hi to all,

I am trying to use MVC.
I am using simple Login view.
I just want to implement login form for my users.
firstly I created database User and in that table 'login' with fields id, name, pass. I add values inn that.
I create controller Search==>

public ActionResult search(FormCollection form)
           //to check out I am checking with id field
            var id = Int32.Parse(form["name"]);
            ViewData.Model = u.login.First(m => m.id == id);

            return View();

then i create view

<%@ Page Title="" Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage" %>

<asp:Content ID="Content1" ContentPlaceHolderID="TitleContent" runat="server">

<asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server">

    <% using (Html.BeginForm()) {%>

                <label for="name">First Name:</label>
                <%= Html.TextBox("name") %>
        <input type="submit" value ="submit" />

    <% } %>


when I run it It gives me error that
"value can not be null , parameter name String"

var id = Int32.Parse(form["name"]);

this statement.

what is going wrong here..?
plz help.

and with this I want to ask, "how to prevent SQL injections or is it occur while working with LINQ?"

>"value can not be null , parameter name String"

     if (form["name"] != null)
                int id;
                int.TryParse(form["name"], out id);

>how to prevent SQL injections or is it occur while working with LINQ?

Yes, LINQ stops SQL injection. Read this article - http://www.devx.com/dotnet/Article/34653

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.