File: Default.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="AuthorManager" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<div>
<br />
<asp:Label id="Label1" runat="server">Select Author:</asp:Label>
<asp:DropDownList id="lstAuthor" runat="server" AutoPostBack="True" onselectedindexchanged="lstAuthor_SelectedIndexChanged"></asp:DropDownList>
<asp:Button id="cmdUpdate" runat="server" Text="Update" onclick="cmdUpdate_Click"></asp:Button>
<asp:Button id="cmdDelete" runat="server" Text="Delete" onclick="cmdDelete_Click"></asp:Button>
<br />
<asp:Label id="Label11" runat="server" Width="99px" Height="19px">Or:</asp:Label>
<asp:Button id="cmdNew" runat="server" Width="91px" Height="24px" Text="Create New" onclick="cmdNew_Click"></asp:Button>
<asp:Button id="cmdInsert" runat="server" Width="85px" Height="24px" Text="Insert New" onclick="cmdInsert_Click"></asp:Button>
</div>
<br />
<div>
<asp:Label id="Label10" runat="server" Width="100px">Unique ID:</asp:Label>
<asp:TextBox id="txtID" runat="server" Width="184px"></asp:TextBox>
(required: ###-##-#### form)<br />
<asp:Label id="Label2" runat="server" Width="100px">First Name:</asp:Label>
<asp:TextBox id="txtFirstName" runat="server" Width="184px"></asp:TextBox><br />
<asp:Label id="Label3" runat="server" Width="100px">Last Name:</asp:Label>
<asp:TextBox id="txtLastName" runat="server" Width="183px"></asp:TextBox><br />
<asp:Label id="Label4" runat="server" Width="100px">Phone:</asp:Label>
<asp:TextBox id="txtPhone" runat="server" Width="183px"></asp:TextBox><br />
<asp:Label id="Label5" runat="server" Width="100px">Address:</asp:Label>
<asp:TextBox id="txtAddress" runat="server" Width="183px"></asp:TextBox><br />
<asp:Label id="Label6" runat="server" Width="100px">City:</asp:Label>
<asp:TextBox id="txtCity" runat="server" Width="184px"></asp:TextBox><br />
<asp:Label id="Label7" runat="server" Width="100px">State:</asp:Label>
<asp:TextBox id="txtState" runat="server" Width="184px"></asp:TextBox><br />
<asp:Label id="Label9" runat="server" Width="100px">Zip Code:</asp:Label>
<asp:TextBox id="txtZip" runat="server" Width="184px"></asp:TextBox>
(required: any five digits)<br />
<br />
<asp:Label id="Label8" runat="server" Width="93px" Height="19px">Contract:</asp:Label>
<asp:CheckBox id="chkContract" runat="server"></asp:CheckBox><br />
<br />
<asp:Label id="lblResults" runat="server" Width="575px" Height="121px" Font-Bold="True"></asp:Label>
</div>
</div>
</form>
</body>
</html>
File: Default.aspx.cs
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Web.Configuration;
using System.Data.SqlClient;
public partial class AuthorManager : System.Web.UI.Page
{
private string connectionString = WebConfigurationManager.ConnectionStrings["Pubs"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
FillAuthorList();
}
}
private void FillAuthorList()
{
lstAuthor.Items.Clear();
string selectSQL = "SELECT au_lname, au_fname, au_id FROM Authors";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(selectSQL, con);
SqlDataReader reader;
try
{
con.Open();
reader = cmd.ExecuteReader();
while (reader.Read())
{
ListItem newItem = new ListItem();
newItem.Text = reader["au_lname"] + ", " + reader["au_fname"];
newItem.Value = reader["au_id"].ToString();
lstAuthor.Items.Add(newItem);
}
reader.Close();
}
catch (Exception err)
{
lblResults.Text = "Error reading list of names. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
}
protected void lstAuthor_SelectedIndexChanged(object sender, EventArgs e)
{
string selectSQL;
selectSQL = "SELECT * FROM Authors ";
selectSQL += "WHERE au_id='" + lstAuthor.SelectedItem.Value + "'";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(selectSQL, con);
SqlDataReader reader;
try
{
con.Open();
reader = cmd.ExecuteReader();
reader.Read();
txtID.Text = reader["au_id"].ToString();
txtFirstName.Text = reader["au_fname"].ToString();
txtLastName.Text = reader["au_lname"].ToString();
txtPhone.Text = reader["phone"].ToString();
txtAddress.Text = reader["address"].ToString();
txtCity.Text = reader["city"].ToString();
