ASP.NET RSS ASP.NET RSS

ASP.NET wizard control

Please support our ASP.NET advertiser: Intel Parallel Studio Home
Reply
1 2

Join Date: Jun 2003
Posts: 313
Reputation: red_evolve is on a distinguished road 
Solved Threads: 0
red_evolve's Avatar
red_evolve red_evolve is offline Offline
Posting Whiz

Re: ASP.NET wizard control

 
0
  #11
Jan 19th, 2006
Thanks a lot f1fan for the thorough explanation~!
I must say that I learned a lot from that reply lol.
Now I know what sql injection means - thanks a lot.
"Study the past if you would define the future" - Confucius
Reply With Quote Quick reply to this message  
Join Date: Jan 2006
Posts: 275
Reputation: f1 fan is an unknown quantity at this point 
Solved Threads: 11
f1 fan f1 fan is offline Offline
Posting Whiz in Training

Re: ASP.NET wizard control

 
0
  #12
Jan 19th, 2006
Its part of my job - to find security holes in web sites and i think i can get into about 25% of so called "restricted access" websites within 30 seconds by SQL injections. Without knowing anything other than this post i would put money on the fact you are using the SA login, i would also put some good money on the fact that at least 25% of people reading this post are using the default SA password. I would also put money on the fact that 75% of "internal" applications (ie those that are within a lan/subnet for internal use only and not anywhere near the web) use windows logins for authentication and database access (then they wonder why their data is corrupted because all the users are linking access and excel spreadsheets to the data and changing it bypassing the integrity checks.
And just as some casual information... the most popular administrator password is.......... wait for it.... CONTROL
Reply With Quote Quick reply to this message  
Join Date: Jun 2003
Posts: 313
Reputation: red_evolve is on a distinguished road 
Solved Threads: 0
red_evolve's Avatar
red_evolve red_evolve is offline Offline
Posting Whiz

Re: ASP.NET wizard control

 
0
  #13
Jan 20th, 2006
Interesting... Would you mind sharing what's the basic steps needed to secure your web ?
"Study the past if you would define the future" - Confucius
Reply With Quote Quick reply to this message  
Join Date: Jan 2006
Posts: 275
Reputation: f1 fan is an unknown quantity at this point 
Solved Threads: 11
f1 fan f1 fan is offline Offline
Posting Whiz in Training

Re: ASP.NET wizard control

 
0
  #14
Jan 20th, 2006
the very first and most important step is good programming. I cant stress it enough. Test for every eventuality. Too many people think error handling is a try catch block around everything. Secondly implement some login mechanism. Only allow people in the areas you specifically want them in so structure your site with subdirections. Validate every input at least 2x. Once on client side as best as you can (using the validator controls) and once on the server side (and if you can - in the database before a save). Use roles where needed. NEVER use querys in code ALWAYS use stored procedures. Disable the SA login in SQL Server and create a new one if you need to have a non windows one. Do not give windows accounts db permissions (except to DBAs and developers) always use application accounts. Encrypt passwords for connection strings and encrypt connection strings. Hash user passwords. Use strong passwords (a strong password for those who do not know is made up of upper and lower case letters, numbers and symbols). For those who say a strong password is too hard to remember try this. Make up two small words that are not associated (eg car knife) now substitute some symbols and numbers in there (@ or 4 for an A and ! or 1 for an I, and 3 for an E, $ or 5 for an S) and uppercase the first letter of each word. So your password is now C@rKn1f3 Thats a strong password, hard to break and easy to remember - just remember car knife and your substitutions. If you always use the same substitutions eg @ for A then it will be easy to remember and is very strong. If you let people make posts etc on your site then watch for cross site scripting. This is people putting javascript in links etc on your site. It recently happened on ebay where they put javascript in their listings to take people to a spoof login page and got their names and passwords. they managed to slip through ebays java detector (ebay lets you put some javascript on your listings). Use firewalls where you can. Only expose code on the website you need to, keep the rest behind the firewall. Use SSL where you can. Remember you wont keep everyone out. For those that do get in you want to be alerted that they are in and you want to know what they have changed or looked at when they are in.
Reply With Quote Quick reply to this message  
Join Date: Jan 2006
Posts: 275
Reputation: f1 fan is an unknown quantity at this point 
Solved Threads: 11
f1 fan f1 fan is offline Offline
Posting Whiz in Training

Re: ASP.NET wizard control

 
0
  #15
Jan 20th, 2006
Only allow people in the areas you specifically want them in so structure your site with subdirections
Should say structure your site with subdirectories. i should pay attention when i type.
Reply With Quote Quick reply to this message  
Join Date: Jun 2003
Posts: 313
Reputation: red_evolve is on a distinguished road 
Solved Threads: 0
red_evolve's Avatar
red_evolve red_evolve is offline Offline
Posting Whiz

Re: ASP.NET wizard control

 
0
  #16
Jan 26th, 2006
Nice. Thanks. I'm trying to re-read and digest :d
"Study the past if you would define the future" - Confucius
Reply With Quote Quick reply to this message  
Join Date: Feb 2006
Posts: 1
Reputation: jminond is an unknown quantity at this point 
Solved Threads: 0
jminond jminond is offline Offline
Newbie Poster

