By Nannette Thacker
Here is an example of how to set a spam trap without using Captcha. In your web form, typically a Register or Log In page, simply place a hidden textarea field. Then on your form action page, check the value and if it contains any content, you can redirect them to another page or do anything you like. Since a real human won't see or have access to this form field, only the bots will fill in the field.
ASP.net VB Example
<asp:TextBox ID="ReasonCatch" runat="server"
Rows="3" Style="display: none;"
TextMode="MultiLine"></asp:TextBox>
<asp:Button ID="GoButton" runat="server" Text="Go"
TabIndex="5" OnClick="GoButton_Click" />
Retrieve
Protected Sub GoButton_Click(ByVal sender As Object, _
ByVal e As System.EventArgs)
Dim spamtrap As String = ""
spamtrap = Me.ReasonCatch.Text
If Not String.IsNullOrEmpty(spamtrap) Then
Response.Redirect("~/byefool.aspx", False)
Else
' further processing
End If
End Sub
ASP Classic Example
<textarea id="ReasonCatch" name="ReasonCatch"
rows="3" cols="4" style="display: none;"></textarea>
Retrieve
spamtrap = Request.Form("reasoncatch")
if cstr(spamtrap) <> "" then
Response.Redirect("/byefool.asp")
end if
In my actual code, I retrieve the IP address, and send an email to myself with the phrase they sent, along with the IP address, date and time, etc.
This helps to keep these spammers from mucking up your database with garbage records. So far I have caught and stopped a russian website spammer, a geocities spammer, and some really nasty porn links.
I found the original suggestion at the bottom of this page on A CAPTCHA Solution Built With Classic ASP, CSS And Javascript and it works great! I can't tell who the author is from looking at the site, but thanks!
May your dreams be in ASP.net!
Nannette Thacker
"Boy, it sure would be nice if we had some grenades, don't you think?" - Jayne Cobb, Serenity/Firefly
By Nannette Thacker
In the third installment of this tutorial, we discuss how to bind the contents of our uploaded Excel spreadsheet to our GridView. A Zip file with the complete source code, Excel Spreadsheet, and SQL Server Database is available for download.
The article series hosted on 4guysfromrolla.com continues with Importing an Excel Spreadsheet Using Typed DataSets and TableAdapters: Displaying the Uploaded Excel Spreadsheet.
Download the Application in ZIP Format
May your dreams be in ASP.NET!
Nannette Thacker
"No, I'm not police. But I do find them useful." - Cameron Phillips, Terminator: The Sarah Connor Chronicles
By Nannette Thacker
In the second installment of this tutorial, we discuss how to build the ASP.NET page for importing the Excel spreadsheet. We will create the page's user interface and add file upload capabilities. A Zip file with the complete source code, Excel Spreadsheet, and SQL Server Database is available for download.
The article series hosted on 4guysfromrolla.com continues with Importing an Excel Spreadsheet Using Typed DataSets and TableAdapters: Building the Importer Web Page and Uploading the Excel Spreadsheet.
Download the Application in ZIP Format
May your dreams be in ASP.NET!
Nannette Thacker
"It wasn't my mission." - Cameron Phillips, Terminator: The Sarah Connor Chronicles
By Nannette Thacker
In web application development, three-tier architecture refers to separating the application process into three specific layers. What the user sees via a web browser is called the presentation tier and is content served from a web server. The middle tier performs the business logic processing that occurs, for example, when a user submits a form. The back end consists of the data tier which handles the database processing and access to the data. We'll take a simplistic look at each of these.
Presentation Tier
The Presentation Tier or User Interface is the portion the user sees when they open a web page in the browser. It is as simple as you reading this article all the way to searching a catalog and purchasing a product using a shopping cart. It is what is presented to the user on the client side within their web browser.
If you were to view the source code, you would only see code such as HTML, Javascript, and Cascading Style Sheets. On some sites, you may see Java Applets and Flash. Viewing source code on a web page, you would NOT see database queries or loops or calls to classes or any behind-the-scenes processing.
In ASP.net and utilizing Visual Studio or Visual Web Developer, developers can separate the user interface from the business logic and data access layer with various tools.
ASP.net allows using MasterPages to setup the site look and feel. As well, when creating a WebForm which utilizes the MasterPage, you may create it and allow the code to be placed in a separate file, known as codebehind, thus keeping your business logic in a separate layer from the look and feel.
You may also setup the site design using Themes, Skins, and Cascading Style Sheets.
Languages used in this layer are typically HTML, DHTML, CSS and javascript.
Business Logic or Application Tier
The Business Logic, Functional Process Logic, Business Rules (all pertaining to the same thing), are kept in a separate layer. In ASP.net, this is where you define your classes and source code. This can be in the App_Code folder for your classes and methods. Web languages typically used in ASP.net are VB and C#. You would not use HTML or Javascript in this layer. In this layer you typically define your classes, functions, sub procedures, properties, etc.
