Hieronder volgt de code voor de tabel: [code=sql] CREATE TABLE TblGuestBook ( Id int IDENTITY (1, 1) PRIMARY KEY, Naam nvarchar(25) NOT NULL, Email nvarchar(50) NOT NULL, Bericht text NOT NULL, Datum nvarchar(20) NOT NULL, IP nvarchar(15) NOT NULL ) [b]Default.aspx[/b] [code=html4strict] <%@ Page Language="C#" ValidateRequest="false" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %> <%@ Register Src="~/ReactieControl.ascx" TagPrefix="asp" TagName="Reactie" %> Gastenboek v2.0

WELKOM OP HET GASTENBOEK!




[b]Default.aspx.cs[/b] [code=csharp] using System; using Guestbook; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { repeatItems.DataSource = Database.GetData("SELECT Naam, Bericht, Datum FROM TblGuestBook ORDER BY Id DESC"); repeatItems.DataBind(); } } [b]Admin.aspx[/b] [code=html4strict] <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Admin.aspx.cs" Inherits="Admin" %> Guestbook v2.0 - Admin
[b]Admin.aspx.cs[/b] [code=csharp] using System; using System.Web.UI; using System.Web.UI.WebControls; using Guestbook; public partial class Admin : Page { protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) Bind(); } protected void gridAdmin_RowEditing(object sender, GridViewEditEventArgs e) { gridAdmin.EditIndex = e.NewEditIndex; Bind(); } protected void gridAdmin_RowCancelingEdit(object sender, GridViewCancelEditEventArgs e) { gridAdmin.EditIndex = -1; Bind(); } protected void gridAdmin_RowUpdating(object sender, GridViewUpdateEventArgs e) { TextBox txtNaam = (TextBox)gridAdmin.Rows[e.RowIndex].FindControl("txtNaam"); TextBox txtEmail = (TextBox)gridAdmin.Rows[e.RowIndex].FindControl("txtEmail"); TextBox txtBericht = (TextBox)gridAdmin.Rows[e.RowIndex].FindControl("txtBericht"); TextBox txtDatum = (TextBox)gridAdmin.Rows[e.RowIndex].FindControl("txtDatum"); TextBox txtIP = (TextBox)gridAdmin.Rows[e.RowIndex].FindControl("txtIP"); String[] txtValues = new String[] { txtNaam.Text, txtEmail.Text, txtBericht.Text, txtDatum.Text, txtIP.Text }; if (Functions.IsValidInput(txtValues)) { txtValues = Functions.SecureInput(txtValues); Database.Update(Convert.ToInt32(gridAdmin.DataKeys[e.RowIndex].Values[0]), txtValues[0], txtValues[1], txtValues[2], txtValues[3], txtValues[4]); gridAdmin.EditIndex = -1; Bind(); } } protected void gridAdmin_RowDeleting(object sender, GridViewDeleteEventArgs e) { Database.Delete(Convert.ToInt32(gridAdmin.DataKeys[e.RowIndex].Values[0])); Bind(); } private void Bind() { gridAdmin.DataSource = Database.GetData("SELECT [Id], [Naam], [Email], [Bericht], [Datum], [IP] FROM TblGuestBook"); gridAdmin.DataBind(); } } [b]ReactieControl.ascx[/b] [code=html4strict] <%@ Control Language="C#" AutoEventWireup="true" CodeFile="ReactieControl.ascx.cs" Inherits="ReactieControl" %>
[b]ReactieControl.ascx.cs[/b] [code=csharp] using System; using System.Web; using System.Web.UI; using Guestbook; public partial class ReactieControl : UserControl { protected void btnSubmit_Click(object sender, EventArgs e) { String[] insertValues = new String[] { txtNaam.Text, txtMail.Text, txtMessage.Text }; insertValues = Functions.SecureInput(insertValues); Database.Insert(insertValues[0], insertValues[1], insertValues[2], DateTime.Now.ToUniversalTime().ToString(), HttpContext.Current.Request.UserHostAddress); Response.Redirect(Request.UrlReferrer.AbsoluteUri); } } [b]App_Code/Database.cs[/b] [code=csharp] using System; using System.Data; using System.Data.SqlClient; using System.Configuration; using System.Web; namespace Guestbook { public static class Database { private static SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["DatabaseConnectionString"].ConnectionString); public static DataTable GetData(String sqlString) { DataTable tempTable = new DataTable(); try { SqlDataAdapter adaptData = new SqlDataAdapter(sqlString, sqlConn); adaptData.Fill(tempTable); } catch (Exception ex) { throw new Exception(ex.Message); } return tempTable; } public static void Update(int Id, String Naam, String Email, String Bericht, String Datum, String IP) { ExecuteQuery("UPDATE TblGuestBook SET Naam = '" + Naam + "', Email = '" + Email + "', Bericht = '" + Bericht + "', Datum = '" + Datum + "', IP = '" + IP + "' WHERE Id = '" + Id + "' "); } public static void Delete(int Id) { ExecuteQuery("DELETE FROM TblGuestBook WHERE Id = '" + Id + "' "); } public static void Insert(String Naam, String Email, String Bericht, String Datum, String IP) { ExecuteQuery("INSERT INTO TblGuestBook(Naam, Email, Bericht, Datum, IP) VALUES('" + Naam + "', '" + Email + "', '" + Bericht + "', '" + Datum + "', '" + IP + "')"); } private static void ExecuteQuery(String sqlQuery) { SqlCommand sqlComm = new SqlCommand(sqlQuery, sqlConn); try { sqlConn.Open(); sqlComm.ExecuteNonQuery(); } catch (Exception ex) { throw new Exception(ex.Message); } finally { sqlConn.Close(); } } } public static class Functions { public static bool IsValidInput(String[] input) { foreach (String s in input) if (String.IsNullOrEmpty(s.Trim())) return false; return true; } public static String[] SecureInput(String[] input) { int i = 0; String[] temp = new String[input.Length]; foreach (String s in input) temp[i++] = HttpUtility.HtmlEncode(s); return temp; } } } [b]Web.config[/b] [code=html4strict]