required]         [stringlength(5)]         public string quantity { get; set; }          [required]         [stringlength(5)]         public string price { get; set; }     }

controller

 public class studentcontroller : controller     {         protected dbcode db = new dbcode();         public actionresult index()         {             return view();         }         [httppost]         [validateantiforgerytoken]         public actionresult savedatastudent(studentmodel student)         {             if (modelstate.isvalid)             {                 db.open();                 int = db.datainsert("insert tblproducts(productname,quantity,price) values('" + student.productname + "','" + student.quantity + "','" + student.price + "')");                 if (i > 0)                 {                     modelstate.addmodelerror("success", "save success");                 }                 else                 {                     modelstate.addmodelerror("error", "save error");                 }                 db.close();             }             return redirecttoaction("index", "student");         }     }

student view

@model mvc5.models.studentmodel  @{     viewbag.title = "index"; }   @using (html.beginform("savedatastudent", "student", new { @id = "form" }, formmethod.post)) {     @html.validationsummary();     @html.antiforgerytoken();     @html.labelfor(m => m.productname);     @html.textboxfor(m => m.productname);<br/>      @html.labelfor(m => m.quantity);     @html.textboxfor(m => m.quantity);<br />      @html.labelfor(m => m.price);     @html.textboxfor(m => m.price);<br />      <input type="submit" value="save" name="save" /> }

connection string in webconfig added

the problem lays in these lines:

cmd.executenonquery(); lastid = this.toint(cmd.executescalar());

you execute same command twice 2 records inserted database.

in order read last identity value define stored procedure insert data table , return last identity value. approach described here.

by way, there serious problems code. define sql command concatenating strings. of these strings come user side. means code vulnerable sql injection attack. instead should use parameters (see this or this).

i suggest not use magic constants in line conn.state.tostring() == "open" better approach use enumeration member: conn.state == connectionstate.open.


Comments

Post a Comment

Popular posts from this blog

javascript - jQuery: Add class depending on URL in the best way -

i have html progress meter: <div class="col-md-3" style="margin-left: -20px;"> <div class="progress-pos active" id="progess-1"> <div class="progress-pos-inner"> login </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-2"> <div class="progress-pos-inner"> scan items </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-3"> <div class="progress-pos-inner"> confirm address </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-4"> <div class="progress-pos-in
Read more

caching - How to check if a url path exists in the service worker cache -

i need check if particular url path exists in service worker cache. example, suppose url is: /myserviceworker/service?a=110&b=70 this url exists in cache, there many of them different values of , b. now, suppose want refresh of these urls, how can that? i want know how access key values service worker cache. if know key, plan follows: var url = new url(key); if(url.pathname === "\/myserviceworker/service") refetch key but not sure how cache key , in format is. mean, string or url? cache api has match() method returns promise resolving in response object if match or undefined if no match exists. second parameter object can specify ignoresearch not take account url parameters. the ignoresearch option supported firefox ( chrome status here ). in other hand, retrieve cache entries, can use keys() method.
Read more

Redirect to a HTTPS version using .htaccess -

i need modify .htaccess file redirect urls https version without "www". http://example.com --> https://example.com http://www.example.com --> https://example.com https://www.example.com --> https://example.com this how .htaccess file looks like: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ redirect.php?id=$1&page=$2 [qsa,l] what modifications need make .htaccess in order forward https without "www"? it depends on doing current code. looks file called redirect trying display php page seo friendly url. think might confusing people. anyway, need , force https without www, need 1 more rule above. also second rule needs two capture groups in rewriterule test string because wanting 2 different values using $1 , $2 references. rewriteengine on #rediect www non www and/or http https --- combinations. rewritecond %{http_host} !^example\.com [nc,or] rewritecond %{https} !^
Read more