Data Access Tier
In ASP.net, the Data Access layer is where you define your typed datasets and tableadapters. It is where you define your queries or stored procedures. The business tier may then make use of this functionality. In your classes, rather than defining ad hoc queries, you may use a TableAdapter to access the Data Access Layer.
An Example
As an example of how this works, let's assume you are creating a web page that allows the user to enter information which you wish to then enter into a database. You first create a dataset and tableadapter that allows insert into the table, either by a query or stored procedure. This is your data access layer.
You then create a class, which retrieves the information from the form, checks for field validations and then uses the tableadapter to send the data to the database.
You create a web form, which can use a GridView control or other controls to allow the user to input the data into the web form. In the codebehind of the web form, you handle the submit button click event, and send the data from the form to your class, which sends the information to the database using the tableadapter.
Benefits
When utilized properly, using a multi-tier architecture improves performance and scalability. If a web page needs an update or redesign, all of this may be handled by altering the CSS and HTML, without affecting the business or data logic. Any of the three tiers may be replaced or upgraded individually without affecting the other tiers. For instance, if you change the database on the back end, it wouldn't affect the presentation or business logic tiers, other than changing the database connection.
This is a simple introduction to the three-tier web architecture, but I hope it has helped you understand the layers of a multi-tier architecture.
May your dreams be in ASP.net!
Nannette Thacker
"Thank you for explaining." - Cameron Phillips, Terminator: The Sarah Connor Chronicles
Check out our new website design and let me know what you think! (Maybe, if you're going to be nice that is. ;)
http://www.shiningstar.net/
Just to be technical I guess....
The new look and feel was designed by Dylan using PhotoShop and Adobe Illustrator. I broke out the images for the web and set up the HTML, CSS, and DHTML for the master page and themes.
It's designed in ASP.NET using VB and SQL Server. It uses Master Pages and Codebehind. It uses cascading style sheets, themes and styles, custom user controls, and menu controls. It uses a custom membership provider to the SQL Server database. Anyway, that's the gist of it.
Nannette
By Nannette Thacker
This is an issue that seems to confuse a lot of new developers. How do you use the "connectionStringName" defined within the membership provider area of the web.config file within a custom membership provider? Big mouthful, eh? Okay, let's break it down.
Within the web.config file, you may define your connection strings. For our example, below I am setting up a connection string to a SQL Server database within my project's App_Data folder, but it could be a connection string to a remote database on a database server as well.
<connectionStrings>
<add name="SSSDataMDFConnectionString"
connectionString="Data Source=.\SQLEXPRESS;
AttachDbFilename=|DataDirectory|\SSSDatabase.mdf;
Integrated Security=True;User Instance=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
In the above example, I have named my connection string SSSDataMDFConnectionString. Now I want to setup my custom Membership Provider in the system.web section of my web.config:
<membership defaultProvider="SSSMembershipProvider">
<providers>
<clear/>
<add name="SSSMembershipProvider"
type="SSSMembershipProvider"
requiresQuestionAndAnswer="false"
enablePasswordRetrieval="true"
enablePasswordReset="true"
description="Custom Membership Provider"
requiresUniqueEmail="true"
applicationName="/"
passwordFormat="clear"
userIsOnlineTimeWindow="15"
connectionStringName="SSSDataMDFConnectionString"/>
</providers>
</membership>
In the above example, I have inserted the connection string name within the "connectionStringName" property. Note that if your custom membership provider is defined within a namespace, to be sure to add that to the name of the provider itself. For instance, if your namespace is "SSS" then you would add the namespace to the definition:
<membership defaultProvider="SSS.SSSMembershipProvider">
<providers>
<clear/>
<add name="SSS.SSSMembershipProvider"
type="SSS.SSSMembershipProvider"
Now let's look at a few snippets from our custom membership provider class. In the snippet below, notice I have defined the connection string variable.
Public Class SSSMembershipProvider
Inherits MembershipProvider
Public connStr As String
Typically, you may obtain the value of various configuration file settings with the use of config():
config("enablePasswordReset")
However, we need to use the ConfigurationManager.ConnectionStrings Property to obtain the configuration setting. Within the initialize function of the class I now retrieve the value of the actual connection string that is associated with the name defined in the web.config:
Public Overrides Sub Initialize(ByVal name As String, _
ByVal config As System.Collections.Specialized.NameValueCollection)
connStr = ConfigurationManager.ConnectionStrings(config("connectionStringName")).ConnectionString
The above is a very long line, and just in case it is cut off on the right, I will break it on 2 lines so you don't miss it:
connStr = ConfigurationManager.ConnectionStrings(
config("connectionStringName")).ConnectionString
Now you're all set to use this in your class functions for accessing the connection:
Using conn As New SqlConnection(connStr)
conn.Open()
May your dreams be in ASP.NET!