Re: ASP.NET wizard control

 
0
  #17
Feb 3rd, 2006
Originally Posted by f1 fan
Thats a whole different scenario and requirements First it is better practice for a child not to know about its parent unless it is essential (in fact it is better if neither knows about each other - see the mediator pattern) but that is another topic all together.
From my understanding you have a form a.aspx and the user clicks a link to go to b.aspx where they fill in some information. When they have completed that you want to use the information back in a.aspx?
There are a number of ways to achieve this and you should not call a.method1 to do it. Use any one of the following:
1. use the session and add the values from b.aspx then when you are back in a.aspx get them out of the session and use them. Remember session means the data is going back and forth with every request and postback not just between a and b so clear any session variables you do not need as soon as you have finished with them
2 add the data to the response in b.aspx and get the data when you go back to a.aspx
3. add the data to hidden fields in b.aspx and get them in a.aspx when you get back (the difference between 2 and 3 is Get vs Post)
4. Put the data in a public property in b.aspx and register b.aspx in a.aspx then cast the context.header to b.aspx and get the data from the property (this would not be the recommended way for your requirements but sometimes is the only way)

If you are not sure on any of the above or want more information just shout. I am guessing 2 or 3 would be your best choice but depends how long you need to be able to access the data - maybe the session will be better
Hi,

I have a user control, with an ASP Wizard control inside it.
This control, generates the steps in the wizard dynamically, going throug a data object, and creating the steps and fields, adding the controls to each step, and a new step for a new group of controls.
This is done on the User control DataBind() method

ASP.NET Syntax (Toggle Plain Text) 
  1. override void DataBind()
  2. {
  3.       base.databind();
  4.       createWizardSteps();
  5. }


Now.....
I am having a couple of different issues.
If in the Databind, I set ActiveWizardStep = 1, then the first time my page loads with the control, i see the wizard fine, but then when move to a nother step, i keep getting an error saying that ActiveStep = 2, must be lowerd than wizard stieps, etc.....

1) in what event of my user control, do i need to create the wizard steps? so that they maintain after postabcks? I would really like to only add the controls once on first page load, and then viewstate should be maintianed till the wizard is complete or submitted.

2) do you know of any sample code creating a wizard dynamically through code?
for example if in my app_code i wanted a method that did something like
ASP.NET Syntax (Toggle Plain Text) 
  1. public Wizard GetChairConfigurationWizard(int chaidID)
  2. {
  3.      Wizard retWizard = new Wizard();
  4.      ... code to get groups and controls for wizard..
  5.      ... foreach( Group   )
  6.                ...  retWizard.WizardSteps.Add(createWizardStep(Group)
  7.      .....
  8.      return retWizard;
  9. }


any help or guidance would be appreciated. Thank you,
Jonathan
Reply With Quote Quick reply to this message  
Join Date: May 2006
Posts: 2
Reputation: chapamanuel is an unknown quantity at this point 
Solved Threads: 0
chapamanuel chapamanuel is offline Offline
Newbie Poster

Re: ASP.NET wizard control

 
0
  #18
May 23rd, 2006
Hi,

I have been trying to dynamically add wizard steps to the wizard but, I have not been able to. Could you please tell me how you manage to add wizard steps to the wizard control. The code looks like this:

WizardStepBase wizardStepHelper = null;
wizardStepHelper = new WizardStep();
wizardStepHelper.Controls.Add(new TextBox());
wizardStepHelper.StepType = WizardStepType.Start;
Wizard1.WizardSteps.Add(wizardStepHelper);
for (int j = 1; j < 3; j++)
{

wizardStepHelper = new WizardStep();
wizardStepHelper.Controls.Add(new TextBox());
wizardStepHelper.StepType = WizardStepType.Step;
Wizard1.WizardSteps.Add(wizardStepHelper);

}

wizardStepHelper.Controls.Add(new TextBox());
wizardStepHelper.StepType = WizardStepType.Finish;
Wizard1.WizardSteps.Add(wizardStepHelper);

Could you please tell how you manage to dynamically add wizard steps to the Wizard...

Thanks!
I really appreciate it!!!
Reply With Quote Quick reply to this message  
Join Date: Oct 2008
Posts: 1
Reputation: binusworld is an unknown quantity at this point 
Solved Threads: 0
binusworld binusworld is offline Offline
Newbie Poster

Re: ASP.NET wizard control

 
0
  #19
Oct 7th, 2008
Originally Posted by f1 fan View Post
you need wizCreateBulk.FindControl("txtName") the wizard control is the parent control not the templates...
Ive tried both:
Step1.FindControl("txtName")
wizCreateBulk.FindControl("txtName")

But still get the Null exception error. Any Idea what i Am doing wrong?
Reply With Quote Quick reply to this message  
Reply
1 2

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the ASP.NET Forum
Thread Tools Search this Thread



.net 2.0 activexcontrol advice ajax alltypeofvideos asp asp.net bc30451 bottomasp.net browser businesslogiclayer button c# c#gridviewcolumn checkbox child click commonfunctions compatible confirmationcodegeneration content contenttype courier css dataaccesslayer database datagridview datagridviewcheckbox datalist deadlock development dgv dropdownlist dropdownmenu edit expose feedback flash flv form formatdecimal forms formview gridview homeedition hosting iframe iis javascript jquery listbox login menu microsoft mono mouse mssql multistepregistration news numerical objects order panelmasterpagebuttoncontrols parent radio ratings reportemail rotatepage save schoolproject search security serializesmo.table silverlight smartcard software sql-server sqlserver2005 suse textbox tracking typeof unauthorized validation vb.net video videos virtualdirectory vista visual-studio visualstudio web webapplications webarchitecture webdevelopemnt webprogramming webservice xml youareanotmemberofthedebuggerusers
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC