DOWNLOAD THE CODE:
Download the Code 40888.zip

Exploring the Database Objects
The ASP.NET application requires users to log in before they can do anything except navigate to Default.aspx. The initial navigation to this page in a Web session presents a link to Login.aspx, which calls the IsValidMember stored procedure. Later in the article, I show you how to write the VB.NET code to invoke the stored procedure and process its return status value. But first, let's see how the database objects function.

Listing 1 shows the T-SQL code for the IsValidMember stored procedure. In the case of a successful login, the @inID and @inpassword parameters designate MemberID and MemberPW column values for a row in the IDInfo table. With one exception, the stored procedure returns a value of 1 when the @inID and @inpassword parameters appear as column values for a row in IDInfo. Otherwise (i.e., if the parameters aren't column values in IDInfo), the IsValidMember stored procedure returns 0. Even if the @inID and @inpassword parameters match the column values in an IDInfo row, the return status value can still be 0 if the ExpiryDate column value for the row's MemberID value in the ExpiryDates table is before today's date.

To implement its logic, the IsValidMember stored procedure uses a SELECT statement with an inner join between the IDInfo and ExpiryDates tables. The WHERE clause arguments test for the required matching conditions. An IF statement transfers control to the final statement, which returns a value of 1 (logged in) or 0 (not logged in).

The code behind Login.aspx doesn't rely on T-SQL syntax for invoking the IsValidMember stored procedure. Nevertheless, when debugging ASP.NET applications that call stored procedures, you might want to test a stored procedure in Query Analyzer to confirm its operation. The following code shows one approach to testing the stored procedure:

DECLARE @return_status int
Exec @return_status = IsValidMember 'HN1', 'HDoe1'
SELECT @return_status AS 'Return Status'

The value of @return_status will be 1 whenever HN1 and HDoe1 are the MemberID and password values in a row in the IDInfo table.

The CurrentMembers view uses the same kind of SELECT statement as the IsValidMember stored procedure uses. In particular, both SELECT statements join the ExpiryDates table with another table, and the WHERE clause includes a criterion based on a comparison between the ExpiryDate column value and today's date. One distinction between the view and the stored procedure is that the view returns from the ContactInfo table a result set containing column values for FirstName, LastName, EmailAddr, and Phone. With the view's result set, you can populate a DataGrid control that shows the contact information for all current members.

Besides validating membership status, the SqlMagMemberApp application lets users modify their passwords and personal contact data. The EditMyPassword stored procedure in Listing 2 shows the T-SQL syntax that enables user-password updates. The procedure takes two input parameters. The @inID parameter designates the MemberID column value from the IDInfo table whose MemberPW column value should change. The @inpassword parameter specifies the new password. An UPDATE statement assigns the new password value. Although the stored procedure uses qualifiers (ii and ed) that denote IDInfo and ExpiryDates, respectively, for expressions in the ON and WHERE clauses, a qualifier is inappropriate for the UPDATE statement's SET clause because the column names in the SET clause must be from the table you list after the UPDATE keyword.

The ShowMyRow and EditMyRow stored procedures work together in the ASP.NET application. The ShowMyRow stored procedure provides the data to populate text boxes that show contact data for the member identified in the current ASP.NET session. The EditMyRow stored procedure takes input parameters, which the application supplies from text boxes, and updates a row in the ContactInfo table with a MemberID column value that matches the current session's member.

Prev. page     1 [2] 3     next page



You must log on before posting a comment.

If you don't have a username & password, please register now.

Reader Comments

The Code download doesn't contain the table creation sql scripts as the article states.

Lloyd Merithew- January 12, 2004

I have downloaded the 40888.zip file, but it does not contain all of the code need for the article. Is there another place that we need retrieve the rest of the code from?

James Dorame- January 15, 2004

I downloaded the zip, but no ddl scripts to create tables and views. What gives?

linque- January 27, 2004

I have downloaded the code file 40888.zip, but it does not contain the SQL script for creating the database tables or views. It does contain listings for the stored procedures, code behinds, and 2 application folders. I can not find a download file called "MemberApp.zip" associated with InstantDoc 40888.

Eric Heineke- January 28, 2004

The code download for InstantDoc ID 40888 doesn't include the .sql script to create the database tables, stored procedures, and view that hold manipulate and expose membership data.

Bill Hoenig- January 31, 2004

Hi Gang: I can't find the .sql script to create the tables. little help here...!!!

Robbie D- February 05, 2004

I downloaded the code as per the article. Where is the .sql script to create the database and stored procedures? Thank You

Les Gamble- February 07, 2004

It says in the article that a MemberApp.zip file can be downloaded which includes a .SQL script for creating tables etc. However, the only file that I can find to download is 40888.zip which does not contain any .SQL script.

Graeme Gorrie- February 11, 2004

i want to create a connection between VB.NET and SQL SERVER. i also want to access database's table and its attributes. plz send me the complete code to make it possible.

waqas- February 19, 2004

I would be better placed to comment on the article if the download InstantDoc #40888 DID contain the .sql file for creating he database objects. Unfortunately I can't finfd it.

John Vajda- February 25, 2004

 
 

ADS BY GOOGLE