Nannette Thacker
"Almost there. Almost there. Almost there. There." - River Tam (Firefly/Serenity)
By Nannette Thacker
In this tutorial, learn how to import data from an Excel Spreadsheet to a Database by creating a tiered application architecture using Visual Studio's Typed DataSets and TableAdapters. The application consists of an ASP.NET page that enables a user to upload an Excel spreadsheet, view the data in the spreadsheet, and import the data from the spreadsheet into the application's database. A Zip file with the complete source code, Excel Spreadsheet, and SQL Server Database is available for download.
The article series hosted on 4guysfromrolla.com begins with Importing an Excel Spreadsheet Using Typed DataSets and TableAdapters: Building the Database.
Download the Application in ZIP Format
May your dreams be in ASP.NET!
Nannette Thacker
"It's getting very, very crowded!" - River Tam (Firefly/Serenity)
By Nannette Thacker
In ASP.NET, you may define multiple themes to be used within your web applications. In this example, let's say you have a theme based around the color purple, and another theme based around the color blue. When using your purple theme, you have a special image, let's say a logo, that is designed with purple colors. But when using the blue theme, you want your logo to change to one that uses blue colors. This tutorial will show you how to setup your code within your master page so that you will pull this logo image from your cascading style sheet, rather than hard coding it within your master page or web form.
Normally, when defining a hyperlinked image, one would simply type an anchor tag and an image tag like so:
<a href="http://weblogs.asp.net/default.asp" mce_href="http://weblogs.asp.net/default.asp"><img src="http://weblogs.asp.net/Images/Logo.jpg" mce_src="http://weblogs.asp.net/Images/Logo.jpg" /></a>
But if your path to your image is hardcoded within your web form, you've now limited your ability to change your image based on your theme.
See the ASP.NET Themes and Skins Overview for details on themes and skins. Although how to implement a theme and master page is beyond the scope of this example, I will briefly explain the concept. Within your ASP.NET project within Solution Explorer, you would right click and select to add a Theme folder. Upon selection, an App_Themes folder is created and within that folder, another Theme folder is created. You may name it anything you want, preferably something that describes your new theme. Within your theme folder, you may add several types of files, the primary one being your cascading style sheet file. Each theme folder you create should have its own .css style sheet.
Also note that when using a theme, the default theme to use is defined within the web.config file. The style sheet is not included in the top of the web form or in the master page. Here is an example of defining the theme to be used within the web.config file in the system.web area.
<pages styleSheetTheme="Purple">
</pages>
For our example, the style sheet will simply define a style for our Logo:
.Logo
{
display: block;
width: 317px;
height: 72px;
background: url(Logo.jpg);
background-repeat: no-repeat;
}
In the above style, notice that we define the display as block. Without this, our image will not display. We also define the width, height, and path to the logo. Be sure to include the path to your image, if the image is not in the same directory as the style sheet. With themes, if your image is within your theme directory or within a subdirectory within your theme directory, the path to the image is relative to the theme directory.
For instance, if you have an "image" subdirectory within your theme directory, the path would be:
background-image: url(Images/Logo.jpg);
It would NOT be ../App_Themes/Purple/Images/Logo.jpg.
In our Logo example, notice we also set the style to not repeat the background by using background-repeat: no-repeat;. Other options are that you may repeat the image vertically or horizontally or both, but we only want to display it once, so we indicate no-repeat.
Now we are ready to call the "Logo" class within our web form page, in our case our master page.
<a href="<%= ResolveClientUrl("~/default.aspx")%>" class="Logo"></a>
In our above example, we are defining a hyperlink that has nothing implemented between the opening and closing anchor tags. But it does have a class defined within the opening anchor tag as class="Logo". This goes to our style sheet and picks up the .Logo style, adding our image in this position on the page.
If you are new to ASP.NET, you may not understand the purpose of our ResolveClientUrl("~/default.aspx") code. Simply put, the ResolveClientUrl Method allows you to define a URL that will be recognized within your browser and "the URL returned by this method is relative to the folder containing the source file in which the control is instantiated." For instance, if you define a regular hyperlink or image URL within a webform, you may have no issues, but if you define one within your master page and this master page is used by web forms throughout your site within several different sub directories, use of ResolveClientUrl allows the path to be resolved from the master page and thus found every time. This is true if used within a control as well.
