1

if I don't enter anything in one of the textbox , ASP.NET can't tell an empty textbox and treat it at null... So anyone please help me how to detect an empty textbox and set that to null

i know that this code is ganna work well 

If MUSIC_TITLE.Text.Trim() = "" Then

MUSIC_TITLE.Text = Nothing

End If

but i can't use be couse i have a lot of forms in my application so i need somthing or any function exist in the ASP.NET that can handel this

and thats for the insert in a requet the sql server

"insert into Reunion values(" & Convert.ToInt32(ID_Reunion.Text) & ",'" & d.ToString("MM/dd/yyyy") & "'," & Convert.ToInt32(ID_Membre.Text) & ",'" & Type_Reunion.Text & "','" & Session("Nom_GIAC") & "')"

and tnks

Improve this question
1
  • Why do you want to set it to Nothing? It would be returned as string.Empty anyway. You cannot differ between null and empty in Text properties in ASP.NET. Commented Sep 14, 2012 at 13:57

2 Answers 2

Reset to default
1

This sounds like you're trying to directly store the textbox values in your database.

Please don't do this. If you haven't already, learn about the high risk security threat of SQL Injection and parameterize your INSERTS and UPDATES.

Before setting the parameters, you can convert empty strings to Nothing if required.

Dim musicTitle as String = _
    If(String.IsNullOrWhiteSpace(MUSIC_TITLE.Text), Nothing, MUSIC_TITLE.Text)
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

i know the SQL Injection but i already have the controle validation in each controle in the forms
@Yassineedouiri That is good. And I'm sure you've also considered the possibility of someone modifying the HTTP request or even sending a fake one through fiddler or some other tool that doesn't care about client-side validation. ALWAYS validate on the server. And NEVER directly send any user input to the database. No matter what client-side validation is in place, it can always be disabled by a malicient user.
can you please send me any tutoriel that can solve the injection problem be couse i have some textbox used as a string paramétre in my database so i don't need any control validation on it .. so i'm wondring if ter is any method can handlethis mesery :'(
@Yassineedouiri have a look at stackoverflow.com/questions/4018174/…
tnks my brother for every thing
|
0

In your insert sp should be like:

create procedure Insert(@test varchar(50)=NULL)
as
    begin
        update foo set testCol=@test
    end

In c#, use below code, when calling the sp and adding the parameters:

if(txt.Text!=String.Empty)
{
    cmd.Parameters.Add("@test",SqlDBType.Varchar,20).Value=txt.Text;
}
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.