txtState.Text = reader["state"].ToString();
txtZip.Text = reader["zip"].ToString();
chkContract.Checked = (bool)reader["contract"];
reader.Close();
lblResults.Text = "";
}
catch (Exception err)
{
lblResults.Text = "Error getting author. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
}
protected void cmdNew_Click(object sender, EventArgs e)
{
txtID.Text = "";
txtFirstName.Text = "";
txtLastName.Text = "";
txtPhone.Text = "";
txtAddress.Text = "";
txtCity.Text = "";
txtState.Text = "";
txtZip.Text = "";
chkContract.Checked = false;
lblResults.Text = "Click Insert New to add the completed record.";
}
protected void cmdInsert_Click(object sender, EventArgs e)
{
if (txtID.Text == "" || txtFirstName.Text == "" || txtLastName.Text == "")
{
lblResults.Text = "Records require an ID, first name, and last name.";
return;
}
string insertSQL;
insertSQL = "INSERT INTO Authors (";
insertSQL += "au_id, au_fname, au_lname, ";
insertSQL += "phone, address, city, state, zip, contract) ";
insertSQL += "VALUES (";
insertSQL += "@au_id, @au_fname, @au_lname, ";
insertSQL += "@phone, @address, @city, @state, @zip, @contract)";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(insertSQL, con);
cmd.Parameters.AddWithValue("@au_id", txtID.Text);
cmd.Parameters.AddWithValue("@au_fname", txtFirstName.Text);
cmd.Parameters.AddWithValue("@au_Lname", txtLastName.Text);
cmd.Parameters.AddWithValue("@phone", txtPhone.Text);
cmd.Parameters.AddWithValue("@address", txtAddress.Text);
cmd.Parameters.AddWithValue("@city", txtCity.Text);
cmd.Parameters.AddWithValue("@state", txtState.Text);
cmd.Parameters.AddWithValue("@zip", txtZip.Text);
cmd.Parameters.AddWithValue("@contract", Convert.ToInt16(chkContract.Checked));
int added = 0;
try
{
con.Open();
added = cmd.ExecuteNonQuery();
lblResults.Text = added.ToString() + " record inserted.";
}
catch (Exception err)
{
lblResults.Text = "Error inserting record. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
if (added > 0)
{
FillAuthorList();
}
}
protected void cmdUpdate_Click(object sender, EventArgs e)
{
string updateSQL;
updateSQL = "UPDATE Authors SET ";
updateSQL += "au_fname=@au_fname, au_lname=@au_lname, ";
updateSQL += "phone=@phone, address=@address, city=@city, state=@state, ";
updateSQL += "zip=@zip, contract=@contract ";
updateSQL += "WHERE au_id=@au_id_original";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(updateSQL, con);
cmd.Parameters.AddWithValue("@au_fname", txtFirstName.Text);
cmd.Parameters.AddWithValue("@au_Lname", txtLastName.Text);
cmd.Parameters.AddWithValue("@phone", txtPhone.Text);
cmd.Parameters.AddWithValue("@address", txtAddress.Text);
cmd.Parameters.AddWithValue("@city", txtCity.Text);
cmd.Parameters.AddWithValue("@state", txtState.Text);
cmd.Parameters.AddWithValue("@zip", txtZip.Text);
cmd.Parameters.AddWithValue("@contract", Convert.ToInt16(chkContract.Checked));
cmd.Parameters.AddWithValue("@au_id_original", lstAuthor.SelectedItem.Value);
int updated = 0;
try
{
con.Open();
updated = cmd.ExecuteNonQuery();
lblResults.Text = updated.ToString() + " record updated.";
}
catch (Exception err)
{
lblResults.Text = "Error updating author. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
if (updated > 0)
{
FillAuthorList();
}
}
protected void cmdDelete_Click(object sender, EventArgs e)
{
string deleteSQL;
deleteSQL = "DELETE FROM Authors ";
deleteSQL += "WHERE au_id=@au_id";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(deleteSQL, con);
cmd.Parameters.AddWithValue("@au_id ", lstAuthor.SelectedItem.Value);
int deleted = 0;
try
{
con.Open();
deleted = cmd.ExecuteNonQuery();
lblResults.Text = "Record deleted.";
}
catch (Exception err)
{
lblResults.Text = "Error deleting author. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
if (deleted > 0)
{
FillAuthorList();
}
}
}
File: Web.config
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="Pubs" connectionString="Data Source=localhost\SQLEXPRESS;Initial Catalog=Pubs;Integrated Security=SSPI"/>
</connectionStrings>
</configuration>