Also, if you are building your application locally on an intranet, ASP.NET adds your project name to the path as well, such as in my case http://localhost:1120/ShiningstarVB/. If I don't use ResolveClientURL for HTML hyperlinks and images, my path can really be messed up when testing locally. So it is good practice to use ResolveClientURL throughout your application, rather than hard-coding paths. Be aware that using the ASP.NET Hyperlink control will use resolved urls, so you don't need to use it within those.
For understanding the use of the (~) tilde, I would suggest you also read VirtualPathUtility Class, where it explains: "An absolute virtual path starts with the literal slash mark (/). A relative virtual path is relative to the application root directory, if it is just a tilde (~) or starts with the tilde and a double backslash (~\\) or the tilde and a slash mark (~/). Making a virtual path relative makes the path independent of the application." With stylesheets, you may also use Skins to define your images, but this is beyond the scope of this example.
In our example, we could have also had our hyperlink go to our default page with this code:
<a href="<%= ResolveClientUrl("~/")%>" class="Logo"></a>
The above code takes us to our root directory, where our application knows to use the default page within that directory.
May your dreams be in ASP.NET!
Nannette Thacker
"They say the snow on the roof was too heavy. They say the ceiling will cave in. His brains are in terrible danger." - River Tam (Firefly/Serenity)
By Nannette Thacker
If you're new to ASP.NET, let me offer you a word of caution in regard to using the onclick event within your controls and the Handles key word within your procedure declarations. To demonstrate this, let's create a web form and add these two controls:
<asp:Button ID="Button1" runat="server" Text="Button"/><br />
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label>
Double-click the button in your Design view, and you will be taken to the codebehind where you may see that a new Button1_Click Sub has been created for you. Notice the Handles Button1.Click key word has automatically been added to the end of the procedure declaration to handle the Button Click event.
Protected Sub Button1_Click(ByVal sender As Object, _
ByVal e As System.EventArgs) Handles Button1.Click
End Sub
If you utilize the code as generated, you are safe. However, what if you are copying and pasting from someone else's snippets? You may see onclick="Button1_Click" added to the button:
<asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click"/><br />
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label>
Beware of this common mistake. You must choose either the onclick within the button or the Handles keyword within the procedure declaration. Let's look at what happens if you have both in your code. To test this, I altered my Label1 to add the value of Label1 and the string " test 1 : " and display it to the screen.
Protected Sub Button1_Click(ByVal sender As Object, _
ByVal e As System.EventArgs) Handles Button1.Click
Label1.Text = Label1.Text & " test 1 : "
End Sub
When testing in Internet Explorer 7.0, each time I hit the page, IE would close the browser and ask to send an error report. When I ran the code in FireFox, my label displayed this result:
Label test 1 : test 1 :
In other words, the code is hit twice, which may not only double your processing, but return unexpected results. So simply be aware of this possibility and avoid using onclick with Handles.
May your dreams be in ASP.net!
Nannette Thacker
"That's wrong. ...No, the book is wrong. This whole conclusion is fallacious." - River Tam, Firefly/Serenity
Technorati Profile
By Nannette Thacker
Step-by-step instructions for creating a database connection to a remote SQL Server Database, using Visual Web Developer.
- Go to the View menu item and select Database Explorer.
- Depending on how you have your Visual Web Developer interface setup, go to the Solution Explorer, and at the bottom you will see a tab for Database Explorer. Click that.
- You will see the "Data Connections" available in the Database Explorer. We currently have none displaying.
- Right click in the Database Explorer area and select "Add Connection..."
- This will bring up the Add Connection dialog box. Select the "Change" button.
- In our example, we are connecting to a SQL Server database, so select the "Microsoft SQL Server" Data source option as well as the ".NET Framework Data Provider for SQL Server" Data provider.
- Select "OK" to return to the "Add Connection" dialog. Put in the IP address or server name for your database. In our case, we use Windows Authentication, but you may optionally input a User Name and Password and select "Use SQL Server Authentication." Use the drop down list to "Connect to a database" and "Select or enter a database name:" Select "Test Connection" to make sure you have it setup properly. Then "OK."
- Now you may use the Database Explorer tab to view your tables and data.
Although you may create and alter a SQL Server .mdf database within your project, Visual Web Developer doesn't support opening a table definition or adding a new table from your SQL Server 2000 database. But it does allow "Show Table Data." It allows you to see the names of your stored procedures, but not to edit or view their content, just the properties. It is very limited, but you may wish to have it just for those purposes.
If you don't yet have the new Visual Studio, but do have Visual Interdev, perhaps for use with your ASP Classic development sites, you may utilize VI to manipulate your SQL Server databases remotely.
May your dreams be in ASP.net!
Nannette Thacker
"The human body can be drained of blood in 8.6 seconds given adequate vacuuming systems." - River Tam, Firefly/Serenity
Any Firefly fans?
More Posts
Next page »