hi to all,

I am trying to use MVC.
I am using simple Login view.
I just want to implement login form for my users.
firstly I created database User and in that table 'login' with fields id, name, pass. I add values inn that.
I create controller Search==>

public ActionResult search(FormCollection form)
        {
           //to check out I am checking with id field
            var id = Int32.Parse(form["name"]);
            ViewData.Model = u.login.First(m => m.id == id);

            return View();
        }

then i create view
==>

<%@ Page Title="" Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage" %>

<asp:Content ID="Content1" ContentPlaceHolderID="TitleContent" runat="server">
	search
</asp:Content>

<asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server">

    <h2></h2>
    <% using (Html.BeginForm()) {%>

        
            
            <p>
                <label for="name">First Name:</label>
                <%= Html.TextBox("name") %>
                
            </p>
                     
        <input type="submit" value ="submit" />
        

    <% } %>

</asp:Content>

when I run it It gives me error that
"value can not be null , parameter name String"
at

var id = Int32.Parse(form["name"]);

this statement.

what is going wrong here..?
plz help.

and with this I want to ask, "how to prevent SQL injections or is it occur while working with LINQ?"

>"value can not be null , parameter name String"

....
     if (form["name"] != null)
            {
                int id;
                int.TryParse(form["name"], out id);
                ...
            }

>how to prevent SQL injections or is it occur while working with LINQ?

Yes, LINQ stops SQL injection. Read this article - http://www.devx.com/dotnet/Article/34653

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.